urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/GE486v
Submission: On September 06 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 64 IPs in 10 countries across 48 domains to perform 387 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 225702.
TLS certificate: Issued by R3 on July 24th 2022. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 35.185.130.121 396982 (GOOGLE-CL...)
2 2a04:4e42:400... 54113 (FASTLY)
2 35.186.215.140 15169 (GOOGLE)
26 13.224.189.20 16509 (AMAZON-02)
40 2600:9000:20e... 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 210.59.219.180 3462 (HINET Dat...)
5 2600:9000:21f... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 52.68.234.1 16509 (AMAZON-02)
7 2a02:2638::3 44788 (ASN-CRITE...)
1 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 178.250.0.165 44788 (ASN-CRITE...)
7 210.59.219.181 3462 (HINET Dat...)
2 162.210.196.208 30633 (LEASEWEB-...)
7 103.132.192.30 138552 (RTBHOUSE-...)
11 22 34.96.119.68 15169 (GOOGLE)
11 11 172.105.221.240 63949 (LINODE-AP...)
3 34.95.67.231 396982 (GOOGLE-CL...)
35 203.75.214.136 3462 (HINET Dat...)
1 6 35.201.76.93 15169 (GOOGLE)
1 192.0.78.244 2635 (AUTOMATTIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.0.77.2 2635 (AUTOMATTIC)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.0.78.187 2635 (AUTOMATTIC)
1 34.102.176.152 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
5 34.117.219.39 396982 (GOOGLE-CL...)
1 74.6.138.64 26101 (YAHOO-BF1)
1 2a00:1288:110... 34010 (YAHOO-IRD)
8 16 2a02:2638::1c 44788 (ASN-CRITE...)
10 178.250.0.157 44788 (ASN-CRITE...)
2 7 210.59.219.175 3462 (HINET Dat...)
10 17 172.217.16.194 15169 (GOOGLE)
2 35.227.249.156 15169 (GOOGLE)
6 13.230.137.226 16509 (AMAZON-02)
4 13 192.96.200.41 30633 (LEASEWEB-...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 23.75.240.210 16625 (AKAMAI-AS)
4 23.205.235.133 16625 (AKAMAI-AS)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2001:4de0:ac1... 20446 (STACKPATH...)
2 69.173.144.165 26667 (RUBICONPR...)
1 69.173.158.64 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
29 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 5 104.18.18.126 ()
3 4 185.89.210.46 ()
9 2a00:1450:400... ()
2 2 18.158.190.248 ()
1 1 151.101.66.49 ()
3 3 3.124.103.115 ()
2 2 52.16.225.88 ()
2 2 54.72.207.25 ()
3 3 213.19.147.45 ()
1 2 51.89.9.253 ()
2 172.217.16.130 ()
387 64
6    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
26    13.224.189.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-20.fra2.r.cloudfront.net
img.scupio.com
40    2600:9000:20eb:8a00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
3    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
4    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    210.59.219.180 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
bw.scupio.com
5    2600:9000:21f3:e00:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
adcdn.holmesmind.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    52.68.234.1 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
7    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
8    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
12    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
7    210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
2    162.210.196.208 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
7    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
22    34.96.119.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
11    172.105.221.240 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1875-240.members.linode.com
gocm.c.appier.net
3    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
35    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
de70bd22-baeb-44a3-94bb-14cd46e17526.t.ssp.hinet.net
7c449a90-99c4-45a8-b09d-c95f3f18d280.t.ssp.hinet.net
6    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
1    192.0.78.244 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    2606:4700::6810:fd04 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
img.racingcharger.tw
1    192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
1    34.102.176.152 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 152.176.102.34.bc.googleusercontent.com
static.wixstatic.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
5    34.117.219.39 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 39.219.117.34.bc.googleusercontent.com
fp.holmesmind.com
1    74.6.138.64 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: media-router-flurry71.prod.media.vip.bf1.yahoo.com
ads.yap.yahoo.com
1    2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
geo.yahoo.com
16    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
10    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
7    210.59.219.175 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
rec.scupio.com
17    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
cm.g.doubleclick.net
2    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
6    13.230.137.226 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-137-226.ap-northeast-1.compute.amazonaws.com
ccm.holmesmind.com
13    192.96.200.41 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
6    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a05:d018:d29:3602:330c:6850:f997:69b7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel-apac.rubiconproject.com
3    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
30    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
partner.googleadservices.com
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
bfbe74b7c569249406a4a5423692f87c.safeframe.googlesyndication.com
6d18858f6c3c6302aa1f516eef96cd83.safeframe.googlesyndication.com
8    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
29    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    104.18.18.126 (None, )

ASN- ()
dsum-sec.casalemedia.com
4    185.89.210.46 (None, )

ASN- ()
ib.adnxs.com
9    2a00:1450:4001:810::2006 (None, )

ASN- ()
s0.2mdn.net
2    18.158.190.248 (None, )

ASN- ()
pm.w55c.net
1    151.101.66.49 (None, )

ASN- ()
sync-tm.everesttech.net
3    3.124.103.115 (None, )

ASN- ()
x.bidswitch.net
2    52.16.225.88 (None, )

ASN- ()
r.scoota.co
2    54.72.207.25 (None, )

ASN- ()
match.360yield.com
3    213.19.147.45 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
2    51.89.9.253 (None, )

ASN- ()
onetag-sys.com
2    172.217.16.130 (None, )

ASN- ()
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
74 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 116601
adcdn.holmesmind.com — Cisco Umbrella Rank: 117678
ad.holmesmind.com — Cisco Umbrella Rank: 86167
fcm.holmesmind.com — Cisco Umbrella Rank: 125197
c.holmesmind.com — Cisco Umbrella Rank: 91402
fp.holmesmind.com — Cisco Umbrella Rank: 120330
m.holmesmind.com — Cisco Umbrella Rank: 257193
ccm.holmesmind.com — Cisco Umbrella Rank: 410880
214 KB
61 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
bfbe74b7c569249406a4a5423692f87c.safeframe.googlesyndication.com
6d18858f6c3c6302aa1f516eef96cd83.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
688 KB
44 scupio.com
img.scupio.com — Cisco Umbrella Rank: 69185
bw.scupio.com — Cisco Umbrella Rank: 123502
prebid.scupio.com — Cisco Umbrella Rank: 60966
rec.scupio.com — Cisco Umbrella Rank: 138654
415 KB
38 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 834
gum.criteo.com — Cisco Umbrella Rank: 458
mug.criteo.com — Cisco Umbrella Rank: 1814
49 KB
35 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 76784
de70bd22-baeb-44a3-94bb-14cd46e17526.t.ssp.hinet.net
7c449a90-99c4-45a8-b09d-c95f3f18d280.t.ssp.hinet.net
26 KB
33 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 32146
gocm.c.appier.net — Cisco Umbrella Rank: 3894
5 KB
32 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 188
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
googleads4.g.doubleclick.net
400 KB
15 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 17161
ads.aralego.com — Cisco Umbrella Rank: 25547
sync.aralego.com — Cisco Umbrella Rank: 4304
6 KB
12 google.com
www.google.com — Cisco Umbrella Rank: 19
adservice.google.com — Cisco Umbrella Rank: 142
4 KB
9 2mdn.net
s0.2mdn.net
100 KB
9 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1365
eus.rubiconproject.com — Cisco Umbrella Rank: 840
token.rubiconproject.com — Cisco Umbrella Rank: 1115
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 24812
22 KB
7 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 14031
1 KB
7 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
240 KB
6 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9325
89 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 225702
6 KB
5 casalemedia.com
dsum-sec.casalemedia.com
4 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 3469
adservice.google.de — Cisco Umbrella Rank: 5202
2 KB
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 480
fonts.googleapis.com — Cisco Umbrella Rank: 120
70 KB
4 adnxs.com
ib.adnxs.com
4 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
9 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 gstatic.com
fonts.gstatic.com
47 KB
3 yahoo.com
ads.yap.yahoo.com — Cisco Umbrella Rank: 12579
geo.yahoo.com — Cisco Umbrella Rank: 1922
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 772
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
2 onetag-sys.com
onetag-sys.com
489 B
2 1rx.io
sync.1rx.io
2 KB
2 360yield.com
match.360yield.com
789 B
2 scoota.co
r.scoota.co
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
88 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 972
466 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 976
66 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
35 KB
2 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 83618
11 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 493
54 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
576 B
1 everesttech.net
sync-tm.everesttech.net
537 B
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 638
30 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 7203
1 MB
1 alphaloan.co
blog.alphaloan.co
151 KB
1 racingcharger.tw
img.racingcharger.tw
143 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3720
22 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
115 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 822446
18 KB
1 creditcards.com.tw
creditcards.com.tw
46 KB
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 582
5 KB
1 re-news.tw
storage.re-news.tw
6 KB
0 advertising.com Failed
sync.adaptv.advertising.com Failed
387 48
Domain Requested by
40 cdn.holmesmind.com reurl.cc
cdn.holmesmind.com
ad.holmesmind.com
30 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
29 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
28 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
26 img.scupio.com reurl.cc
img.scupio.com
rec.scupio.com
code.jquery.com
22 ad2.apx.appier.net 11 redirects reurl.cc
17 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
16 gum.criteo.com 8 redirects static.criteo.net
12 bidder.criteo.com img.scupio.com
static.criteo.net
11 gocm.c.appier.net 11 redirects
10 mug.criteo.com
9 s0.2mdn.net reurl.cc
s0.2mdn.net
9 sync.aralego.com 2 redirects img.scupio.com
ads.aralego.com
8 www.google.com 1 redirects reurl.cc
tpc.googlesyndication.com
googleads.g.doubleclick.net
7 rec.scupio.com 2 redirects img.scupio.com
code.jquery.com
7 prebid-asia.creativecdn.com img.scupio.com
cdn.holmesmind.com
7 prebid.scupio.com img.scupio.com
cdn.holmesmind.com
7 static.criteo.net cdn.holmesmind.com
img.scupio.com
static.criteo.net
7 ad.holmesmind.com cdn.holmesmind.com
img.scupio.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
6 cdn.aralego.net reurl.cc
ads.aralego.com
6 ccm.holmesmind.com reurl.cc
cdn.holmesmind.com
6 c.holmesmind.com 1 redirects cdn.holmesmind.com
6 reurl.cc reurl.cc
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 fp.holmesmind.com cdn.holmesmind.com
5 adcdn.holmesmind.com cdn.holmesmind.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 eus.rubiconproject.com reurl.cc
eus.rubiconproject.com
4 ads.aralego.com 2 redirects ads.aralego.com
4 7c449a90-99c4-45a8-b09d-c95f3f18d280.t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
reurl.cc
4 bw.scupio.com img.scupio.com
ajax.googleapis.com
4 www.facebook.com reurl.cc
img.scupio.com
3 x.bidswitch.net 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com reurl.cc
s0.2mdn.net
3 de70bd22-baeb-44a3-94bb-14cd46e17526.t.ssp.hinet.net t.ssp.hinet.net
3 fcm.holmesmind.com cdn.holmesmind.com
3 www.google-analytics.com reurl.cc
www.google-analytics.com
2 googleads4.g.doubleclick.net reurl.cc
2 onetag-sys.com 1 redirects googleads.g.doubleclick.net
2 sync.1rx.io 2 redirects
2 match.360yield.com 2 redirects
2 r.scoota.co 2 redirects
2 pm.w55c.net 2 redirects
2 www.googletagservices.com googleads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 token.rubiconproject.com eus.rubiconproject.com
2 code.jquery.com rec.scupio.com
2 secure-assets.rubiconproject.com 2 redirects
2 m.holmesmind.com cdn.holmesmind.com
2 hb.aralego.com img.scupio.com
2 ajax.googleapis.com img.scupio.com
2 connect.facebook.net reurl.cc
connect.facebook.net
2 ad.sitemaji.com reurl.cc
ad.sitemaji.com
2 cdn.jsdelivr.net reurl.cc
1 sync.targeting.unrulymedia.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 6d18858f6c3c6302aa1f516eef96cd83.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 bfbe74b7c569249406a4a5423692f87c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel-apac.rubiconproject.com eus.rubiconproject.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 geo.yahoo.com reurl.cc
1 ads.yap.yahoo.com s.yimg.com
1 s.yimg.com ad.sitemaji.com
1 static.wixstatic.com reurl.cc
1 blog.alphaloan.co reurl.cc
1 img.racingcharger.tw reurl.cc
1 i0.wp.com reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 creditcards.com.tw reurl.cc
1 www.google.de reurl.cc
1 static.xx.fbcdn.net www.facebook.com
1 stats.g.doubleclick.net www.google-analytics.com
1 storage.re-news.tw reurl.cc
0 sync.adaptv.advertising.com Failed googleads.g.doubleclick.net
387 80

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2022-07-24 -
2022-10-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
feebee.com.tw
R3		 2022-08-23 -
2022-11-21		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2021-10-13 -
2022-11-13		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-16 -
2022-09-14		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2022-08-26 -
2022-11-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.ssp.hinet.net
 2021-10-12 -
2022-10-12		 a year crt.sh
tls.automattic.com
R3		 2022-07-19 -
2022-10-17		 3 months crt.sh
*.prnasia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-08 -
2022-12-08		 a year crt.sh
*.gbyhn.com.tw
E1		 2022-08-04 -
2022-11-02		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-06 -
2023-08-06		 a year crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-30 -
2022-10-27		 6 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-05 -
2022-10-26		 2 months crt.sh
m.yap.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-07-05 -
2022-12-28		 6 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-07-12 -
2023-01-04		 6 months crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh

This page contains 63 frames:

Primary Page: https://reurl.cc/GE486v
Frame ID: CB660531EE6F7335A56680EE76BE5708
Requests: 33 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 26074515B5B052075C10E6F4C88C6B8B
Requests: 2 HTTP requests in this frame

Frame: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Frame ID: 20B2A69471161DE7E104B8CFF0FA0994
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: CFDC53A3D44D63A068B03FA3EE98012F
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 20AC83708DBF03B41EC707C440BE8580
Requests: 25 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: BD65D5301A3F92E9DC36D29C1C81044F
Requests: 12 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: E18D6260F16E360F30D75C21601A157A
Requests: 22 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: 820DD7A774F52CAB48735FF6AA8B9109
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: 9E649D8D36A2C5D1EFA76279002F51AA
Requests: 15 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: A5C19C740271DB1BE714F42F3704C962
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&CFFPCKUUID=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Frame ID: 5FD445E199880EE863E6A76104999965
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&CFFPCKUUID=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Frame ID: D74A8B7B6274703E3C9E2B4C95D19315
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&CFFPCKUUID=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Frame ID: 076832DDEAF720AECA81876C122E5AA2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: FBC0FEC55AAD8E1BAB3A53BA77B80E87
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 5A1E5D80B705C18B1B15BB0EC92A6389
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: F38A20852E4605E2D1BE2C62CEDF1438
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 3ACA6406BA002D5C7738A4CD1ED5F4A7
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: E6A511162DB5733FC4B3200E125E4BC0
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 4DFEBCEF1C2F59AA871FE99B5FF22522
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 05A5599DE01D9E55E00C8E646B5DBFB6
Requests: 19 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 9F04A9A8B8706C73F497C3FD5C52CFFB
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: B6E40362B9CBFC313EC49976D4382A9E
Requests: 20 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 3E3D24E486622B3AED0069FFC1645F77
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: B921DEEF392882C4EA4095E0F1D3984E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 4220EBBC2A6882C82CC3B6D0E2CEEDBE
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: A71C2CEDB2E9F2AEA0CF3C92DD592495
Requests: 14 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&CFFPCKUUID=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Frame ID: 1C57468580E2A337E99B3FFFCDAD09D2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: C1C76F9AE4FA72A003897AF048A75A76
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 114ACCA4728BC737320938CDB9EDD78C
Requests: 2 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&CFFPCKUUID=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Frame ID: EB35B309A777AFF5CCD19DE8C6D7F461
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: D4222487275806ED5F1E79F839DB156C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 3F0229B0DFFA1FF58950C45EEE9B018B
Requests: 5 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: FAA4B8F8923DF57757830F04A912BD02
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENImUSNQix8g-pwMdwcKvEk&google_cver=1&google_ula=3918219,0
Frame ID: DA98AB610F460DB7C43AE2E385B2CC89
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: E3FD531CB28F70F94AC81F5C23AE0642
Requests: 4 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: A05E515A7AE181C85D4EEF6AB2C81302
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENImUSNQix8g-pwMdwcKvEk&google_cver=1&google_ula=3918219,0
Frame ID: F64E12B6DD4834C00B6779F4EFF52E96
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 0D44922D192BF8D26127E3585E9A0AB4
Requests: 3 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=52
Frame ID: FFD94799DDF5808895E81B34C292EA6D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 86EEC312AE22810103D0E28F830C60EC
Requests: 5 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=52
Frame ID: E7BF798E24B21EC9538789387BC4DDFF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 274709FF03D1EA3C58B9199F04E6CE14
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 58AD03FE6841DB0AEE9D441418ED29F5
Requests: 9 HTTP requests in this frame

Frame: https://bfbe74b7c569249406a4a5423692f87c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: E0D751173429844CB9DBDCC527E213E5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: CD6FC7938E0E1EAC23EDF5B9DBD67561
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1662497498&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498464&bpp=14&bdt=412&idt=270&shv=r20220901&mjsv=m202208300101&ptt=5&saldr=sa&correlator=7378697288917&frm=23&ife=1&pv=2&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=1585925989&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=66188118&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=4417266648250826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pux83iswozt3&fsb=1&dtd=283
Frame ID: E4AAFCB601077B60711343E0E633F296
Requests: 9 HTTP requests in this frame

Frame: https://6d18858f6c3c6302aa1f516eef96cd83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: 8BD3418B6AF741DE67B7B9D95365DBA1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 142F7E85A3CD505844FD1FC4B469DE06
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0AAA0E46AE64612E1758A969F4311449
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 25FCA913C8C3C0E57297BAC04F92826F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C936B07AB7404B4C5032F39DF3116BDA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 877CC8A0DE8229D700F0575B52DD1C21
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html
Frame ID: 581AE69142F9EFA0668E968E96DB48D1
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Frame ID: 9778CCABE35C4F468895394E293932F0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5767BF8BD05076C988E55AE3F7E351A4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNW1dMMqC-wgd3OzfRW2c9KR_GnUhsnL2-OO8hcYGXux89HoA4V2hAY-y-H7oXpVEbBYcQRiKyXbiUJ5fy1feNPe4d31fomOl5sDToisYKjWgMa_ZV8uv4JYaU-JriB4a5RAa96gy68uuPSzsIixVqSpYsJIGJEaCdwYu_pcbzVVtv3LcPI
Frame ID: 85CD8285AA2CF329CFE505F387A3610D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9702CBE15FB90D68C5E49F5E7B3916B9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 988B3D21E1EDBDC75F136E0EC9430A7F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 047C3FF0F76170570E32078E6C811CC1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 83D823EAC642B7BA441EEE8646217898
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Frame ID: DD31130B6DD401E0BB70AFE036F2F976
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E16B1E4A95CF1024D97FA404FF1DB732
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 92C6895FF8C8374A1D8C20C2E25D74F1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

387
Requests

89 %
HTTPS

43 %
IPv6

48
Domains

80
Subdomains

64
IPs

10
Countries

4400 kB
Transfer

8167 kB
Size

40
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=QtOUZqazDc-KiS3y2LIXYw
Request Chain 68
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Zy1IFj4ECLmW8HJJ2LIXYw
Request Chain 71
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 100
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
Request Chain 101
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=4_rDaL19Ctqnowa52LIXYw
Request Chain 104
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=jZn_naOHDI-jERRm2LIXYw
Request Chain 105
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=l_F9pJuZC3SX_ajL2LIXYw
Request Chain 106
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=tNDE6CmtAnSByzVb2LIXYw
Request Chain 115
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=3IZoYXxqeWlRYXJnMVBtSlhua3IzMDFTQ0JFbUJRZlJMNllRT3VCRlBQMUlxdDJHV2R1M0NDTStQRGUxTytXdFQ0RzVxZm1KVHlrNkxHVTlOTlRidFVRZDlJOHhyNExaWlN3Q3JMcHRtUUM4MlJyQ1dNdHhJWEpsWUVqNmJ1OFpCZkx5WHExL0NpSDEzTDlpVTZ0ejMvTUp6WHhmVld1U2psZGROZEJQUE8waVNzek0rek0yeitJWTVSMGUram5NYmRxcHhUVFRvWGpLN2pDOERVZU9oNHp4NCtvc21PekY2K3NhRitHM1RRMDRDcXFnS09PVCtOd0tjNmlZRUljOGNEekRvK04vR2xDQzM4SjJ4MFVtbU11OS9Qdz09fA&cppv=2
Request Chain 117
  • https://rec.scupio.com/recweb/js/rec.js HTTP 301
  • https://img.scupio.com/js/rec.js
Request Chain 120
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=pBL5FV9FNnhxbkVrNyUyRmU2aXViWTdRRGtTbG5KS0xKMWhjcVJKRkh5cnRGVlVMa3FiZ3czbWh6JTJGJTJGcmlrUkcwZXlFMGNIciUyQjhEcXZQVVBmaTNtQ3BHbXBwSlE4a1dYTUNqbXJaRHlGNGxxRG9leTVOanlTYUIlMkIwVXNwZDExWllibnNMdk9NcFprTUNFaENSUW0ybCUyRnB2OGlGZkElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=63XOLnxyeGdNVmlqOUttY1FoOVpQUUFLZm84dzhacTdLVmgrUjVLT3pVVG91bk45bVVxRTBWRXZNK3NtMWhGbTBIV0p4VVJCOTBoTXIzbzRUS0pBQm1WRi9WS3R0OW4rVEV6Vi9oQzJmZSt0c2dRZ0xaRlZTeExTZUlHVEIyU0hOa1NmZ3BWZlNoWWJJTXdoQTRRM3JMV1NWRGZ6eGlwOEI3WlBYU0ptUm1RTkYyTWpRZEV6S2hadzlTb1lLaVNqSXlqZ0JncG55VVFIUlFlemhMWFgvVHdIbWF3TWRLbVJBaUZHMmMzSG80K2xmeHArWURKZmJENG9pQ1F1SDVtbGM1UXlpd2o0cjVsRm1tY3hRZTlMTVd3K2ZWYnhaTkptNTlyaDVVcnVUNEk4SGxSMD18&cppv=2
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined&google_tc= HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined&google_gid=CAESENhKaxwTPi_xdLTVxCQiPiE&google_cver=1
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined&google_tc= HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined&google_gid=CAESEDh7LzbrxAZRoH2Ic7SOhaQ&google_cver=1
Request Chain 152
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
Request Chain 153
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
Request Chain 156
  • https://rec.scupio.com/recweb/js/rec.js HTTP 301
  • https://img.scupio.com/js/rec.js
Request Chain 165
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=xYeLE19FNnhxbkVrNyUyRmU2aXViWTdRRGtTbHJRWDNrNCUyQkFRSHI0eVB2dFVQeGJuWlRFR1lNRzVoOGJ3VXJ4MVVSZ1BYWkhaN054MUdKS0JydkI4QXJwSTNtU243OU5PMUNBZWFkYUJrUGVUQkV0ZyUyQiUyQkZIaHNHYnBRY1BMek9JTHBZeVRHV0UxVE5Dc3dYRE9vNVlST05VSGElMkJBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=upqPxnxvZGZFaEFNcldCbEdoSHZOa0pVeGcyYlU0L0syRWJUWkRLK0lQeDkyNHpYeVQ5azRZWXBNVFRnT3IyMTJDTW1qcGx0RGZvM1pPM2xFRHU4aC80YUY3RHdmOGpWZG91aFpBR2hYYnFTZjJhSG5MbzM1cGM2dHAvMGV0bU9vVXNnYWVtN2w5Q1IvZXJOTlo2K0tqN0lHcmxCN3A5RXJoeUNmb1crYmZSWlVWR25EZ2lRT1FJRkNUdUYwN1h3SlNkcmR4NnRXejNpZjFQaVBHYVViNWNCQSs4NVcwMUplZnVxTzJudzRSakk5dURXaFQ2ZzNzN3F5SXU4cW8yOTV1N0NzdzdTKy83U3Jad3ExZHJEY1JJUERJK3g2NjEwb2lZUDFKeEI0UlFUQ0h5az18&cppv=2
Request Chain 178
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=dxOEa3w4Y01QVHlqRWZjM2laNXIwc1kyeFViaUNOclRoV214T1h3d1h2L0U3NWRPaDBVU1VnZFJqODBTaHY4ODh4RmtSRFV1TDZ1dHNBalRtRjAyM2VSMCsvMHlPSUQwK1lWRFNNbm5rQ0tjTUhFeFMvWmpVQjJJQUdBbkp3TGMxY0VTMmtnSjFXTVQvZzZiMzdnSFZsT1lSYWM1S2hPb1N4SEprSGwxUitsaEpHUzZndVNPbXVOS1M2YWNvUnhzV1Rwdk1XS0dlT3d3VXRUeTZjQUI1blBNRWx2UC9rZVNxcWs2Uk5CRlBCeVk5TGVCQ21tK2NYQUwwTUlmOVZPOE04Q0VaRWNTY0kzTmlDYjFkMGlNcERuK08zUE9OcnFCd3ZMQnB1VUFEblRoWUM1ND18&cppv=2
Request Chain 188
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
Request Chain 189
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
Request Chain 194
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=wzecsV9FNnhxbkVrNyUyRmU2aXViWTdRRGtTbG9RaUR4OVRVa0JiZno4ZGdtb3pqb0tURTJlSXJ4ajRPdzZ5clVqVGxiYjlJQ09NTHVQZCUyRktHNU9aNFVyNGYweW9qcU1veXNsODZ5QTdUZ3NCcGNjTjAlMkZLd1dPdmQ3RFFqMlJFbVlWUkl4aSUyRlFkVjFWQWVKcmFYTmpRJTJGNENUSEd3JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=290DDnxkM2pMNGNBMElGc0NjUkZ0alhXRE5KNUxrYURoNDBiclZ0dzBkNzRkVm5FUmFCS1IxM3BCSWdZOUM5OElZZ1N5MmF2Z0xjc2trZjdwbjdOVXl4VVNwSW82b1pCdUx0YnFybmZiVzcwWnNqRkhGYXBoSmJqU1dWbyt0bFN4YWwza01NUmEwdGdUcEMwT0MxTW9jdjFINVl1c1BZZUE4c2xmazVQeFlsOUozeVJVb0ZuNkxuM2x0c1dyU0p4RURpVkFDM28yWWVKQ2FhTXRWOFpxYU44OGhMSzBEOUxWdlozdXJvV0MwZnRtMGt5OW01elJBdTRCekN4L1RhNkNTbHpjaU1FMGpGVVZmMlpWVmY1dVo0Q3EyTXloQ29oMkEzV0syUUNycGlBUGtDaz18&cppv=2
Request Chain 202
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=2&topUrl=reurl.cc&bundle=bsqQKl9LMDhYOEhDQTlBbGNTc0d3ZmczSUlaR0dCYmRZWmVaRnZNbmROa1gxYnJlWDJmeDlRMHFhdUR6RnRiRmVhTDhtUSUyRnNxd01WQW1wYjBPUVJwOHR2dVhDekpjMXFicmd2V3lxY1dHVXZhN0s0M3lSQ2FBT3VPTTJHTUFnMWZiakUlMkY3cSUyRnR1U09sanBaMlZaemZXTkRGWlElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=_ypvbHxRZlh2NFBzRG81WWF5dS8xMVB0VUxHN2pxbXEvbk94a295Q21CSVdHV0JmeVdHNVo3YTl2SjJaTVZnUHJiNGltQmFGUms1UE5UakViRGc1aENhUGtlTXpIamJYVTN4ODFkeTdHVEtXMXdIN2Q5em0veTFHSGdyVW5jb1JSQ0RZai9NVEVnWmZxTUZYUjlYUGtkTmJoTFFSK0dEdjZxMnVraUhQdkNmZy9vTm96aFdRdERKeGtCaUxKUlg2bVIwMlNBKzFJN25qTEFHaDhINXhTbnVuOTNOK2xsQ3REdFhKemR4OXhXbDFjSWRtdlNrcG1xT3JoRkk2UlhzODh6WVlOM2NleVUxYVFUTDE2Mlprdmp2dzd3TjBoMUhwb04xY3dSVWZTcnJCejFaWT18&cppv=2
Request Chain 210
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0hBMjAyMjA5MDcwNDUxMzc2MzY3NTQ%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENImUSNQix8g-pwMdwcKvEk&google_cver=1&google_ula=3918219,0
Request Chain 215
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 217
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CHA20220907045137636754 HTTP 302
  • https://rec.scupio.com/recweb/uxid.aspx?id=8de4e1a2-2192-37ed-93a8-c392c0edfd46
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0RBMjAyMjA5MDcwNDUxMzc0MDkwNjE%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENImUSNQix8g-pwMdwcKvEk&google_cver=1&google_ula=3918219,0
Request Chain 221
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 223
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CDA20220907045137409061 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/8de4e1a2-2192-37ed-93a8-c392c0edfd46?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-Zi25OTZE2oWB3qyCg.embWUqMFt86kmaoN0HrTU-~A&redirect=
Request Chain 230
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 316
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 320
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=qOu50HwrbElHRkwzNEsyeDluUU85R3dGK3N0SUJJUmRQTGN0S1RVZm5qeFA1WTFYVWI4eTFERkVnR1J3UGl3aVRHSFB2b0VuRy9CbWtUanhQVUJ5TUhWc0RZWVQxRjRiYmhNb1hEUFpRS1cwS2NydmovaWZhWE1GdEFFOUpkS0tVVit1MWt2WGRrWkpxWnRXQk9Vams0VFJHQ0VpdC80OTZpQUh0VURsSXo4cUhNcjlSMW15OVdIcDJxUERkOVJ0NnNPZlR1eFd2SEZxQjZnQkpCa1BHWklZcElWQlJPdTUyY1UxNjkxUnVmaEVlM0g1bi9HWmkyMkFEMzhCcFNnbzAzR2xyYzF0K0VwVDZQSEJOM3dlZnI0a3NIZDg2eVRoNCtzWktRZVJ2cDUwOTI3dz18&cppv=2
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJJOykNvsSWsLBrmEqmcM_8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJJOykNvsSWsLBrmEqmcM_8&google_cver=1&C=1
Request Chain 336
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yxey29Ntd9GLIEshl8lTfgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJJOykNvsSWsLBrmEqmcM_8&google_cver=1
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDzRCQG992ZctmbfGBu3zCc&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDzRCQG992ZctmbfGBu3zCc%26google_cver%3D1
Request Chain 338
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3ODc1Njg5NTk3NDIwMDIzNw%3D%3D
Request Chain 347
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=yCOFN3xtWkhzaVNaa2Z1QnBLSDh6YVU5SFZOdnZkc1hmemYxbngyVTdydjVFTEN3QjdKUjVBNVBVU0dGWHV0akFvSFZUaUlKcjA0MVpEOG1PTzhaNWtXcmc3VWxHSzlWRjdCczc0M0lHOXlWTU9uWDBOWTh3Y21lKzlZeVBlOW92NFdxSVlWK1phZTdjM2RFNEEyeEVndDVPdEtBNFZaSGxkenoxbE5idjVQZ3VDTzRvRFo5d0p5OGRtaVREZEFMclJ0OGF1Q1pPQ0t3eXpFSzJrTGJUMktUZG1ZeVVBVmMvOTVCN0xEeXZiNWpLVEtYcTFUSXRNMWoxVUJteUhBUGlTSUJKckk1VXZJdUFLK0dvZEdjTGRvSm8zTklqdjNYL3p3a0E5Z0IwU2NXZWI0Yz18&cppv=2
Request Chain 352
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM8C6dgXmcEB9PkzSpAbZe8&google_cver=1&google_push=AehlK4B6qIJyUUAnELk7nLoyiWJtRztiCCH74W9EDrnUOlV58rxq1rEZ2DMjrQKC-NBuZxXATGmEcrnK181EZHJi2UvOw5MJl1Js2A HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM8C6dgXmcEB9PkzSpAbZe8&google_cver=1&google_push=AehlK4B6qIJyUUAnELk7nLoyiWJtRztiCCH74W9EDrnUOlV58rxq1rEZ2DMjrQKC-NBuZxXATGmEcrnK181EZHJi2UvOw5MJl1Js2A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVQ4TUl4eE8xT3ZGeE41&google_gid=CAESEM8C6dgXmcEB9PkzSpAbZe8&google_cver=1&google_push=AehlK4B6qIJyUUAnELk7nLoyiWJtRztiCCH74W9EDrnUOlV58rxq1rEZ2DMjrQKC-NBuZxXATGmEcrnK181EZHJi2UvOw5MJl1Js2A
Request Chain 353
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEOtgHUO_xDnJrPdkA_C5PQ&google_cver=1&google_push=AehlK4BeZ6dc_iSvfURNVkt2gLAEPYQhi7EfAP0aTlFBTrC19-tP9yIESZdKo8lYy-_LqeZO8_B7Rxusf6Yz_cNfaKo3nwanibPXaQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEOtgHUO_xDnJrPdkA_C5PQ&google_push=AehlK4BeZ6dc_iSvfURNVkt2gLAEPYQhi7EfAP0aTlFBTrC19-tP9yIESZdKo8lYy-_LqeZO8_B7Rxusf6Yz_cNfaKo3nwanibPXaQ
Request Chain 354
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAi8bopQFy3dsBF0E5X0arU&google_cver=1&google_push=AehlK4AtGSIk-c3Opgi93oAcRjUoZqZTzOfVwhDo2svANsELxYXTTrsxTp2EfuWP9bUh2Qkg0i3q4RBWVxhLdwaCvBFLf1hfKWdT HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAi8bopQFy3dsBF0E5X0arU&google_cver=1&google_push=AehlK4AtGSIk-c3Opgi93oAcRjUoZqZTzOfVwhDo2svANsELxYXTTrsxTp2EfuWP9bUh2Qkg0i3q4RBWVxhLdwaCvBFLf1hfKWdT HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=4252b6eb-3095-401e-91d9-5c741c054eaa&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4AtGSIk-c3Opgi93oAcRjUoZqZTzOfVwhDo2svANsELxYXTTrsxTp2EfuWP9bUh2Qkg0i3q4RBWVxhLdwaCvBFLf1hfKWdT&google_hm=VL65KmVmQrGUKKpOZsCvDg==
Request Chain 356
  • https://match.360yield.com/match/ebda?google_gid=CAESEIsbyo4b52uu9GdWFGER7ro&google_cver=1&google_push=AehlK4BU-k_ADVRernfoHzW6yG6s3VUJdVAjJ4VlrJPgc6GmSQ3BGKbK1tMtVhlnQJuIbj2pwxKN3EpnCviDqtlmqBK_cgu8PYuw3A HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIsbyo4b52uu9GdWFGER7ro&google_cver=1&google_push=AehlK4BU-k_ADVRernfoHzW6yG6s3VUJdVAjJ4VlrJPgc6GmSQ3BGKbK1tMtVhlnQJuIbj2pwxKN3EpnCviDqtlmqBK_cgu8PYuw3A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oKT-yjiGT2yO0C9SERVApg&google_push=AehlK4BU-k_ADVRernfoHzW6yG6s3VUJdVAjJ4VlrJPgc6GmSQ3BGKbK1tMtVhlnQJuIbj2pwxKN3EpnCviDqtlmqBK_cgu8PYuw3A
Request Chain 357
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKvVHN-3BvUfNjI_ldPOR9A&google_cver=1&google_push=AehlK4AU0sAOe19YTmG8Khx8lpmxwlP01M2OZf1AFnHm_h-lhgOBiMf-GyyuuntIZQ6j7ENsKHfDLq8V7AEQwa5xOIbIZ8iQZWgMxA HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4AU0sAOe19YTmG8Khx8lpmxwlP01M2OZf1AFnHm_h-lhgOBiMf-GyyuuntIZQ6j7ENsKHfDLq8V7AEQwa5xOIbIZ8iQZWgMxA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1662497499720 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-66ff9461-a101-4ec0-88d6-632e8dd510e1-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4AU0sAOe19YTmG8Khx8lpmxwlP01M2OZf1AFnHm_h-lhgOBiMf-GyyuuntIZQ6j7ENsKHfDLq8V7AEQwa5xOIbIZ8iQZWgMxA%26google_hm%3DA2b_lGGhAU7AiNZjLo3VEOE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4AU0sAOe19YTmG8Khx8lpmxwlP01M2OZf1AFnHm_h-lhgOBiMf-GyyuuntIZQ6j7ENsKHfDLq8V7AEQwa5xOIbIZ8iQZWgMxA&google_hm=A2b_lGGhAU7AiNZjLo3VEOE
Request Chain 358
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPanpw9HiP6PWnSbFjKkNAg&google_cver=1&google_push=AehlK4C2T9aOwf65yfDDYeseaUG0YmLeCWuJRiE1KdWWHv7fV7vRZKcBZXw9Ohd23XI4zInmPFquDgSryyAOHqHrgyocjFICstdxMFI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4C2T9aOwf65yfDDYeseaUG0YmLeCWuJRiE1KdWWHv7fV7vRZKcBZXw9Ohd23XI4zInmPFquDgSryyAOHqHrgyocjFICstdxMFI HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5

387 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request GE486v
reurl.cc/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e5d7cf8170dfa0e5b3c496b63c8225c9249a8424df4ad728377e5d5b4fef28e3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 20:51:34 GMT
server
nginx/1.18.0 (Ubuntu)
target
http://3k1.ru/y77fs
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
7939228
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23235
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
x-served-by
cache-fra19136-FRA, cache-mxp6936-MXP
x-jsd-version-type
version
date
Tue, 06 Sep 2022 20:51:34 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
reurl.cc/stylesheets/rwd/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e54e601faee15c866fc80659f34bf9b78048d72901b77795bb0109d4fdabccf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/GE486v
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:34 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 09:47:30 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62e109b2-dae"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Wed, 06 Sep 2023 20:51:34 GMT
pixel.js
reurl.cc/javascripts/ 		470 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/GE486v
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:34 GMT
content-encoding
gzip
last-modified
Sun, 08 Aug 2021 17:07:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61100f5a-1d6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 06 Sep 2023 20:51:34 GMT
ysm_reurl.js
ad.sitemaji.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_reurl.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 17:10:17 GMT
via
1.1 google
last-modified
Thu, 20 Jun 2019 08:55:05 GMT
server
nginx/1.12.1 (Ubuntu)
age
13277
etag
W/"5d0b49e9-4488"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5880
expires
Wed, 07 Sep 2022 17:10:17 GMT
ad.js
img.scupio.com/js/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f641ad0c0e2731c3ab3eaabdfd3699fa311335b36cd38285a4a7e5fd41f8a896

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:48:04 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 01:25:49 GMT
server
nginx/1.12.1
age
212
etag
W/"630d671d-12f90"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
tnYYmVNG-FiMHD0x2I3XWs6E-YvBh-R-gNEQV02OCXE8W5uwpU3CaQ==
expires
Tue, 06 Sep 2022 21:03:02 GMT
init.js
cdn.holmesmind.com/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
50
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:50:46 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
6552
x-amz-cf-id
GtoVmpjNq0viEY7ToCK1AKEbQL45thvprCbCgjLRcL4lhbQhz8LBTg==
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1284854
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
31634
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
x-served-by
cache-fra19128-FRA, cache-mxp6936-MXP
x-jsd-version-type
version
date
Tue, 06 Sep 2022 20:51:34 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
reurl.cc/javascripts/ 		698 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/GE486v
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:34 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 00:38:33 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62731c89-2ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 06 Sep 2023 20:51:34 GMT
loading.js
reurl.cc/javascripts/ 		240 B
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
25355805f44af99037c6b951f9afd762f5fd74eb126aba4b2f82cafa563c0f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/GE486v
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:34 GMT
content-encoding
gzip
last-modified
Sun, 08 Aug 2021 17:07:38 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61100f5a-f0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 06 Sep 2023 20:51:34 GMT
ga2.js
reurl.cc/javascripts/ 		618 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/ga2.js?v=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/GE486v
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:34 GMT
content-encoding
gzip
last-modified
Thu, 24 Mar 2022 12:16:16 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"623c6110-26a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 06 Sep 2023 20:51:34 GMT
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26737
x-xss-protection
0
pragma
public
x-fb-debug
MY3sJJhcmm4qcbgCBCY8l9xb17PtNb0ZVEsknLnWXzEZLjM0IcUZ2RCv6FHAUv+aJdsBBiRZXxmaihUdowyeuQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 06 Sep 2022 20:51:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
page.php
www.facebook.com/plugins/ Frame 2607 		15 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a024558c7bd1977df1d60ed18f624953f4e8c7fc936152980c1afa4346d80faa
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Tue, 06 Sep 2022 20:51:34 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
5n9NqeJvSP0KWUqAVMSKg7xLevlTivW4VF9BDGFgLZCIAtI5VQtwum6Q2o1Pz4upUBsOD+cCfcugQS6I9HEFlw==
x-fb-rlafr
0
x-xss-protection
0
feeds
storage.re-news.tw/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
12bc83cd3d7f1a3dc4371c98bc05d1daaee800370ad2e9219afa7d41550d2de1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
via
1.1 google
etag
W/"15d2-7nHNpw0dw+8dC3i3q5RtnZlCk+Q"
x-powered-by
Express
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5586
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5736
date
Tue, 06 Sep 2022 19:15:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 06 Sep 2022 21:15:58 GMT
reurl_passback.js
ad.sitemaji.com/native/ Frame 20B2 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_reurl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
br
last-modified
Thu, 29 Aug 2019 10:21:02 GMT
server
nginx/1.12.1 (Ubuntu)
etag
W/"5d67a70e-3bbe"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=86400, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 07 Sep 2022 20:51:35 GMT
1675200226052423
connect.facebook.net/signals/config/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6c54d1bc2012f4e16384ff0386b7e4970ea049f5e78ac9a7f08c47ceaab26214
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7242
x-xss-protection
0
pragma
public
x-fb-debug
iLiAA+DuWH6mNTOoHr4fNdBnfL3qvn7rJH1vT7dGbS50WDLi9BEfv1cSu+4ZeHnL5V9Ip9SXA/3I0xNM6xaMxg==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 06 Sep 2022 20:51:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame CFDC 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
4730
content-type
text/html
date
Tue, 06 Sep 2022 20:51:36 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-id
5hiqx5OY2bphZOnzIVIPo2EC8goH_kXtnbh3uLubcDxpB6axW-m9Nw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ 		662 B
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
34
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:04 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
662
x-amz-cf-id
JJype0K-in1jAsLUgH16H5y1IPTDZCevVhmZhFuTwz7TweV1_VSj2A==
presetfn.js
cdn.holmesmind.com/js/ Frame 20AC 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
age
40
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:50:56 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
9530
x-amz-cf-id
0UaWYSLdf8IcSn6VZCM-ldsbL_c65Wig_cq6dZAZJRO-kPQIJ4THlQ==
presetfn.js
cdn.holmesmind.com/js/ Frame BD65 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
age
40
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:50:56 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
9530
x-amz-cf-id
LgICI0jcz4GfTUa2izzIXN-5WMtrItijxcmmLkGdI0vgpgOZ7kgr0Q==
presetfn.js
cdn.holmesmind.com/js/ Frame E18D 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
age
40
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:50:56 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
9530
x-amz-cf-id
8FeTFNEZ52KzsQh_DSMzFTR3bWA2j8ApzY7K9HzhU9Ww2R3W4-fzog==
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FGE486v&rl=&if=false&ts=1662497494927&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=28&fbp=fb.1.1662497494926.719615353&it=1662497494895&coo=false&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 06 Sep 2022 20:51:34 GMT
17229.json
img.scupio.com/js/config/ 		461 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
9478e704767afc0805e5a7d79aec5a4a1d5a2279d3a3418f885b42e234284d8d

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 06 Sep 2022 20:49:02 GMT
via
1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
age
151
x-cache
Hit from cloudfront
content-length
461
last-modified
Tue, 06 Sep 2022 02:20:45 GMT
server
nginx/1.12.1
etag
"6316ae7d-1cd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
i9gtBa_DQy3KUDuwwQ_srPimf5GSh3_yVaqbDbSHVjyEk-6TdRlgmA==
expires
Tue, 06 Sep 2022 23:49:02 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.040564874110887494
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 06 Sep 2022 20:51:35 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
ad.html
img.scupio.com/html/ Frame 820D 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.65
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1565
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 06 Sep 2022 20:25:57 GMT
etag
W/"62fdf772-14d93"
expires
Thu, 06 Oct 2022 20:25:29 GMT
last-modified
Thu, 18 Aug 2022 08:25:22 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id
Y6kw1XxSvPMJrtuunkOHVL83L_N6lFvK8F0A-ogLLsJuj01WF-WY5w==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
17253.json
img.scupio.com/js/config/ 		461 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
7e3aebdf717e37cc765a6f4404cde0d200e7b8f62d4e0c9922a318b544979bf5

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
via
1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
last-modified
Tue, 06 Sep 2022 02:20:45 GMT
server
nginx/1.12.1
x-amz-cf-pop
FRA2-C1
etag
"6316ae7d-1cd"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
461
x-amz-cf-id
ULK4Dutrshz5GRF9-e7PqpKU1QPdOg5-0ZtSLOB_LPG2VmgvdOFEwQ==
expires
Tue, 06 Sep 2022 23:51:35 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.023178641871232974
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 06 Sep 2022 20:51:35 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
ad.html
img.scupio.com/html/ Frame 9E64 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.65
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1565
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 06 Sep 2022 20:25:57 GMT
etag
W/"62fdf772-14d93"
expires
Thu, 06 Oct 2022 20:25:29 GMT
last-modified
Thu, 18 Aug 2022 08:25:22 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id
agKTNQmYjVVy20q7i283zddABoM7ohQJ_dCCMsjK7hVKfkJ0viUfSw==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=909009509&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FGE486v&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2133587707&gjid=1022718187&cid=930838179.1662497495&tid=UA-102456694-1&_gid=864080584.1662497495&_r=1&_slc=1&z=1592917026
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=909009509&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FGE486v&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MjE3LjY0LjE1MS4zMQ&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=930838179.1662497495&tid=UA-102456694-1&_gid=864080584.1662497495&z=1682852874
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 03:43:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61657
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 20AC 		756 B
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13847
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:49:03 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
152
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
pwipu3vG3Ay0Umfqp3Zv50fZrWuuGreCmHfFXqXbP_Lg9V5zmGdhuQ==
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
Preset.js
adcdn.holmesmind.com/adserver/ Frame BD65 		575 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:49:03 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
152
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Ycaog1zoLRHWhkHl4iMjSHB2sfqvflwrl65VruL2LyQ5w9ojlm5NOw==
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
Preset.js
adcdn.holmesmind.com/adserver/ Frame E18D 		760 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13848
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
37f7cb504e24d04c0a0ad415ed8612013957406bceb5dc53e21ce7480ecbe46d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:49:03 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
152
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
E349A8h4EHwMlBJXAZOk23fdtztjeUWQ9yNyZCTlKC_ChFIQjqm9nA==
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 820D 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 04:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59086
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 04:26:49 GMT
prebid.js
img.scupio.com/js/ Frame 820D 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:47:56 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
age
299
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
4ctWAA7ouyLnTEBxe3ATBPRUePEbwh-u3B151Z0rMgvN3ZmQ4f7Njw==
expires
Thu, 06 Oct 2022 20:46:35 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 9E64 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 04:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59086
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 04:26:49 GMT
prebid.js
img.scupio.com/js/ Frame 9E64 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:47:56 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
age
299
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
s2JGY2aLMeVW6ZgpbB4zJBcvO7HOTa77SHkNw_8yYWWxud97RRIMUQ==
expires
Thu, 06 Oct 2022 20:46:35 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102456694-1&cid=930838179.1662497495&jid=2133587707&gjid=1022718187&_gid=864080584.1662497495&_u=IEBAAEAAAAAAAC~&z=8646535
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 06 Sep 2022 20:51:35 GMT
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
FkQjqY8x90V.css
static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/ Frame 2607 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/FkQjqY8x90V.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
62eec41f1904765b1d973e774e6b3dee84f1037459149eb858547822ce89f996
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vjh0jDgDzAEgEL+5WMIAaQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5034
x-fb-rlafr
0
x-fb-debug
8BvWmbySLMucwP4SWUcN6whfhrjw7onG+aHdGWtX1uAjr0ETCFLlA3XXGS+77gpOmWP202hk8fkccT9D2VVIHA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 05 Sep 2023 19:44:39 GMT
ads.js
ad.holmesmind.com/adserver/ Frame BD65 		2 KB
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=307&o=1&d=1&b=2&ts=1&ii=3&FPCK=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5b098d2faca0251b7f5131e05fcb412642b2c459a71885a7dce3561a7bccdd3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame BD65 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:36 GMT
accept-ranges
bytes
content-length
2773
x-amz-cf-id
SbgYcUyarL6itkc7Y0E9fWYCXvFzKcpktaBTEH3qF4n1xXCbfiznSw==
appierV2.js
cdn.holmesmind.com/js/ Frame BD65 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"548ed610a8571343fb3022f543174735"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:36 GMT
accept-ranges
bytes
content-length
3177
x-amz-cf-id
z_7t4sAh5XxcGEb3BVvek4dl3rGi7Cd2dLcV5dPLN3MBNyHTdQKFkg==
ads.js
ad.holmesmind.com/adserver/ Frame E18D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=384&o=1&d=1&b=2&ts=1&ii=3&FPCK=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60ea373057de7520f017d7ced2dce303747cf717e76b8594a05ed26428f144fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame E18D 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:36 GMT
accept-ranges
bytes
content-length
2773
x-amz-cf-id
rfJdhl9ulBf4Av_6r1B3gD55qafCXw1RPzcHCHAzOctIayeWSfDA4w==
publishertag.js
static.criteo.net/js/ld/ Frame E18D 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
11b360963cee2563b6f93fc397a436c1c5b8ace543f35a9bb76095bd40ceccb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 00:22:12 GMT
server
nginx
etag
W/"63041db4-1ddab"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Sep 2022 20:51:35 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame E18D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:36 GMT
accept-ranges
bytes
content-length
2443
x-amz-cf-id
hysDc-E8e1h9WDGG3ppi2q05AhoeirdYZoYy57sY4N-o45cBpiL17w==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame E18D 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
43
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
4530
x-amz-cf-id
VOsb9amgetQdeRIKtbw7vB0gyXQI01Nhj7UEZiYJDMa31W-GMWyiEQ==
appierV2.js
cdn.holmesmind.com/js/ Frame E18D 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:36 GMT
accept-ranges
bytes
content-length
3177
x-amz-cf-id
t_obp13tqDOtY_KIIGLga9fIFkuBx9C54T9IcmMhij2r92jobZyc1A==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame E18D 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
54
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
2568
x-amz-cf-id
jepYkRKhEfBUnXTKTyGNfZ1zjSSSkYbOFHOzdhLuZgaEQFyaHqgzcw==
ads.js
ad.holmesmind.com/adserver/ Frame 20AC 		0
215 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=186&o=1&d=1&b=2&ts=1&ii=3&FPCK=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 20AC 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
accept-ranges
bytes
content-length
2773
x-amz-cf-id
EKlU21CnYWJ03hcKc1EeV9RGLifuqNs9W0VhK_0QfWS3FEgwEHehQg==
publishertag.js
static.criteo.net/js/ld/ Frame 20AC 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
11b360963cee2563b6f93fc397a436c1c5b8ace543f35a9bb76095bd40ceccb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 00:22:12 GMT
server
nginx
etag
W/"63041db4-1ddab"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Sep 2022 20:51:35 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 20AC 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:36 GMT
accept-ranges
bytes
content-length
2443
x-amz-cf-id
FdKz4Zs1pA8J3zolgc9Xxfy-9cm1e_b7L3_YDw6EJgr9hv8AuCludg==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 20AC 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
43
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
4530
x-amz-cf-id
FMay-DoZk7dNmtHYidBLv9_hzsWO-XLuPr6YVvJ4FLJthMX28q2L8A==
appierV2.js
cdn.holmesmind.com/js/ Frame 20AC 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
accept-ranges
bytes
content-length
3177
x-amz-cf-id
OKPUZp-4UVVcfuQK_8c02aUkPfm33_oDuHYpeNSJ2RZgWeX1szWx-Q==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 20AC 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
54
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
2568
x-amz-cf-id
P-TBB7gYZnweZwrZ5v1fkOwNebNQwSPesHwH520LKaNlqAxIKlzQFg==
currency.json
img.scupio.com/js/config/ Frame 820D 		108 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
804dbf1cfb8eff67c2af5b744d54c6d809bc0077b7425463b666410b55629bac

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Sep 2022 20:47:18 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Tue, 06 Sep 2022 19:15:04 GMT
server
nginx/1.12.1
age
257
etag
"63179c38-6c"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
108
x-amz-cf-id
-KaQuSczGkTM899viLTkvDz2FbhsSOFC8vSPzI2P702BVxiGz990jw==
expires
Tue, 06 Sep 2022 23:47:18 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=930838179.1662497495&jid=2133587707&_u=IEBAAEAAAAAAAC~&z=1734214070
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=930838179.1662497495&jid=2133587707&_u=IEBAAEAAAAAAAC~&z=1734214070
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid.json
ad.holmesmind.com/adserver/ Frame 820D 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1662497495078&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cdb
bidder.criteo.com/ Frame 820D 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=49275162627
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Sep 2022 20:51:34 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid.aspx
prebid.scupio.com/recweb/ Frame 820D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.055891796441398967
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ddb8f85acace4268d38d131835f214f5fdc9b5ee04d86a3c576cb70547219212

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Sep 2022 20:51:35 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1431
header
hb.aralego.com/ Frame 820D 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=27db2806-7ece-46ff-bbed-4b6cabdd9993&u=https%3A%2F%2Freurl.cc%2FGE486v&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=31e7324e-f18c-4054-8f07-bd013ffb8239&w=300&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 06 Sep 2022 20:51:35 GMT
access-control-allow-credentials
true
connection
close
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 820D 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 06 Sep 2022 20:51:35 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 20AC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9376088451451843
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9bcd2276fce67d340eba6667763be3692e175bc864d2b001e30ea00c89cbe603

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 06 Sep 2022 20:51:35 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1333
prebid.aspx
prebid.scupio.com/recweb/ Frame 20AC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.007154832056624594
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d5ecde7dcf3a9d9507633562104fd12ce7087d4aa29c6e2e09ea16a4ebddf5a3

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 06 Sep 2022 20:51:36 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1368
prebid.aspx
prebid.scupio.com/recweb/ Frame E18D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8325266329743837
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
cd302d50a31d96d73822050f4184baf2fe93e0e38d0fd2f4f4783ed6dc33c0a2

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 06 Sep 2022 20:51:35 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1364
bid
ad2.apx.appier.net/v1/prebid/ Frame 20AC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=QtOUZqazDc-KiS3y2LIXYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=QtOUZqazDc-KiS3y2LIXYw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 06 Sep 2022 20:51:36 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=QtOUZqazDc-KiS3y2LIXYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame E18D
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Zy1IFj4ECLmW8HJJ2LIXYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Zy1IFj4ECLmW8HJJ2LIXYw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 06 Sep 2022 20:51:36 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Zy1IFj4ECLmW8HJJ2LIXYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cm.php
fcm.holmesmind.com/ Frame A5C1 		39 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 20:51:35 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame CFDC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 06 Sep 2022 21:01:35 GMT
cm
c.holmesmind.com/ Frame CFDC
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Tue, 06 Sep 2022 20:51:35 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
%E5%B1%88%E8%87%A3%E6%B0%8F%E3%80%81%E5%BA%B7%E6%98%AF%E7%BE%8E%E3%80%81Tomods-%E5%84%AA%E6%83%A0%E5%8C%AF%E6%95%B4%E8%88%87%E7%8F%BE%E9%87%91%E5%9B%9E%E9%A5%8B%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%...
creditcards.com.tw/wp-content/uploads/2022/09/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2022/09/%E5%B1%88%E8%87%A3%E6%B0%8F%E3%80%81%E5%BA%B7%E6%98%AF%E7%BE%8E%E3%80%81Tomods-%E5%84%AA%E6%83%A0%E5%8C%AF%E6%95%B4%E8%88%87%E7%8F%BE%E9%87%91%E5%9B%9E%E9%A5%8B%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.244 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ac91914ff217a1e51a8db3171a0f689fd3577d72a5e926b9179b90a694355b87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
x-ac
2.hhn _atomic_ams
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-length
47128
x-nc
HIT bur 7
last-modified
Tue, 06 Sep 2022 05:59:59 GMT
server
nginx
etag
"bc6c30d6275666c5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Thu, 05 Sep 2024 17:59:59 GMT
MIR4_Logo.jpg
mma.prnasia.com/media2/1848100/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/1848100/MIR4_Logo.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:fd04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d106b52be51cceb76c964d7b72f98a4e57ecfa07e6c47377adf2e3816c5d94b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
cf-cache-status
HIT
age
54164
x-powered-by
ASP.NET
server-timing
intid;desc=8f134a4b5fffbd1b
content-length
17691
last-modified
Tue, 06 Sep 2022 05:48:16 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 06 Sep 2022 05:48:17 GMT
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
746a15617f500229-ZRH
access-control-allow-headers
Content-Type
cf-bgj
h2pri
1662422021-f3209ebff21994087b494235b19bf911-840x525.jpg
img.gbyhn.com.tw/2022/09/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2022/09/1662422021-f3209ebff21994087b494235b19bf911-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef589598a2e7f53b2d64dabea0957822a6ee33e921023cafb6b6bd78ff125074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29439
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
117413
last-modified
Mon, 05 Sep 2022 23:53:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYr8hX81D4B38EjTr5LPMcplbO8nor3LHVcMbGSM2V%2BZHmJGzZbc%2BV2mf%2FfAGlZheDA9KuZj9L0DIBhUvpgtra90ff%2Bqov4TiPEfY7ZYhRTV%2BqMYZIPSnpi6lAcIMfUilmSZ%2F0syvyyDiwXSwNaa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
746a15619e4f83b8-MXP
expires
Mon, 12 Sep 2022 23:56:25 GMT
Picture1.jpg
i0.wp.com/golike.tw/wp-content/uploads/2022/08/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2022/08/Picture1.jpg?fit=554%2C322&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
2dc59097a75277176a58499dc9c118020ec37976f392b96a76704ed444fa2396
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Tue, 06 Sep 2022 20:51:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Sep 2022 10:13:33 GMT
server
nginx
etag
"d5ca0b30c42846af"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2022/08/Picture1.jpg>; rel="canonical"
content-length
21854
expires
Wed, 04 Sep 2024 22:13:33 GMT
2022090113263354.jpg
img.racingcharger.tw/wp-content/uploads/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2022090113263354.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
909b56c47451ef73e3685930dacaf27a007e65b1ab2e46bf2fafa2f8766007cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 01 Sep 2022 13:26:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOjiahrVlgcq9w6psMH8vm1Xq76bjLPmeb2cE%2BN0%2BoUgY0EYKRJvAKVKEJ2kzaf13g8WuSlTsbXg8151y093EMClnDyEuNng2jwZEjlFMaRj7i%2Fq7RcUyNb9xzEghSDkNXvsho2ilZYQIrvx%2B3DMRMclGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=28800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
746a15617f9fba92-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
145772
%E8%A9%B2%E5%A6%82%E4%BD%95%E6%8A%95%E8%B3%87%E8%87%AA%E5%B7%B1%EF%BC%9F-.jpg
blog.alphaloan.co/wp-content/uploads/2022/09/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2022/09/%E8%A9%B2%E5%A6%82%E4%BD%95%E6%8A%95%E8%B3%87%E8%87%AA%E5%B7%B1%EF%BC%9F-.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7ae2f5b5d641c02de5d3222990df1b555a4a41f06b0eedac42b7f5e984454769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
x-ac
2.hhn _atomic_ams
last-modified
Thu, 01 Sep 2022 07:11:29 GMT
server
nginx
etag
"63105b21-25a43"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
154179
expires
Tue, 13 Sep 2022 20:51:35 GMT
file.png
static.wixstatic.com/media/8d2acb_fdb46ac5354548829f23a46cc4d4a954~mv2.jpeg/v1/fit/w_1000,h_720,al_c,q_80/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/8d2acb_fdb46ac5354548829f23a46cc4d4a954~mv2.jpeg/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
42176dd8bba6d2b3043429bc0f0401f069e2c8e3e2642fa3f2cfef58cad0071b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-spanid
6633f5ec6cd397ca
via
1.1 google
server
openresty/1.21.4.1
age
2154326
etag
""
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
date
Fri, 12 Aug 2022 22:26:09 GMT
content-length
1235774
x-traceid
01ce89273cc7385b5327b9fb463f52cf
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wix-tracer
2DH5SVexEf0iAf4VecFZS1sSFWc
x-seen-by
image-manipulator-556498cf55-s7px4
native.js
s.yimg.com/dy/ads/ Frame 20B2 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:44:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
x-amz-request-id
GAZNE2XADJ5C2ER0
x-amz-id-2
fohsX02svWySkmchySBNQVQPEmhWXC4FLAsmZN6lyVy8qlVOuuEKJZ8NjEnjxlZ5d22ASMclPFc=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 12:02:57 GMT
server
ATS
etag
"7e002e241fddeeb8dd76383206c47a3d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=600
accept-ranges
bytes
landing.php
fp.holmesmind.com/ Frame 5FD4 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&CFFPCKUUID=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 20:51:35 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame BD65 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 06 Sep 2022 21:01:35 GMT
landing.php
fp.holmesmind.com/ Frame D74A 		0
249 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&CFFPCKUUID=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 20:51:35 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame E18D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 06 Sep 2022 21:01:35 GMT
landing.php
fp.holmesmind.com/ Frame 0768 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&CFFPCKUUID=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 20:51:35 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 20AC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 06 Sep 2022 21:01:35 GMT
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 20B2 		290 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=64d289b9-de9a-443b-a2c0-d45680807e46&apiKey=M2G62KV2NBNXKBPVHWQN&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Freurl.cc%2FGE486v&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.6.138.64 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
media-router-flurry71.prod.media.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
strict-transport-security
max-age=31536000
b
geo.yahoo.com/ Frame 20B2 		43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:35 GMT
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
1
content-type
image/gif
content-length
43
currency.json
img.scupio.com/js/config/ Frame 9E64 		108 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
804dbf1cfb8eff67c2af5b744d54c6d809bc0077b7425463b666410b55629bac

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Sep 2022 20:47:18 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Tue, 06 Sep 2022 19:15:04 GMT
server
nginx/1.12.1
age
257
etag
"63179c38-6c"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
108
x-amz-cf-id
6RfjG-gklRZwsdEZFnXYvr3tv65eFPWqX9VPqIjPYiS47ajymAlbbQ==
expires
Tue, 06 Sep 2022 23:47:18 GMT
prebid.aspx
prebid.scupio.com/recweb/ Frame 9E64 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.4655991811779834
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
57d3da37e04b89af517579e92611c9445d0022c73efe375a2742935cdcd0bfcd

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Sep 2022 20:51:36 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1362
cdb
bidder.criteo.com/ Frame 9E64 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=63812589398
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Sep 2022 20:51:34 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
header
hb.aralego.com/ Frame 9E64 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=27db2806-7ece-46ff-bbed-4b6cabdd9993&u=https%3A%2F%2Freurl.cc%2FGE486v&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=e0529ca3-6046-4b1e-bfd8-26fbade0be0f&w=970&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 06 Sep 2022 20:51:35 GMT
access-control-allow-credentials
true
connection
close
prebid.json
ad.holmesmind.com/adserver/ Frame 9E64 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1662497495085&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 9E64 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 06 Sep 2022 20:51:35 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
drawV2.js
cdn.holmesmind.com/js/ Frame E18D 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=384&o=1&d=1&b=2&ts=1&ii=3&FPCK=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
49
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
BdK_JHh1SrLybShhvbFc66CDcXjz-MsmbdVWyWJQYqAXNFDXEeaWYg==
drawV2.js
cdn.holmesmind.com/js/ Frame BD65 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=307&o=1&d=1&b=2&ts=1&ii=3&FPCK=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
49
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
krTDVVcgE-15ivI0Msj3gsFjc2WR7sUvQpblrr4sGq1mY0--IaObaQ==
cdb
bidder.criteo.com/ Frame E18D 		177 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=128&profileId=184&cb=94055385793
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4d73e8a3460f7d0a6d772cdc0f0d81d551bc98576ea5a8535061eec0935ee83f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
161
cdb
bidder.criteo.com/ Frame 20AC 		177 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=128&profileId=184&cb=27325465569
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a2e7649b6955bf22325434e8e7fb7ff7211f836d4976197e80f9056b06fdc3b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
163
cdb
bidder.criteo.com/ Frame 20AC 		177 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=128&profileId=184&cb=26380178138
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a35963001f061ff61a2eab6be76cd002f4f6db8e717dc8d61d38a6030546ce9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
163
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame E18D 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:36 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame E18D
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 06 Sep 2022 20:51:36 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame E18D
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=4_rDaL19Ctqnowa52LIXYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=4_rDaL19Ctqnowa52LIXYw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 06 Sep 2022 20:51:36 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=4_rDaL19Ctqnowa52LIXYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame BD65 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:36 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 20AC 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:36 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame 20AC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=jZn_naOHDI-jERRm2LIXYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=jZn_naOHDI-jERRm2LIXYw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 06 Sep 2022 20:51:36 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=jZn_naOHDI-jERRm2LIXYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 20AC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=l_F9pJuZC3SX_ajL2LIXYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=l_F9pJuZC3SX_ajL2LIXYw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 06 Sep 2022 20:51:36 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=l_F9pJuZC3SX_ajL2LIXYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 20AC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=tNDE6CmtAnSByzVb2LIXYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=tNDE6CmtAnSByzVb2LIXYw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 06 Sep 2022 20:51:36 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=tNDE6CmtAnSByzVb2LIXYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
events
bidder.criteo.com/csm/ Frame 20AC 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame E18D 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame 20AC 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
/
t.ssp.hinet.net/ Frame CFDC 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e1aa64b0abcf314497e4152fe273728e6a0d02c2f1ca0849aba06368b87bfe10
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ Frame BD65 		37 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
3ec6c20917b275ab192bd889c6c20ac80560ac6331e5bde1ce23aedb3bc8deea
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ Frame 20AC 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
228ed27c5709ded3a4ee236927e9fd6db15dec2f0f2509b77cba799107daa65b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ Frame E18D 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
0d4a348c4e97036c8b30dcc76ceed47e8726f12945e2ceef545440f01cdd7685
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
syncframe
gum.criteo.com/ Frame FBC0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:35 GMT
server
Kestrel
server-processing-duration-in-ticks
1020326
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame FBC0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=3IZoYXxqeWlRYXJnMVBtSlhua3IzMDFTQ0JFbUJRZlJMNllRT3VCRlBQMUlxdDJHV2R1M0NDTStQRGUxTytXdFQ0RzVxZm1KVHlrNkxHVTlOTlRidFVRZDlJOHhyNExaWlN3Q3JMcHRtUUM4MlJyQ1dNdHhJWEpsWUVqNm...
436 B
673 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3IZoYXxqeWlRYXJnMVBtSlhua3IzMDFTQ0JFbUJRZlJMNllRT3VCRlBQMUlxdDJHV2R1M0NDTStQRGUxTytXdFQ0RzVxZm1KVHlrNkxHVTlOTlRidFVRZDlJOHhyNExaWlN3Q3JMcHRtUUM4MlJyQ1dNdHhJWEpsWUVqNmJ1OFpCZkx5WHExL0NpSDEzTDlpVTZ0ejMvTUp6WHhmVld1U2psZGROZEJQUE8waVNzek0rek0yeitJWTVSMGUram5NYmRxcHhUVFRvWGpLN2pDOERVZU9oNHp4NCtvc21PekY2K3NhRitHM1RRMDRDcXFnS09PVCtOd0tjNmlZRUljOGNEekRvK04vR2xDQzM4SjJ4MFVtbU11OS9Qdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4063cb985703d3943b546ca69dbbc96ca18da2316dced5856d09c2b2f6bf3074
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2270550
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:36 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=3IZoYXxqeWlRYXJnMVBtSlhua3IzMDFTQ0JFbUJRZlJMNllRT3VCRlBQMUlxdDJHV2R1M0NDTStQRGUxTytXdFQ0RzVxZm1KVHlrNkxHVTlOTlRidFVRZDlJOHhyNExaWlN3Q3JMcHRtUUM4MlJyQ1dNdHhJWEpsWUVqNmJ1OFpCZkx5WHExL0NpSDEzTDlpVTZ0ejMvTUp6WHhmVld1U2psZGROZEJQUE8waVNzek0rek0yeitJWTVSMGUram5NYmRxcHhUVFRvWGpLN2pDOERVZU9oNHp4NCtvc21PekY2K3NhRitHM1RRMDRDcXFnS09PVCtOd0tjNmlZRUljOGNEekRvK04vR2xDQzM4SjJ4MFVtbU11OS9Qdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
931891
content-length
0
expires
0
syncframe
gum.criteo.com/ Frame 5A1E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:35 GMT
server
Kestrel
server-processing-duration-in-ticks
1711628
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rec.js
img.scupio.com/js/ Frame F38A
Redirect Chain
  • https://rec.scupio.com/recweb/js/rec.js
  • https://img.scupio.com/js/rec.js
21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/rec.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
a7d1ad0006cf1950121ad6835c13ef6ed3a5bcb8ad583b3b072d5cd776bc83c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:48:03 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:22:11 GMT
server
nginx/1.12.1
age
228
etag
W/"62fb45a3-54c8"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
cache-control
max-age=10800
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
AFz9JXSlTXkk6GAugQ_Ci6tcyZJ9wwZ19bw9kLqfVUpBDz6rxe4Z2w==
expires
Tue, 06 Sep 2022 23:47:49 GMT

Redirect headers

Location
https://img.scupio.com/js/rec.js
Date
Tue, 06 Sep 2022 20:51:37 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
155
Content-Type
text/html; charset=UTF-8
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 820D 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.5823064928206638
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
91eb9adc2d04829e4360211349482a4294d872e051b8f4967a0a83d9b036aa2f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 06 Sep 2022 20:51:36 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
1611
truncated
/ Frame 820D 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
sid
mug.criteo.com/ Frame 5A1E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=pBL5FV9FNnhxbkVrNyUyRmU2aXViWTdRRGtTbG5KS0xKMWhjcVJKRkh5cnRGVlVMa3FiZ3czbWh6JTJGJT...
  • https://mug.criteo.com/sid?cpp=63XOLnxyeGdNVmlqOUttY1FoOVpQUUFLZm84dzhacTdLVmgrUjVLT3pVVG91bk45bVVxRTBWRXZNK3NtMWhGbTBIV0p4VVJCOTBoTXIzbzRUS0pBQm1WRi9WS3R0OW4rVEV6Vi9oQzJmZSt0c2dRZ0xaRlZTeExTZUlHVE...
433 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=63XOLnxyeGdNVmlqOUttY1FoOVpQUUFLZm84dzhacTdLVmgrUjVLT3pVVG91bk45bVVxRTBWRXZNK3NtMWhGbTBIV0p4VVJCOTBoTXIzbzRUS0pBQm1WRi9WS3R0OW4rVEV6Vi9oQzJmZSt0c2dRZ0xaRlZTeExTZUlHVEIyU0hOa1NmZ3BWZlNoWWJJTXdoQTRRM3JMV1NWRGZ6eGlwOEI3WlBYU0ptUm1RTkYyTWpRZEV6S2hadzlTb1lLaVNqSXlqZ0JncG55VVFIUlFlemhMWFgvVHdIbWF3TWRLbVJBaUZHMmMzSG80K2xmeHArWURKZmJENG9pQ1F1SDVtbGM1UXlpd2o0cjVsRm1tY3hRZTlMTVd3K2ZWYnhaTkptNTlyaDVVcnVUNEk4SGxSMD18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5b7ff1cab81b0c30a68b3e27f7720bcf2dd1956912d7a3b57addb32f71d9f393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1709484
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:36 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=63XOLnxyeGdNVmlqOUttY1FoOVpQUUFLZm84dzhacTdLVmgrUjVLT3pVVG91bk45bVVxRTBWRXZNK3NtMWhGbTBIV0p4VVJCOTBoTXIzbzRUS0pBQm1WRi9WS3R0OW4rVEV6Vi9oQzJmZSt0c2dRZ0xaRlZTeExTZUlHVEIyU0hOa1NmZ3BWZlNoWWJJTXdoQTRRM3JMV1NWRGZ6eGlwOEI3WlBYU0ptUm1RTkYyTWpRZEV6S2hadzlTb1lLaVNqSXlqZ0JncG55VVFIUlFlemhMWFgvVHdIbWF3TWRLbVJBaUZHMmMzSG80K2xmeHArWURKZmJENG9pQ1F1SDVtbGM1UXlpd2o0cjVsRm1tY3hRZTlMTVd3K2ZWYnhaTkptNTlyaDVVcnVUNEk4SGxSMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
483673
content-length
0
expires
0
emome2
t.ssp.hinet.net/ Frame 20AC 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=de70bd22-baeb-44a3-94bb-14cd46e17526
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame CFDC 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=7aef91b0-6f93-4a48-b250-8b1147cc34bd
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame BD65 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=de70bd22-baeb-44a3-94bb-14cd46e17526
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame E18D 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=de70bd22-baeb-44a3-94bb-14cd46e17526
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
init.js
cdn.holmesmind.com/js/ Frame 3ACA 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
52
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:50:46 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
6552
x-amz-cf-id
lJv_AQeJAw56ur-Z-bowU3_5P_suD5hNO9lufjvbuK6KwSidx6u7Wg==
init.js
cdn.holmesmind.com/js/ Frame E6A5 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
age
52
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:50:46 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
6552
x-amz-cf-id
B95eHInsFPfIS1Wh78IaQ1ZrpdiCB60HBJiBb0piqSchO09YOs3cgA==
capmapping.htm
cdn.holmesmind.com/js/ Frame 4DFE 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
content-length
4730
content-type
text/html
date
Tue, 06 Sep 2022 20:51:36 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-id
lM3oWb5hjdyKU94qoXIy6AKY-zYbjLloatfrxN7D-fRx9qvx-03rAQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 3ACA 		662 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
36
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:04 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
662
x-amz-cf-id
7PBPIWSzRF8k1ZGmL_f067eFfDgvneXsNkx8F7sbvDcsU2jI3fV6TA==
presetfn.js
cdn.holmesmind.com/js/ Frame 05A5 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
age
42
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:50:56 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
9530
x-amz-cf-id
-6cNAh4OWa-QEWQUzzkBb1igj--433JyJcNeiyzNcZBfqDdyIX4kiw==
capmapping.htm
cdn.holmesmind.com/js/ Frame 9F04 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
content-length
4730
content-type
text/html
date
Tue, 06 Sep 2022 20:51:36 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-id
ZC6NxpB5Gs3Jh3oZgU1SqSDlGQOczuQuklJ6VQ34qSOKxWTEGffwBA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame E6A5 		662 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
36
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:04 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
662
x-amz-cf-id
5t1sft2DSH-Z1sYY0SL-a1vUmNtFmWSMHdj73GveTLHsjYNnco5qog==
presetfn.js
cdn.holmesmind.com/js/ Frame B6E4 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
age
42
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:50:56 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
9530
x-amz-cf-id
CHLAaQXI62UnZdmNIC7qvlA_KHCkjOFlSuY25RjBsxMJWPkJQR6MNg==
cm.php
fcm.holmesmind.com/ Frame 3E3D 		95 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
86
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 20:51:36 GMT
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 4DFE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 06 Sep 2022 21:01:36 GMT
cm
c.holmesmind.com/ Frame 4DFE 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 4DFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined&google_tc=
  • https://m.holmesmind.com/ml/google?cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined&google_gid=CAESENhKaxwTPi_xdLTVxCQiPiE&google_cver=1
0
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined&google_gid=CAESENhKaxwTPi_xdLTVxCQiPiE&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
x-guploader-uploadid
ADPycdu61u0kkzfc4GsT5x8sktpQXqB9qFQxJdWwmZBpguTWpLQX6dS7Q30wqW-oK9i-XKzfYLuNoM4UQqfyIryJORINCg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation
1519198601160228
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
content-type
image/png
expires
Tue, 06 Sep 2022 21:51:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.holmesmind.com/ml/google?cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined&google_gid=CAESENhKaxwTPi_xdLTVxCQiPiE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 05A5 		1 KB
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13849
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
zCjeRkKrlr4WvX-BxvwQ5BPzHXVJcgaB5rXZMVIMFJ5THvkWSxIbCw==
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
cm
c.holmesmind.com/ Frame 9F04 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
cm.php
fcm.holmesmind.com/ Frame B921 		95 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
86
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 20:51:36 GMT
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 9F04 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 06 Sep 2022 21:01:36 GMT
google
m.holmesmind.com/ml/ Frame 9F04
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined&google_tc=
  • https://m.holmesmind.com/ml/google?cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined&google_gid=CAESEDh7LzbrxAZRoH2Ic7SOhaQ&google_cver=1
0
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined&google_gid=CAESEDh7LzbrxAZRoH2Ic7SOhaQ&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
x-guploader-uploadid
ADPycdvqroZwHxgRlZfTbNUBwr6DZQOwrYuX0YBS-8UEbY9ukTL8q7p5AmEpdqjfKKHiaYa0ry3RnFjkuGkFUIqceWyeZw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation
1519198601160228
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
content-type
image/png
expires
Tue, 06 Sep 2022 21:51:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://m.holmesmind.com/ml/google?cf_uid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&uu_m=undefined&google_gid=CAESEDh7LzbrxAZRoH2Ic7SOhaQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame B6E4 		1 KB
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:49:06 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
150
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Lm99icXshN7sYwBrCNYma1fmRluUXHMaGxp-vH_aapC0EwHaQ1Popg==
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
ads.js
ad.holmesmind.com/adserver/ Frame B6E4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=856&o=1&d=1&b=2&ts=1&ii=2&FPCK=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9abfda65b439af48631f96c926b8f3590e0bdff2fb81558867d0405bae19e344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame B6E4 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
1
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
2773
x-amz-cf-id
cKuga88VzKotXg4W0KLkYmL20K5VGcPE-HxOcwHngnM7fsU0yE5WzA==
publishertag.js
static.criteo.net/js/ld/ Frame B6E4 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
11b360963cee2563b6f93fc397a436c1c5b8ace543f35a9bb76095bd40ceccb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 00:22:12 GMT
server
nginx
etag
W/"63041db4-1ddab"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Sep 2022 20:51:36 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame B6E4 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
1
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:36 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
2443
x-amz-cf-id
JRoWK97m7exDkk8RhpgdH3U8y62GqqFhVzAQjlTEFB-0HM3jaMbWRw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame B6E4 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
44
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
4530
x-amz-cf-id
9Iy4B6_2Owagf4ULuDD0YefZ24ADONX4_grRTg3sBynOmoQ1dKb9Rg==
appierV2.js
cdn.holmesmind.com/js/ Frame B6E4 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
1
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
3177
x-amz-cf-id
rVcQR7x2ashTHYBcxVTinkeVYvS6eoGXNoJn-X0e3wtO6_FPcV1OJg==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame B6E4 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
55
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
2568
x-amz-cf-id
76yqA1UDlQfun-lIUNfv6fmGXVRN5v_Z13uyxCpJpNF8V27rqSrAGA==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame B6E4 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:36 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame B6E4 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7642484988805873
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
58198173ea6444feaeb64ef76fed8f3a45a0faf74a89bed485485aa64f916311

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 06 Sep 2022 20:51:36 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1374
bid
ad2.apx.appier.net/v1/prebid/ Frame B6E4
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 06 Sep 2022 20:51:36 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame B6E4
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 06 Sep 2022 20:51:36 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
syncframe
gum.criteo.com/ Frame 4220 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:36 GMT
server
Kestrel
server-processing-duration-in-ticks
4800279
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame B6E4 		187 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=128&profileId=184&bundle=xYeLE19FNnhxbkVrNyUyRmU2aXViWTdRRGtTbHJRWDNrNCUyQkFRSHI0eVB2dFVQeGJuWlRFR1lNRzVoOGJ3VXJ4MVVSZ1BYWkhaN054MUdKS0JydkI4QXJwSTNtU243OU5PMUNBZWFkYUJrUGVUQkV0ZyUyQiUyQkZIaHNHYnBRY1BMek9JTHBZeVRHV0UxVE5Dc3dYRE9vNVlST05VSGElMkJBJTNEJTNE&cb=88440848269
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9f1c30d3f3f0b2a418e6d3b735ab2a2a73ce6522b0c97a2c1cd8e67b247dc2f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 06 Sep 2022 20:51:35 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
169
rec.js
img.scupio.com/js/ Frame A71C
Redirect Chain
  • https://rec.scupio.com/recweb/js/rec.js
  • https://img.scupio.com/js/rec.js
21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/rec.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
a7d1ad0006cf1950121ad6835c13ef6ed3a5bcb8ad583b3b072d5cd776bc83c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:48:03 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:22:11 GMT
server
nginx/1.12.1
age
228
etag
W/"62fb45a3-54c8"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
cache-control
max-age=10800
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
bOTTY_r7Iu_1kRxULAUpG81Qgl-Zensku7FNLkWft-9BruoGeZKWOA==
expires
Tue, 06 Sep 2022 23:47:49 GMT

Redirect headers

Location
https://img.scupio.com/js/rec.js
Date
Tue, 06 Sep 2022 20:51:37 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
155
Content-Type
text/html; charset=UTF-8
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 9E64 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.430453216283053
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
078faf153830306b0fc86526dec3bbc456c3792f867934d952589b1e6120c79b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 06 Sep 2022 20:51:37 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
1475
truncated
/ Frame 9E64 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
cm
t.ssp.hinet.net/ Frame BD65 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&mp=de70bd22-baeb-44a3-94bb-14cd46e17526
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
de70bd22-baeb-44a3-94bb-14cd46e17526.t.ssp.hinet.net/ Frame BD65 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de70bd22-baeb-44a3-94bb-14cd46e17526.t.ssp.hinet.net/pixel?bd=de70bd22-baeb-44a3-94bb-14cd46e17526&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
pixel
de70bd22-baeb-44a3-94bb-14cd46e17526.t.ssp.hinet.net/ Frame 20AC 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de70bd22-baeb-44a3-94bb-14cd46e17526.t.ssp.hinet.net/pixel?bd=de70bd22-baeb-44a3-94bb-14cd46e17526&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 20AC 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&mp=de70bd22-baeb-44a3-94bb-14cd46e17526
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
de70bd22-baeb-44a3-94bb-14cd46e17526.t.ssp.hinet.net/ Frame E18D 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de70bd22-baeb-44a3-94bb-14cd46e17526.t.ssp.hinet.net/pixel?bd=de70bd22-baeb-44a3-94bb-14cd46e17526&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame E18D 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&mp=de70bd22-baeb-44a3-94bb-14cd46e17526
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
sid
mug.criteo.com/ Frame 4220
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=xYeLE19FNnhxbkVrNyUyRmU2aXViWTdRRGtTbHJRWDNrNCUyQkFRSHI0eVB2dFVQeGJuWlRFR1lNRzVoOG...
  • https://mug.criteo.com/sid?cpp=upqPxnxvZGZFaEFNcldCbEdoSHZOa0pVeGcyYlU0L0syRWJUWkRLK0lQeDkyNHpYeVQ5azRZWXBNVFRnT3IyMTJDTW1qcGx0RGZvM1pPM2xFRHU4aC80YUY3RHdmOGpWZG91aFpBR2hYYnFTZjJhSG5MbzM1cGM2dHAvMG...
427 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=upqPxnxvZGZFaEFNcldCbEdoSHZOa0pVeGcyYlU0L0syRWJUWkRLK0lQeDkyNHpYeVQ5azRZWXBNVFRnT3IyMTJDTW1qcGx0RGZvM1pPM2xFRHU4aC80YUY3RHdmOGpWZG91aFpBR2hYYnFTZjJhSG5MbzM1cGM2dHAvMGV0bU9vVXNnYWVtN2w5Q1IvZXJOTlo2K0tqN0lHcmxCN3A5RXJoeUNmb1crYmZSWlVWR25EZ2lRT1FJRkNUdUYwN1h3SlNkcmR4NnRXejNpZjFQaVBHYVViNWNCQSs4NVcwMUplZnVxTzJudzRSakk5dURXaFQ2ZzNzN3F5SXU4cW8yOTV1N0NzdzdTKy83U3Jad3ExZHJEY1JJUERJK3g2NjEwb2lZUDFKeEI0UlFUQ0h5az18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
83c664de923e3404fa4d802e220c55463fa423844f07184528aab1b841766d78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2278422
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:36 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=upqPxnxvZGZFaEFNcldCbEdoSHZOa0pVeGcyYlU0L0syRWJUWkRLK0lQeDkyNHpYeVQ5azRZWXBNVFRnT3IyMTJDTW1qcGx0RGZvM1pPM2xFRHU4aC80YUY3RHdmOGpWZG91aFpBR2hYYnFTZjJhSG5MbzM1cGM2dHAvMGV0bU9vVXNnYWVtN2w5Q1IvZXJOTlo2K0tqN0lHcmxCN3A5RXJoeUNmb1crYmZSWlVWR25EZ2lRT1FJRkNUdUYwN1h3SlNkcmR4NnRXejNpZjFQaVBHYVViNWNCQSs4NVcwMUplZnVxTzJudzRSakk5dURXaFQ2ZzNzN3F5SXU4cW8yOTV1N0NzdzdTKy83U3Jad3ExZHJEY1JJUERJK3g2NjEwb2lZUDFKeEI0UlFUQ0h5az18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
743355
content-length
0
expires
0
events
bidder.criteo.com/csm/ Frame B6E4 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
landing.php
fp.holmesmind.com/ Frame 1C57 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&CFFPCKUUID=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 20:51:36 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame B6E4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 06 Sep 2022 21:01:36 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 820D 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Sep 2022 20:51:36 GMT
syncframe
gum.criteo.com/ Frame C1C7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:36 GMT
server
Kestrel
server-processing-duration-in-ticks
1414931
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 820D 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 00:22:08 GMT
server
nginx
etag
W/"63041db0-15cdc"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Sep 2022 20:51:36 GMT
/
t.ssp.hinet.net/ Frame 4DFE 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
bc71a05215f54a1bb4a16508fb84ed84e31a97f7ac0a4fbf49ba9d023131f3c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
/
t.ssp.hinet.net/ Frame 9F04 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
bc71a05215f54a1bb4a16508fb84ed84e31a97f7ac0a4fbf49ba9d023131f3c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
drawV2.js
cdn.holmesmind.com/js/ Frame B6E4 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=856&o=1&d=1&b=2&ts=1&ii=2&FPCK=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
50
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
W5YqsbC9p_pYebjniur6duF9NZN0agIzaLdAN_1f6lXUl36CCoZlvg==
chtmp.php
ccm.holmesmind.com/ Frame E6A5 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq%26SID%3D52662%26Tags%3D2200%2C2198%2C2196%2C2188%2C2199%2C2197%2C2195%2C2187
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.230.137.226 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-137-226.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame E6A5 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq%26SID%3D52655%26Tags%3D2003%2C2002
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.230.137.226 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-137-226.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame E6A5 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq%26SID%3D52661%26Tags%3D2003%2C2002
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.230.137.226 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-137-226.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
sid
mug.criteo.com/ Frame C1C7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=dxOEa3w4Y01QVHlqRWZjM2laNXIwc1kyeFViaUNOclRoV214T1h3d1h2L0U3NWRPaDBVU1VnZFJqODBTaHY4ODh4RmtSRFV1TDZ1dHNBalRtRjAyM2VSMCsvMHlPSUQwK1lWRFNNbm5rQ0tjTUhFeFMvWmpVQjJJQUdBbk...
420 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=dxOEa3w4Y01QVHlqRWZjM2laNXIwc1kyeFViaUNOclRoV214T1h3d1h2L0U3NWRPaDBVU1VnZFJqODBTaHY4ODh4RmtSRFV1TDZ1dHNBalRtRjAyM2VSMCsvMHlPSUQwK1lWRFNNbm5rQ0tjTUhFeFMvWmpVQjJJQUdBbkp3TGMxY0VTMmtnSjFXTVQvZzZiMzdnSFZsT1lSYWM1S2hPb1N4SEprSGwxUitsaEpHUzZndVNPbXVOS1M2YWNvUnhzV1Rwdk1XS0dlT3d3VXRUeTZjQUI1blBNRWx2UC9rZVNxcWs2Uk5CRlBCeVk5TGVCQ21tK2NYQUwwTUlmOVZPOE04Q0VaRWNTY0kzTmlDYjFkMGlNcERuK08zUE9OcnFCd3ZMQnB1VUFEblRoWUM1ND18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2d54603fd4481951f3e4ccb362f9e6d97a65e2516cf2b68ce8ca771b3bc9dda2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2291947
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:36 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=dxOEa3w4Y01QVHlqRWZjM2laNXIwc1kyeFViaUNOclRoV214T1h3d1h2L0U3NWRPaDBVU1VnZFJqODBTaHY4ODh4RmtSRFV1TDZ1dHNBalRtRjAyM2VSMCsvMHlPSUQwK1lWRFNNbm5rQ0tjTUhFeFMvWmpVQjJJQUdBbkp3TGMxY0VTMmtnSjFXTVQvZzZiMzdnSFZsT1lSYWM1S2hPb1N4SEprSGwxUitsaEpHUzZndVNPbXVOS1M2YWNvUnhzV1Rwdk1XS0dlT3d3VXRUeTZjQUI1blBNRWx2UC9rZVNxcWs2Uk5CRlBCeVk5TGVCQ21tK2NYQUwwTUlmOVZPOE04Q0VaRWNTY0kzTmlDYjFkMGlNcERuK08zUE9OcnFCd3ZMQnB1VUFEblRoWUM1ND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
658758
content-length
0
expires
0
ads.js
ad.holmesmind.com/adserver/ Frame 05A5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=572&o=1&d=1&b=2&ts=1&ii=2&FPCK=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0cd39e6f26b52b1f624ef0ba9af33d1462d3ea7fae567340a1bff76cb0a77d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 05A5 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
age
1
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
2773
x-amz-cf-id
G4NMZI0ztq1nF_ELwgOtMArHWkFLYVoqHVgwuTBnbxlV595MuJoyvw==
publishertag.js
static.criteo.net/js/ld/ Frame 05A5 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
11b360963cee2563b6f93fc397a436c1c5b8ace543f35a9bb76095bd40ceccb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 00:22:12 GMT
server
nginx
etag
W/"63041db4-1ddab"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Sep 2022 20:51:37 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 05A5 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
age
1
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:36 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
2443
x-amz-cf-id
raJvdKr9KAroPpIOv2wS5UNEyXv9GSLs_7pTLkUbmi8seoiB3hOrHQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 05A5 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
age
44
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
4530
x-amz-cf-id
u0bfXQfdg-1KZI1Nz_4KXcvIwNc5hsvGAQ5uA01jVEGOu7big_O4sg==
appierV2.js
cdn.holmesmind.com/js/ Frame 05A5 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
age
1
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
3177
x-amz-cf-id
RZ28sgPkisbysa3bjPoJuRSxEkVD3_z-QoX58jML-RDfkp5X7DQDaw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 05A5 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Fri, 15 Oct 2021 07:41:44 GMT
server
AmazonS3
age
55
etag
"adc35fd9401ac04bdb2a47c466e46174"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
2568
x-amz-cf-id
Zj7LevXZIPjazCSIM63HhM2puhowkIsYtwVmsXFUPheM4J44zw4NDg==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 05A5 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:37 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 05A5 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.3002208876768604
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a4379075b3fa8d6eba5f4dfff40696c76d80fd61349989b693d42c1e761f14d3

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 06 Sep 2022 20:51:36 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1379
bid
ad2.apx.appier.net/v1/prebid/ Frame 05A5
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 06 Sep 2022 20:51:37 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 05A5
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 06 Sep 2022 20:51:37 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=0Z3p9ENoDQqH1snX2LIXYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
syncframe
gum.criteo.com/ Frame 114A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:36 GMT
server
Kestrel
server-processing-duration-in-ticks
1286898
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame 05A5 		177 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=128&profileId=184&bundle=wzecsV9FNnhxbkVrNyUyRmU2aXViWTdRRGtTbG9RaUR4OVRVa0JiZno4ZGdtb3pqb0tURTJlSXJ4ajRPdzZ5clVqVGxiYjlJQ09NTHVQZCUyRktHNU9aNFVyNGYweW9qcU1veXNsODZ5QTdUZ3NCcGNjTjAlMkZLd1dPdmQ3RFFqMlJFbVlWUkl4aSUyRlFkVjFWQWVKcmFYTmpRJTJGNENUSEd3JTNEJTNE&cb=48320646356
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
dd0e6105830807eed3fa90db33dd79bb436b03ef5cfe148eda8a19eaa0d7f930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
162
/
t.ssp.hinet.net/ Frame B6E4 		36 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
bc71a05215f54a1bb4a16508fb84ed84e31a97f7ac0a4fbf49ba9d023131f3c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
events
bidder.criteo.com/csm/ Frame 05A5 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 06 Sep 2022 20:51:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
sid
mug.criteo.com/ Frame 114A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=wzecsV9FNnhxbkVrNyUyRmU2aXViWTdRRGtTbG9RaUR4OVRVa0JiZno4ZGdtb3pqb0tURTJlSXJ4ajRPdz...
  • https://mug.criteo.com/sid?cpp=290DDnxkM2pMNGNBMElGc0NjUkZ0alhXRE5KNUxrYURoNDBiclZ0dzBkNzRkVm5FUmFCS1IxM3BCSWdZOUM5OElZZ1N5MmF2Z0xjc2trZjdwbjdOVXl4VVNwSW82b1pCdUx0YnFybmZiVzcwWnNqRkhGYXBoSmJqU1dWby...
436 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=290DDnxkM2pMNGNBMElGc0NjUkZ0alhXRE5KNUxrYURoNDBiclZ0dzBkNzRkVm5FUmFCS1IxM3BCSWdZOUM5OElZZ1N5MmF2Z0xjc2trZjdwbjdOVXl4VVNwSW82b1pCdUx0YnFybmZiVzcwWnNqRkhGYXBoSmJqU1dWbyt0bFN4YWwza01NUmEwdGdUcEMwT0MxTW9jdjFINVl1c1BZZUE4c2xmazVQeFlsOUozeVJVb0ZuNkxuM2x0c1dyU0p4RURpVkFDM28yWWVKQ2FhTXRWOFpxYU44OGhMSzBEOUxWdlozdXJvV0MwZnRtMGt5OW01elJBdTRCekN4L1RhNkNTbHpjaU1FMGpGVVZmMlpWVmY1dVo0Q3EyTXloQ29oMkEzV0syUUNycGlBUGtDaz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1a70ddba11bf36ff0f38237fb467dad12bbc3bd8f6d8472a75ad93d630e751b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
6847446
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:36 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=290DDnxkM2pMNGNBMElGc0NjUkZ0alhXRE5KNUxrYURoNDBiclZ0dzBkNzRkVm5FUmFCS1IxM3BCSWdZOUM5OElZZ1N5MmF2Z0xjc2trZjdwbjdOVXl4VVNwSW82b1pCdUx0YnFybmZiVzcwWnNqRkhGYXBoSmJqU1dWbyt0bFN4YWwza01NUmEwdGdUcEMwT0MxTW9jdjFINVl1c1BZZUE4c2xmazVQeFlsOUozeVJVb0ZuNkxuM2x0c1dyU0p4RURpVkFDM28yWWVKQ2FhTXRWOFpxYU44OGhMSzBEOUxWdlozdXJvV0MwZnRtMGt5OW01elJBdTRCekN4L1RhNkNTbHpjaU1FMGpGVVZmMlpWVmY1dVo0Q3EyTXloQ29oMkEzV0syUUNycGlBUGtDaz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
756774
content-length
0
expires
0
emome2
t.ssp.hinet.net/ Frame 4DFE 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=7c449a90-99c4-45a8-b09d-c95f3f18d280
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
emome2
t.ssp.hinet.net/ Frame 9F04 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=7c449a90-99c4-45a8-b09d-c95f3f18d280
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
landing.php
fp.holmesmind.com/ Frame EB35 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&CFFPCKUUID=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 20:51:37 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 05A5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Tue, 06 Sep 2022 21:01:37 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 9E64 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Sep 2022 20:51:37 GMT
syncframe
gum.criteo.com/ Frame D422 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:36 GMT
server
Kestrel
server-processing-duration-in-ticks
1638916
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
drawV2.js
cdn.holmesmind.com/js/ Frame 05A5 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=572&o=1&d=1&b=2&ts=1&ii=2&FPCK=2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
51
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 06 Sep 2022 20:51:35 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
auZu0G3Sv5WmP0k7bZReeGv-C7KN1HzK2opDLImA-YtIycR3YN1tnw==
sid
mug.criteo.com/ Frame D422
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=2&topUrl=reurl.cc&bundle=bsqQKl9LMDhYOEhDQTlBbGNTc0d3ZmczSUlaR0dCYmRZWmVaRnZNbmROa1gxYnJlWDJmeDlRMHFh...
  • https://mug.criteo.com/sid?cpp=_ypvbHxRZlh2NFBzRG81WWF5dS8xMVB0VUxHN2pxbXEvbk94a295Q21CSVdHV0JmeVdHNVo3YTl2SjJaTVZnUHJiNGltQmFGUms1UE5UakViRGc1aENhUGtlTXpIamJYVTN4ODFkeTdHVEtXMXdIN2Q5em0veTFHSGdyVW...
435 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_ypvbHxRZlh2NFBzRG81WWF5dS8xMVB0VUxHN2pxbXEvbk94a295Q21CSVdHV0JmeVdHNVo3YTl2SjJaTVZnUHJiNGltQmFGUms1UE5UakViRGc1aENhUGtlTXpIamJYVTN4ODFkeTdHVEtXMXdIN2Q5em0veTFHSGdyVW5jb1JSQ0RZai9NVEVnWmZxTUZYUjlYUGtkTmJoTFFSK0dEdjZxMnVraUhQdkNmZy9vTm96aFdRdERKeGtCaUxKUlg2bVIwMlNBKzFJN25qTEFHaDhINXhTbnVuOTNOK2xsQ3REdFhKemR4OXhXbDFjSWRtdlNrcG1xT3JoRkk2UlhzODh6WVlOM2NleVUxYVFUTDE2Mlprdmp2dzd3TjBoMUhwb04xY3dSVWZTcnJCejFaWT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
25d42eefefe5622b148f94c8c82dd297805a6b987c5a4d8e2da65f2397992753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:36 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2003285
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:36 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=_ypvbHxRZlh2NFBzRG81WWF5dS8xMVB0VUxHN2pxbXEvbk94a295Q21CSVdHV0JmeVdHNVo3YTl2SjJaTVZnUHJiNGltQmFGUms1UE5UakViRGc1aENhUGtlTXpIamJYVTN4ODFkeTdHVEtXMXdIN2Q5em0veTFHSGdyVW5jb1JSQ0RZai9NVEVnWmZxTUZYUjlYUGtkTmJoTFFSK0dEdjZxMnVraUhQdkNmZy9vTm96aFdRdERKeGtCaUxKUlg2bVIwMlNBKzFJN25qTEFHaDhINXhTbnVuOTNOK2xsQ3REdFhKemR4OXhXbDFjSWRtdlNrcG1xT3JoRkk2UlhzODh6WVlOM2NleVUxYVFUTDE2Mlprdmp2dzd3TjBoMUhwb04xY3dSVWZTcnJCejFaWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
673602
content-length
0
expires
0
chtmp.php
ccm.holmesmind.com/ Frame 3ACA 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq%26SID%3D52662%26Tags%3D2200%2C2198%2C2196%2C2188%2C2199%2C2197%2C2195%2C2187
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.230.137.226 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-137-226.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 3ACA 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq%26SID%3D52655%26Tags%3D2003%2C2002
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.230.137.226 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-137-226.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
chtmp.php
ccm.holmesmind.com/ Frame 3ACA 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq%26SID%3D52661%26Tags%3D2003%2C2002
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.230.137.226 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-137-226.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cm
t.ssp.hinet.net/ Frame 4DFE 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&mp=7c449a90-99c4-45a8-b09d-c95f3f18d280
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
7c449a90-99c4-45a8-b09d-c95f3f18d280.t.ssp.hinet.net/ Frame 4DFE 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7c449a90-99c4-45a8-b09d-c95f3f18d280.t.ssp.hinet.net/pixel?bd=7c449a90-99c4-45a8-b09d-c95f3f18d280&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
pixel
7c449a90-99c4-45a8-b09d-c95f3f18d280.t.ssp.hinet.net/ Frame 9F04 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7c449a90-99c4-45a8-b09d-c95f3f18d280.t.ssp.hinet.net/pixel?bd=7c449a90-99c4-45a8-b09d-c95f3f18d280&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 9F04 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq&mp=7c449a90-99c4-45a8-b09d-c95f3f18d280
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 3F02
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6445
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43300
last-modified
Mon, 25 Jul 2022 08:33:49 GMT
server
cloudflare
etag
"62de556d-a924"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BU0beytJd2CRPdayR5fKEzuuaZfB%2B3Icvdh3%2BrXwy7ob5qp6IuR2E5M9uAItf3Ri1ZvM4KgJaO6q4dHK%2BLRb5UY%2F0ZyI5s52%2F8Tb6MY3xuIOBbu1BngfGps%2BIVvh5wwra%2BFFvC8GJNULe%2FSTcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
746a1572889f3742-MXP

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
cm
t.ssp.hinet.net/ Frame B6E4 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&mp=7c449a90-99c4-45a8-b09d-c95f3f18d280
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
7c449a90-99c4-45a8-b09d-c95f3f18d280.t.ssp.hinet.net/ Frame B6E4 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7c449a90-99c4-45a8-b09d-c95f3f18d280.t.ssp.hinet.net/pixel?bd=7c449a90-99c4-45a8-b09d-c95f3f18d280&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
ls.html
img.scupio.com/html/ Frame FAA4 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
710
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 06 Sep 2022 20:40:37 GMT
etag
W/"583295c9-4dc"
expires
Tue, 13 Sep 2022 20:39:47 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id
QvOJ0e3chUc0ZjmzTJez36a3MRRIRbaZi46q3cwzVnsweHZAGoK_zg==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame DA98
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0hBMjAyMjA5MDcwNDUxMzc2MzY3NTQ%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENImUSNQix8g-pwMdwcKvEk&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENImUSNQix8g-pwMdwcKvEk&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 20:51:36 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
text/javascript
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENImUSNQix8g-pwMdwcKvEk&google_cver=1&google_ula=3918219,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame E3FD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Sep 2022 20:51:37 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 06 Sep 2022 20:51:37 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame DA98 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=588795092476391&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1662497497553&cd[SBST]=17&cd[PuID]=reurl&ud[external_id]=d83de6c5e4e2de36470d20653c9f2ee9148d45af4c0c26b5042c354a3aaf2f38
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 06 Sep 2022 20:51:37 GMT
uxid.aspx
rec.scupio.com/recweb/ Frame DA98
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CHA20220907045137636754
  • https://rec.scupio.com/recweb/uxid.aspx?id=8de4e1a2-2192-37ed-93a8-c392c0edfd46
35 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rec.scupio.com/recweb/uxid.aspx?id=8de4e1a2-2192-37ed-93a8-c392c0edfd46
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 20:51:37 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
image/gif
Content-Length
35

Redirect headers

Location
https://rec.scupio.com/recweb/uxid.aspx?id=8de4e1a2-2192-37ed-93a8-c392c0edfd46
Date
Tue, 06 Sep 2022 20:51:37 GMT
Connection
close
Content-Length
101
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame E3FD 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 20:51:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54257
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Wed, 07 Sep 2022 11:55:54 GMT
ls.html
img.scupio.com/html/ Frame A05E 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
710
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 06 Sep 2022 20:40:37 GMT
etag
W/"583295c9-4dc"
expires
Tue, 13 Sep 2022 20:39:47 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id
t8qc1_YGEGwy1WDKooFG0bTxBHqifDAqRJJQj2KtO2StjE-wjkbDLg==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame F64E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0RBMjAyMjA5MDcwNDUxMzc0MDkwNjE%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENImUSNQix8g-pwMdwcKvEk&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENImUSNQix8g-pwMdwcKvEk&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 20:51:37 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
text/javascript
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESENImUSNQix8g-pwMdwcKvEk&google_cver=1&google_ula=3918219,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 0D44
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Sep 2022 20:51:37 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 06 Sep 2022 20:51:37 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame F64E 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1662497497787&cd[SBST]=17&cd[PuID]=reurl
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 06 Sep 2022 20:51:37 GMT
idsync
sync.aralego.com/ Frame F64E
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CDA20220907045137409061
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/8de4e1a2-2192-37ed-93a8-c392c0edfd46?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-Zi25OTZE2oWB3qyCg.embWUqMFt86kmaoN0HrTU-~A&redirect=
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-Zi25OTZE2oWB3qyCg.embWUqMFt86kmaoN0HrTU-~A&redirect=
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 20:51:38 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

date
Tue, 06 Sep 2022 20:51:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-Zi25OTZE2oWB3qyCg.embWUqMFt86kmaoN0HrTU-~A&redirect=
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
jquery-1.7.2.min.js
code.jquery.com/ Frame F38A 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.7.2.min.js
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-17278"
vary
Accept-Encoding
x-hw
1662497497.dop054.fr8.t,1662497497.cds242.fr8.hn,1662497497.cds153.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33626
jquery-1.7.2.min.js
code.jquery.com/ Frame A71C 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.7.2.min.js
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:37 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-17278"
vary
Accept-Encoding
x-hw
1662497497.dop054.fr8.t,1662497497.cds242.fr8.hn,1662497497.cds153.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33626
khaos.jpg
token.rubiconproject.com/ Frame E3FD 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
usync.js
eus.rubiconproject.com/ Frame 0D44 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 20:51:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54257
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Wed, 07 Sep 2022 11:55:54 GMT
ls.html
img.scupio.com/html/ Frame FFD9 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html?mid=52
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1439
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 06 Sep 2022 20:27:38 GMT
etag
W/"583295c9-4dc"
expires
Tue, 13 Sep 2022 20:27:38 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id
Yok0ZgKN8t1q8H0avXeXDERnpxQIPUdvW_AXSkHQDx9Hoct_Vq7Xpg==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
rec.aspx
rec.scupio.com/recweb/ Frame F38A 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/rec.aspx?cb=0.11018078153807465
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b6753a62e0b50dba9eaaa92bd19154fa585fc47a1dacfcbd7bbeb7306d2fb681

Request headers

Accept
*/*
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 06 Sep 2022 20:51:37 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
text/javascript; charset=utf-8
Content-Length
1789
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 86EE
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H3
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6445
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43300
last-modified
Mon, 25 Jul 2022 08:33:49 GMT
server
cloudflare
etag
"62de556d-a924"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9qa4KnhT8zfFDbiRvJpdaWtIhATD1Ky7AegRMqvLyx9lgf9L1DmnBmXI4GSr5wZRzutqARlnxFMtr%2BdyNWBZPF8sScOhioOqe0sJDJphj0acvXNBjP%2FoIwpBumhqEJrEE8kZaizedPi53eVpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
746a15753d60375f-MXP

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
ls.html
img.scupio.com/html/ Frame E7BF 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html?mid=52
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1439
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 06 Sep 2022 20:27:38 GMT
etag
W/"583295c9-4dc"
expires
Tue, 13 Sep 2022 20:27:38 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id
lz1MYW8Y2URpfGzMiPrgMPVBppjQ3Wl7KzgPSnnsF7gsOXN2L77Wbg==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
rec.aspx
rec.scupio.com/recweb/ Frame A71C 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/rec.aspx?cb=0.9085315651996326
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a00d1fc9ef0b4b77d6100090937f10c5f6092edc86be236ca26f76614d795ad5

Request headers

Accept
*/*
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 06 Sep 2022 20:51:37 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
text/javascript; charset=utf-8
Content-Length
3120
khaos.jpg
token.rubiconproject.com/ Frame 0D44 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
sync.php
pixel-apac.rubiconproject.com/exchange/ Frame E3FD 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Content-Type
image/gif
pixel
7c449a90-99c4-45a8-b09d-c95f3f18d280.t.ssp.hinet.net/ Frame 05A5 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7c449a90-99c4-45a8-b09d-c95f3f18d280.t.ssp.hinet.net/pixel?bd=7c449a90-99c4-45a8-b09d-c95f3f18d280&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 05A5 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv&mp=7c449a90-99c4-45a8-b09d-c95f3f18d280
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 3F02 		975 B
820 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2893
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WToHKjkxQGsxbISe491b4EOQtU3B3L0HZ%2BBf5dpQVkSIPXunIVL4%2FvwKL2Yqjq461%2FvrEKldVGtWEhEDbVqM8TYF46D%2BP1NQNSgNllRMdP93NU0rTlLXIuYN5xSqa4xsWHmORiqn3k0z%2FQXuMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
746a1573192a375f-MXP
cf-bgj
minify
idRequest
sync.aralego.com/ Frame 3F02 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
da8eb35efab0bc6643deddbbbb38200db3fa4e093ad52480b457ce3263d2e67d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 20:51:38 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ Frame 3F02 		552 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FGE486v&adid=ad-BE7A8D43E47B3D23C77A9993A9B8A778&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.11948548582932506&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 20:51:38 GMT
X-Width
300
X-Height
250
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-SspId
8de4e1a2-2192-37ed-93a8-c392c0edfd46
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
552
X-AdStyle
banner
X-Adtype
html
adimg.js
img.scupio.com/staticfiles/540ab50cb55c4d8be0409d42453990d5cd7fb401/scripts/adbanner/build/ Frame F38A 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/staticfiles/540ab50cb55c4d8be0409d42453990d5cd7fb401/scripts/adbanner/build/adimg.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
22dd4b58a0e582425cec50d94841cd72155edc012b42c84576add2cd672000d5

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 08:53:43 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 08:49:17 GMT
server
nginx/1.12.1
age
129474
etag
W/"6315b80d-bf5"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
IRgsEIMYyyA7vjbHYGuH3ZGuU_Npv0CcylxX1ivean802OT-lfMjUg==
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
expires
Tue, 05 Sep 2023 08:53:43 GMT
CoverImage.js
img.scupio.com/staticfiles/540ab50cb55c4d8be0409d42453990d5cd7fb401/scripts/adbanner/build/ Frame F38A 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/staticfiles/540ab50cb55c4d8be0409d42453990d5cd7fb401/scripts/adbanner/build/CoverImage.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 08:53:19 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 08:49:17 GMT
server
nginx/1.12.1
age
129499
etag
W/"6315b80d-54d"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
wc2MjV-S_gJWasd7hCnImNfYvMEqa8Hh6JqtQPLkvzM8MTBKu2uQ3g==
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
expires
Tue, 05 Sep 2023 08:53:19 GMT
75bcc73f-8e6e-4c76-b2b7-3b85a4fe1e54.jpg
img.scupio.com/dsp/ad-image/931/7/ Frame F38A 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/dsp/ad-image/931/7/75bcc73f-8e6e-4c76-b2b7-3b85a4fe1e54.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f5076e83673a9dd158f53364dd014001af2705977e6200184769bce745ef43a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 17 Aug 2022 06:24:24 GMT
server
nginx/1.12.1
age
315
etag
"62fc8998-12603"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
75267
x-amz-cf-id
drjGlEV2LwsAIWoK9OeGmDggEnOFNfE-5dRrVqLck-wijasQMm5_Xw==
expires
Wed, 07 Sep 2022 02:46:23 GMT
ad469.js
img.scupio.com/staticfiles/540ab50cb55c4d8be0409d42453990d5cd7fb401/scripts/adbanner/build/ Frame A71C 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/staticfiles/540ab50cb55c4d8be0409d42453990d5cd7fb401/scripts/adbanner/build/ad469.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
bb245a239cb23804d33118c1beadcaaf64739662cbd49e0b84caa77de1f0d75a

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 09:27:32 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 08:49:17 GMT
server
nginx/1.12.1
age
127446
etag
W/"6315b80d-5df5"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
C0SrLYJ7dYZK3_64RJAR69yyXHXpc-7RkY8mlxPSBk89-iz3pjt9Dg==
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
expires
Tue, 05 Sep 2023 09:27:32 GMT
CoverImage.js
img.scupio.com/staticfiles/540ab50cb55c4d8be0409d42453990d5cd7fb401/scripts/adbanner/build/ Frame A71C 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/staticfiles/540ab50cb55c4d8be0409d42453990d5cd7fb401/scripts/adbanner/build/CoverImage.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 08:53:19 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 08:49:17 GMT
server
nginx/1.12.1
age
129499
etag
W/"6315b80d-54d"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
15rjVm1UzGIoSC1QX-1F6mWKrkQXBCoFQIGAf7h1bHKPwl0pVECB_w==
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
expires
Tue, 05 Sep 2023 08:53:19 GMT
css2
fonts.googleapis.com/ Frame A71C 		2 KB
590 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@900
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
75aa5fc5ab5ca68d3d60dc850c3b5c107f1c1217eacf71d60cb4b835460c04c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 20:51:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 06 Sep 2022 20:51:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Sep 2022 20:51:38 GMT
css2
fonts.googleapis.com/ Frame A71C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@900
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 20:51:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 06 Sep 2022 20:51:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Sep 2022 20:51:38 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2747 		115 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49b66c2ccaa3fe4120f86382ad2d46cde7f9cc1e002e4cd97723acc123db6461
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40084
x-xss-protection
0
server
cafe
etag
1052711857637781841
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 20:51:38 GMT
2c552730-f6ed-4e35-967e-75ae6e16fae6.jpg
img.scupio.com/dsp/ad-image/931/2/ Frame A71C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/dsp/ad-image/931/2/2c552730-f6ed-4e35-967e-75ae6e16fae6.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
dc9c82e22cc8e4786160076e3d7a8401176b9efbfdaef587c55d443edff6eab0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Tue, 22 Jun 2021 08:53:06 GMT
server
nginx/1.12.1
x-amz-cf-pop
FRA2-C1
etag
"60d1a4f2-13ba"
vary
Origin
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
content-length
5050
x-amz-cf-id
ECZJmqjXyhcPjPmsp7QoQsNAwQtLS9nILhLlTu3bnyGFSJFFydp49A==
expires
Wed, 07 Sep 2022 02:51:38 GMT
7092117.jpg
img.scupio.com/ec/x/931/250/117/ Frame A71C 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/931/250/117/7092117.jpg?h=cf8c57c38b8f521500cb74c22823f71b&v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
649bb51c7988e50a72ba3202a01713b60c3ca192847bc878e1505203418a207c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 15:06:13 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Tue, 06 Sep 2022 14:02:01 GMT
server
nginx/1.12.1
age
20725
etag
"631752d9-22ba"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
8890
x-amz-cf-id
RoUr53jcT7TqAMYooQP2ZnMGbXFcQoy-4fdud_B6L2uSS3mI7rQNCA==
expires
Tue, 06 Sep 2022 21:06:13 GMT
6821090.jpg
img.scupio.com/ec/x/931/250/090/ Frame A71C 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/931/250/090/6821090.jpg?h=7b987554f79962919c9495c7a88a8d4b&v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
13e489437eb5e0a8fca4eb72a5340a380644bf3f18c90cd93c4dd10a35b0f3ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:47:50 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Tue, 06 Sep 2022 13:25:39 GMT
server
nginx/1.12.1
age
14628
etag
"63174a53-1e0f"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
7695
x-amz-cf-id
yacLi6TRHM3U8FbUnjc91CKGhE1wKUu9msQJLhPMQDWBQSR2SSC8jg==
expires
Tue, 06 Sep 2022 22:47:50 GMT
7517479.jpg
img.scupio.com/ec/x/931/250/479/ Frame A71C 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/931/250/479/7517479.jpg?h=a0ea017b20e482e0ed423e1db51c9462&v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
3627578c97087f0edeaef535e297ccae05a50014a95e95f12534ac9bdda47d29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 17:35:21 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Tue, 06 Sep 2022 16:00:53 GMT
server
nginx/1.12.1
age
11777
etag
"63176eb5-1dd0"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
7632
x-amz-cf-id
gBSH_cWV92p6CqOshP3XDm3QkWJKS36tKTHAV_DCwxLEGZpfApg6hg==
expires
Tue, 06 Sep 2022 23:35:21 GMT
7602274.jpg
img.scupio.com/ec/x/931/250/274/ Frame A71C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/931/250/274/7602274.jpg?h=8c3ed0e84f38c029884bec404085ac26&v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d79b2fcf1a0aace74fe185f3bf58af9c0ca1dca2a5526507df2e5993a40603cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 18:06:27 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Tue, 06 Sep 2022 17:25:08 GMT
server
nginx/1.12.1
age
9911
etag
"63178274-1a4f"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
6735
x-amz-cf-id
WA0mUokGY0TF3hztMtbx-RV-ju0i9xrkLDlr0fuJwQGBECnbx5nNIA==
expires
Wed, 07 Sep 2022 00:06:27 GMT
7926315.jpg
img.scupio.com/ec/x/931/250/315/ Frame A71C 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/931/250/315/7926315.jpg?h=294a6d01bc9f89b67cfc105f3f601ba6&v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
8b6ab43f26780e43a94664e734a2c13f13b746e77c140ac4833fc2d8aaf0b59e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 18:06:27 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Tue, 06 Sep 2022 14:15:41 GMT
server
nginx/1.12.1
age
9911
etag
"6317560d-1cae"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
7342
x-amz-cf-id
PfRKHEL9_J5zG8ry8OkK3mA5rTkIuJU85MTLCuXm_s591oYvfcmG_g==
expires
Wed, 07 Sep 2022 00:06:27 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A71C 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 08:45:00 GMT
x-content-type-options
nosniff
age
561998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 08:45:00 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 58AD 		714 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
6773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
746a15750d01375f-MXP
content-encoding
br
content-type
text/html
date
Tue, 06 Sep 2022 20:51:38 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOGexkpedhfLcUOGBEhyCUdLypu%2BMkOCEgWs7NK6RahcoKFU15l1uBNlvcJKEMSBOF7vxWFuJoWtSkc4P2%2BiFZSulHzMNgkPnxsnZAOlX0QmK9OQyu%2B2rbyXo1fQds3z4jzoWpROjbvaqVj0Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 3F02 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 20:51:38 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 58AD 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f00e821b1332a58e3d148edf2a39915e4a1b60f0a66b9a2b5e6a210b9cc24983
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28548
x-xss-protection
0
server
sffe
etag
"1326 / 225 of 1000 / last-modified: 1662462430"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Sep 2022 20:51:38 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/ Frame 2747 		343 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e9aba51285654b771ed54969cc04a459808c7177c9104cd7acf6fb32a099d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123679
x-xss-protection
0
server
cafe
etag
15276337378125938386
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 20:51:38 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 86EE 		975 B
783 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2893
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Bt%2FW9akqpXkMwtyLcNNeBRyj8CUw%2F2foDvmvEAHrNYflbds%2F8p5GOKAW9L7CfN85fmauTB25u36635TBiuEyWp%2FNDhFK7l7VKmPH2JKFawqZkLaQ%2FQxjSulPr1EexrJkcrKq%2F3Urm1FHryUmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
746a1575ce7a375f-MXP
cf-bgj
minify
idRequest
sync.aralego.com/ Frame 86EE 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?ucfUid=8de4e1a2-2192-37ed-93a8-c392c0edfd46&lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
da8eb35efab0bc6643deddbbbb38200db3fa4e093ad52480b457ce3263d2e67d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 20:51:38 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ Frame 86EE 		555 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FGE486v&adid=ad-BE78DB396979B34E17BE3B66A3E7D76B&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.2723884232245841&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ucfUid=8de4e1a2-2192-37ed-93a8-c392c0edfd46&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 20:51:38 GMT
X-Width
300
X-Height
250
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-SspId
8de4e1a2-2192-37ed-93a8-c392c0edfd46
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
555
X-AdStyle
banner
X-Adtype
html
pubads_impl_2022090101.js
securepubads.g.doubleclick.net/gpt/ Frame 58AD 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 10:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
468149
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131916
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 08:36:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Sep 2023 10:49:09 GMT
integrator.js
adservice.google.de/adsid/ Frame 58AD 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 58AD 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 58AD 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1439908549522713&correlator=94963517969052&eid=31069204%2C31061690&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1662497498714&lmt=1644386353&dlt=1662497498429&idt=264&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=hbxq1waeproi&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=12442282.1662497499&ga_sid=1662497499&ga_hid=150111850&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bee51233f1b4d46f9d8084127f2aae3ae36cbd9cba68ce34e70a9d046aaa7129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bfbe74b7c569249406a4a5423692f87c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E0D7 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bfbe74b7c569249406a4a5423692f87c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:38 GMT
expires
Wed, 06 Sep 2023 20:51:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame CD6F 		714 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
6773
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
746a1577196e375f-MXP
content-encoding
br
content-type
text/html
date
Tue, 06 Sep 2022 20:51:38 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRohB0x3Il4vN0LldK7NwGAudaceYzChPIkFK1zGUCYnNlST14eWV%2FT%2FMtQLZFXe1eE5NEZmY06s3rdas%2FQ%2Bfv51xORlj4tPx2PqLe8xPqDfhZbZooOsDS%2BkRC5mloNyK2rO9j00JU1jGfXyLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 86EE 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 20:51:38 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookie.js
partner.googleadservices.com/gampad/ Frame 2747 		212 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55854802eab625cd794ad36f7b2d44150cd9379e676f66ea5aaa76518465eb3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 2747 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2747 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E4AA 		98 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1662497498&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498464&bpp=14&bdt=412&idt=270&shv=r20220901&mjsv=m202208300101&ptt=5&saldr=sa&correlator=7378697288917&frm=23&ife=1&pv=2&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=1585925989&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=66188118&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=4417266648250826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pux83iswozt3&fsb=1&dtd=283
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ca444e32f5c7231d8669cdbc0a642cea05b3db75e5fe6189385e01583e5aba3
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPWo7uaFgfoCFarIOwIdbT0ARw&gqi=2rIXY6uHMemTjuwPjrOU4Ag&layout=/sadbundle/%24csp%253Der3%24/13243569959638451932/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
38719
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPWo7uaFgfoCFarIOwIdbT0ARw&gqi=2rIXY6uHMemTjuwPjrOU4Ag&layout=/sadbundle/%24csp%253Der3%24/13243569959638451932/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CD6F 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f00e821b1332a58e3d148edf2a39915e4a1b60f0a66b9a2b5e6a210b9cc24983
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28548
x-xss-protection
0
server
sffe
etag
"1326 / 351 of 1000 / last-modified: 1662462430"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Sep 2022 20:51:38 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 58AD 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09231ab80770934e3bb11a071d207db2dc8b6d01e3ea524197b90c4c36396090
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11270
x-xss-protection
0
pubads_impl_2022090101.js
securepubads.g.doubleclick.net/gpt/ Frame CD6F 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 10:49:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
468149
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131916
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 08:36:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Sep 2023 10:49:09 GMT
integrator.js
adservice.google.de/adsid/ Frame CD6F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CD6F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame CD6F 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2417438156392097&correlator=640879924248954&eid=31060437%2C31069332%2C44761478%2C31068920&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1662497498862&lmt=1644386353&dlt=1662497498767&idt=85&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=oeynozjy0ygz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1923637081.1662497499&ga_sid=1662497499&ga_hid=1248585679&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ca26a1ea3dd8aced926b746e1e7fba836618f72513a82ad857991f16dd8613b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6d18858f6c3c6302aa1f516eef96cd83.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8BD3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6d18858f6c3c6302aa1f516eef96cd83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:38 GMT
expires
Wed, 06 Sep 2023 20:51:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 142F 		115 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec92c979c02376ec9a291ef5543acd565b5311b823193895a2d43ce9e5b8b960
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40090
x-xss-protection
0
server
cafe
etag
4384802228968789739
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 20:51:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 58AD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 20:51:38 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CD6F 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4591c41a23e218c98aa5d30b44d786150e3f34d6502877c3545d2f733ce9b436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11159
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208310101/ Frame 142F 		344 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31069329
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b9c2c13a736cc4405b4bc0dedabc92edeba21888d4dc7737c050dca70a1b82b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123950
x-xss-protection
0
server
cafe
etag
8058721580288598369
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 20:51:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0AAA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
19519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 15:26:20 GMT
expires
Wed, 06 Sep 2023 15:26:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 25FC 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6762f30f0154800fb3918b9b2b85c5fb600058c6b38b1900c048cfc0738eecf3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-08fnn5ywoZUOmrV7tam9jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-08fnn5ywoZUOmrV7tam9jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:39 GMT
expires
Tue, 06 Sep 2022 20:51:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CD6F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 20:51:39 GMT
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame 0AAA 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 19:40:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Sep 2023 19:40:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 25FC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090101&jk=1439908549522713&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C936 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
19519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 15:26:20 GMT
expires
Wed, 06 Sep 2023 15:26:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 877C 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f3c04d7b56d97ffd98246bf9b0a3b75bf982d9f1723ffa82cc7f495edbcc3656
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mav3YBiRVErhktTY7V4cew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-mav3YBiRVErhktTY7V4cew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:39 GMT
expires
Tue, 06 Sep 2022 20:51:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/ Frame 581A 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1662497498&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498464&bpp=14&bdt=412&idt=270&shv=r20220901&mjsv=m202208300101&ptt=5&saldr=sa&correlator=7378697288917&frm=23&ife=1&pv=2&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=1585925989&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=66188118&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=4417266648250826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pux83iswozt3&fsb=1&dtd=283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc03d96af9f1e84e7720a87c54ea1000a5bd2c16b24c6da224fe72de9010cfaf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
433584
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1746
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 20:25:15 GMT
expires
Fri, 01 Sep 2023 20:25:15 GMT
last-modified
Thu, 01 Sep 2022 18:57:28 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame E4AA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1662497498&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498464&bpp=14&bdt=412&idt=270&shv=r20220901&mjsv=m202208300101&ptt=5&saldr=sa&correlator=7378697288917&frm=23&ife=1&pv=2&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=1585925989&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=66188118&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=4417266648250826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pux83iswozt3&fsb=1&dtd=283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d3f0c278eba7ca4904ef08e954e5d21231a363ddf14d74592de748ec54aa299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 19:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9663
x-xss-protection
0
server
cafe
etag
5256006603266553849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 19:58:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 877C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090101&jk=2417438156392097&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame C936 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 19:40:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Sep 2023 19:40:35 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 142F 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31069329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 142F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31069329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 20:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 142F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31069329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 20:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9778 		17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31069329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7211e6781274b87f592ada564da109fca86c9da54e9a50ab37d0fdb6f0e22e4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9433
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 581A 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 04:52:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 07 Sep 2022 04:52:23 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 581A 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 04:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57555
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 07 Sep 2022 04:52:24 GMT
img2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/ Frame 581A 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/img2.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f039c920bb5417936d4737f1a45af696ffa6d11caecc45e5e1e8216568bf8e07
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
433584
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32889
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 18:57:28 GMT
server
sffe
date
Thu, 01 Sep 2022 20:25:15 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Sep 2023 20:25:15 GMT
img1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/ Frame 581A 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/img1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40483d572e14e4690c54b8e14dd955f3f97696a48d9ded7c65d1adb8af09b17d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
433584
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26810
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 18:57:28 GMT
server
sffe
date
Thu, 01 Sep 2022 20:25:15 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Sep 2023 20:25:15 GMT
cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/ Frame 581A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/cta.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c7902eabb7adb7094f332a003468515faf5685a587f5c9618ac74a3ca1c0d3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
433584
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1135
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 18:57:28 GMT
server
sffe
date
Thu, 01 Sep 2022 20:25:15 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Sep 2023 20:25:15 GMT
txt3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/ Frame 581A 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/txt3.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edade1b328fe21499058c22e4a1771553b74499c960580e719061d5fad2ed309
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
433584
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9282
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 18:57:28 GMT
server
sffe
date
Thu, 01 Sep 2022 20:25:15 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Sep 2023 20:25:15 GMT
txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/ Frame 581A 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/txt2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
215d586421ace57bbeb7d71662d5b934ba0920c7749b2982e1ed1d7b3522b6df
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
433584
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13004
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 18:57:28 GMT
server
sffe
date
Thu, 01 Sep 2022 20:25:15 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Sep 2023 20:25:15 GMT
txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/ Frame 581A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/txt1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93848152b280dd0aced8cff4b318a1fc68be484694c41ea675132c9a269bddf0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
433584
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14565
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 18:57:28 GMT
server
sffe
date
Thu, 01 Sep 2022 20:25:15 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Sep 2023 20:25:15 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/ Frame 581A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13243569959638451932/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
830c4c982b5e5e5fcc39f267c7cf289c3e1bc664bf9f591d5be39ad09528e5b3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
433584
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2101
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 18:57:28 GMT
server
sffe
date
Thu, 01 Sep 2022 20:25:15 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Sep 2023 20:25:15 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5767 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1662497498&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498464&bpp=14&bdt=412&idt=270&shv=r20220901&mjsv=m202208300101&ptt=5&saldr=sa&correlator=7378697288917&frm=23&ife=1&pv=2&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=1585925989&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=66188118&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=4417266648250826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pux83iswozt3&fsb=1&dtd=283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1662497498&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498464&bpp=14&bdt=412&idt=270&shv=r20220901&mjsv=m202208300101&ptt=5&saldr=sa&correlator=7378697288917&frm=23&ife=1&pv=2&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=1585925989&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=66188118&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=4417266648250826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pux83iswozt3&fsb=1&dtd=283
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
739
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 20:39:20 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame E4AA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1662497498&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498464&bpp=14&bdt=412&idt=270&shv=r20220901&mjsv=m202208300101&ptt=5&saldr=sa&correlator=7378697288917&frm=23&ife=1&pv=2&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=1585925989&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=66188118&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=4417266648250826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pux83iswozt3&fsb=1&dtd=283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 20:08:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame E4AA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1662497498&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498464&bpp=14&bdt=412&idt=270&shv=r20220901&mjsv=m202208300101&ptt=5&saldr=sa&correlator=7378697288917&frm=23&ife=1&pv=2&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=1585925989&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=66188118&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=4417266648250826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pux83iswozt3&fsb=1&dtd=283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:36:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7602
x-xss-protection
0
server
cafe
etag
8484125879011292595
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 20:36:24 GMT
gen_csp
pagead2.googlesyndication.com/pagead/ Frame E4AA 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPWo7uaFgfoCFarIOwIdbT0ARw&gqi=2rIXY6uHMemTjuwPjrOU4Ag&layout=/sadbundle/%24csp%253Der3%24/13243569959638451932/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1662497498&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498464&bpp=14&bdt=412&idt=270&shv=r20220901&mjsv=m202208300101&ptt=5&saldr=sa&correlator=7378697288917&frm=23&ife=1&pv=2&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=1585925989&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=66188118&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=4417266648250826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pux83iswozt3&fsb=1&dtd=283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 0AAA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qUrgkg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
l
www.google.com/ads/measurement/ Frame E4AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIF0KFFUzs-T12dVICgLozT9iogjk_sINxtFnIaSwxFT48Ija7nora-sX5MdC_GXxZPstagV2CI8K_V8JPrD2LTnwMKQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1662497498&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498464&bpp=14&bdt=412&idt=270&shv=r20220901&mjsv=m202208300101&ptt=5&saldr=sa&correlator=7378697288917&frm=23&ife=1&pv=2&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=1585925989&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=66188118&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=4417266648250826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pux83iswozt3&fsb=1&dtd=283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E4AA 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1662497498&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498464&bpp=14&bdt=412&idt=270&shv=r20220901&mjsv=m202208300101&ptt=5&saldr=sa&correlator=7378697288917&frm=23&ife=1&pv=2&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=1585925989&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=66188118&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=4417266648250826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pux83iswozt3&fsb=1&dtd=283
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 20:51:39 GMT
truncated
/ Frame E4AA 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adb8a7a253940fb66d417f28392bd7d0c7e15f30de603ad4756e7acd2fd6b0b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5767
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1662497498&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498464&bpp=14&bdt=412&idt=270&shv=r20220901&mjsv=m202208300101&ptt=5&saldr=sa&correlator=7378697288917&frm=23&ife=1&pv=2&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=1585925989&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=66188118&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=4417266648250826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pux83iswozt3&fsb=1&dtd=283
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:39 GMT
expires
Tue, 06 Sep 2022 20:51:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:39 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame 581A 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 19:40:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Sep 2023 19:40:35 GMT
generate_204
tpc.googlesyndication.com/ Frame C936 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YdUH6w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Sep 2022 20:51:38 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
301819
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 820D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=qOu50HwrbElHRkwzNEsyeDluUU85R3dGK3N0SUJJUmRQTGN0S1RVZm5qeFA1WTFYVWI4eTFERkVnR1J3UGl3aVRHSFB2b0VuRy9CbWtUanhQVUJ5TUhWc0RZWVQxRjRiYmhNb1hEUFpRS1cwS2NydmovaWZhWE1GdEFFOU...
412 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qOu50HwrbElHRkwzNEsyeDluUU85R3dGK3N0SUJJUmRQTGN0S1RVZm5qeFA1WTFYVWI4eTFERkVnR1J3UGl3aVRHSFB2b0VuRy9CbWtUanhQVUJ5TUhWc0RZWVQxRjRiYmhNb1hEUFpRS1cwS2NydmovaWZhWE1GdEFFOUpkS0tVVit1MWt2WGRrWkpxWnRXQk9Vams0VFJHQ0VpdC80OTZpQUh0VURsSXo4cUhNcjlSMW15OVdIcDJxUERkOVJ0NnNPZlR1eFd2SEZxQjZnQkpCa1BHWklZcElWQlJPdTUyY1UxNjkxUnVmaEVlM0g1bi9HWmkyMkFEMzhCcFNnbzAzR2xyYzF0K0VwVDZQSEJOM3dlZnI0a3NIZDg2eVRoNCtzWktRZVJ2cDUwOTI3dz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0d4d0fad25b7914bce391d84e3980c5e2c918c14faed6b89f3506d0dc8a1547b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:38 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1585430
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:38 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=qOu50HwrbElHRkwzNEsyeDluUU85R3dGK3N0SUJJUmRQTGN0S1RVZm5qeFA1WTFYVWI4eTFERkVnR1J3UGl3aVRHSFB2b0VuRy9CbWtUanhQVUJ5TUhWc0RZWVQxRjRiYmhNb1hEUFpRS1cwS2NydmovaWZhWE1GdEFFOUpkS0tVVit1MWt2WGRrWkpxWnRXQk9Vams0VFJHQ0VpdC80OTZpQUh0VURsSXo4cUhNcjlSMW15OVdIcDJxUERkOVJ0NnNPZlR1eFd2SEZxQjZnQkpCa1BHWklZcElWQlJPdTUyY1UxNjkxUnVmaEVlM0g1bi9HWmkyMkFEMzhCcFNnbzAzR2xyYzF0K0VwVDZQSEJOM3dlZnI0a3NIZDg2eVRoNCtzWktRZVJ2cDUwOTI3dz18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
652248
content-length
0
expires
0
cm
c.holmesmind.com/ Frame 820D 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:39 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
idSync
sync.aralego.com/ Frame 820D 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 20:51:39 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2747 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220901&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87422baa4d8decfa5c93fdfa9c7ecc6888e75984f37d3aae68ba867fd52dc0fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 20:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11104
x-xss-protection
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qOu50HwrbElHRkwzNEsyeDluUU85R3dGK3N0SUJJUmRQTGN0S1RVZm5qeFA1WTFYVWI4eTFERkVnR1J3UGl3aVRHSFB2b0VuRy9CbWtUanhQVUJ5TUhWc0RZWVQxRjRiYmhNb1hEUFpRS1cwS2NydmovaWZhWE1GdEFFOUpkS0tVVit1MWt2WGRrWkpxWnRXQk9Vams0VFJHQ0VpdC80OTZpQUh0VURsSXo4cUhNcjlSMW15OVdIcDJxUERkOVJ0NnNPZlR1eFd2SEZxQjZnQkpCa1BHWklZcElWQlJPdTUyY1UxNjkxUnVmaEVlM0g1bi9HWmkyMkFEMzhCcFNnbzAzR2xyYzF0K0VwVDZQSEJOM3dlZnI0a3NIZDg2eVRoNCtzWktRZVJ2cDUwOTI3dz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Sep 2022 20:51:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
399020
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9778 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A6a_7h_ybFTueclTmwNH32dGzJpKfAmdX7cX-X5G_q5jTVry4NcwGgm6ngC60a-qcupOzKuY_DqUrAj0b_CUyIF7uAlCT_0ScisIvCH0HMFs3nxb4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 9778 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 20:08:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 9778 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:36:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7602
x-xss-protection
0
server
cafe
etag
8484125879011292595
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 20:36:24 GMT
l
www.google.com/ads/measurement/ Frame 9778 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcujeFl8exrnyN7EDBKnvBJB5bfgU-pS0AIWYHtjGM4OiGVpB12QpXDVs13Oir6a2dCbrc7SQNDxB1Zbo_GRGnIGOEMg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9778 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 20:51:39 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 85CD 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNW1dMMqC-wgd3OzfRW2c9KR_GnUhsnL2-OO8hcYGXux89HoA4V2hAY-y-H7oXpVEbBYcQRiKyXbiUJ5fy1feNPe4d31fomOl5sDToisYKjWgMa_ZV8uv4JYaU-JriB4a5RAa96gy68uuPSzsIixVqSpYsJIGJEaCdwYu_pcbzVVtv3LcPI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9778 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwHT6nYqatiWaQiFU6P5M3dhbbMQItVaDbEoAL74ifeNgantrJ2A2J6PK3pYcjhgZK7eXD7PvzRofEmOdicqmKajjmOg&cry=1&dbm_d=AKAmf-BON4gSu3piwHiCnb2U7gXeY092WazDoR9klZzRdEw0JyDrvOSBUF6S3FtJsrCYXzvZ0FjXWWZ5SBLMqHqjFOUgcpoM_iUZdq75USfTX_ZXsx9S5jERF1OKfRMuFgRgyP6O1QMZuVZUE-wvskfPDr6wk_5xgNEGFPX8THc2Rl_0WYw5i2dtO3-jN5ZBId3dc1EASn-TBd8aDXGrig3AQcJQ9wNh0Y5uuz-NHEf0u6HI_ijhQfWGymKfwt6JNRTFsfGxvzfs3-Xvt9zSH38y0RLPLrboyd8krmC02c0o-7pWIEcGeWTShQXl9ESz3PtPhUJs9yDXlH5-ZUUCzUaQda651JfDZwo0tfI71mMLbLZTn1FoCuW594V3WRsIIXudPuq5un6rhODwDvc_4L5LAnlcFzvXdpruYc8batDmEoX7EQ50eXMdiNBa_FaPjP_a-ZSPpLJQEqmalh-nsvHxh0o7ofXoNfbq4bKDOUS5wt_HPhWqQ71ar63MYCT7KCD2uj-nJBqRiIFfU3DsI4y1NxxWWKGPUEJrfeo4WPKnU5ma2rX_5RisiNtpDd2-beG6OGTE8yJvDigc2vGd8pVOfp8fqSWYyqSK5zVXDW_1hlPKBC_uEngUF08QEBKYOCbG6y5lasB2Boa1zh75LhZQbXmZ-4G4XEwsuBPIc8lRYozGkxGEDGwBQIy8Ht96TDp-0972v9hpE8lNMVt6cjQd1qUIlv1gj_M-ac5U39IY-lnJksZpFMA4Xaqod-Dmaf8NCYOJQIVvLxEpQ1TP4dglPTMgVbxzEX3oRCMxkmFDsvuRwDqGONhXVLgWyAlhP2-ySW2G45-KoenfykYIzMh6sX46CEM6Eu_D0eXai-YJH4Xe8nqDwpwhlgSixcFf6p1i5qjxG5fUxrM8g465g3hU-kCH0N6Z-szPHd9g7Hej6a7n-dVEMC0wu-aJya10ivBz9I_RlVz5PaHLYVhoJn_40V-9AMi_c40r7feO3npiSc7J-w7jNMoAaexMlTWt7vDI8sd0JXkHB33t0HfikgpNYHTCeW4JNjWbuCU1EUBl26u3wa1zb7A-st69bkj5hbxS5kdmyzqha1JKvNyyZE7qIb_YaeBuO3mgPyX-X0iKGeJqGJwyd7M_NoDVxJ_Ld-q90onATaKZrtxsCUkt3L2VOqtRtJzoVNGYS4odk6w7lxonVDTU7Gu8WScmKCGPENwg_mKqqShNCTxOLp9Viz36LpzEcNWWX3O_1AK4uL0BPtYxFSIgzWtuOQyVvp1owwUN-nR4sGTZ6-wkmxs8fNf3Z-fgdDuoCnzs51iqP-ARX4zOF6eZmuJmmShki5VQiNZhbGpK_IKvKtUEV1YfTegowGnp7nzzvdOyG0SEFXfcLWnjFfvh6fGoZIHVHiaBSYIUT-J9c3bhmWOWv3nMp-GRD-0isAJ0NbuEbO57bcrk1u3eFCivvlHhi2aw6uM6VXkRsW1n9zTom0x-STdQz70hyXGajNi3TGAveUbLoYriPskju1Ji0wg6HBDVQdwjBus0rEURPdL1-b3KvebQH2buAmHkN_kpZ1U0ni4jpa-hKez4MADxZFmJYxO_gx_io31tUYwUP1BdxxWoNmUO95oAlddBIXurRBsKv6kLO-QALkwaX1jRZo7F2g4ZYFo-DOH8x19Ygj8R3OvbWeJA87EXgEMqtMjEZhCKcby3MDJtkCGsd1KPJL0mx8SMgBLjV1Oi9FSbDspkATxeLo56tUmoMbCe-Tx3ZEePDHfpgW81DBof0N56IEQ4-P78lvHnLiICzLROuy1MUf2NvRJDoO8LjmnDGN-DHzmgugjhQSKhcOOUADBz6leoeWi_3H_Vg4x8mrepc1vutR0daHtMobjG9MFDoLsZw_FhQ2v7WeFCIKMPor1GpcMYUWx149SglgkqahBkTzRiZ_Bene0t4v1ghpT9DbBSV5RkXyIzbyCbfkUok7sxKbD_-mIgBHEj6uyOwnl30LGvIZkKUyykaf7kX-arFTBOpzsCB0FcAPmBQIUI2fvpeLc3X8ztnTRwfZ0LFzITTdlT33xu8nl6rJC1Pg2-uOsRYZIKsKi6xEmLy-JGNGP1mgphVfl8ntggofaVNOfbyl8ZQEig6SW6LBngy0E4cf-UR_ihjHuHlaFIvj67bO0oLT034PZAvWZXn9hjhpGgnMmLxGHYIWUNNqhnrtxcnTxFf1USpSNIVuNfxribaJp-aIyJY0AQs-Ps-KrOK9N-CZ8yPtOqYV4e3LYU-GMuApQ5WClgXWvXIM_ffpvjL-gIaJoSVrbRWBmVwRDjq5PyeqQFg4yM_KdX3fR52CNC_kK8m6ZIgNevA8wPyhDTLG0Be4DQCTYtxMsXEzWkAr6s8YxcYotz9A_p80aT-rjCeTFh3BABye1vOVrsKsbtZyXOiSmMHkC7II6Z9vvkr70MgAv7vLEdDZqUw3mdTZ4hR_YO6E0DxwC54NkPovhXrHnO9wCnrXdI8Azn69euPdh20w9Q8JIF9OLx7R_0Isl_0I3gXiRiMQsrn8h8-S25NOzgizHOhaY8Ny8WLVa0FwV_q4Vx9q_5jyryqbFjkaZ6D1JmZIZXDXrtHxkT4btnZxUx42T7s0YpSd_n9v1-f2YROg55S8TQfIPA0lUm_q04S12CvvqdJaJov5Lj0sw1GX6C7eU72vD-a3BKwlyJp5U6wWBmPCKPcQ8Wrj4AF22eLPAIHZv65kwLYJdWdIIkYyo2kc7hWwnu1OCguT5384RmR5CISV6fKeTRFxsbDb9dHdM5Ktbt7QrLmkoTPF5Oioi7yoBFeF_-jGyQ49bU82cXMgjxBDO98SyJmUxWlURMYrOMhrWqssrUDVrV2s9FL5IUx4o&cid=CAASJORo74aCqPI_co68wmEahVXas7FWv9tZWs7EykB2NB6T6nikew&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79ba062e591b1cd913c80a3a50b05160d227e482420425018268db6a327ee86e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34161
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2747 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 20:51:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9702 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
19519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 15:26:20 GMT
expires
Wed, 06 Sep 2023 15:26:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 988B 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6d564ee850001507f3fd0ac9ce23e4c4e5459062f095869bcbf7a65efb0f619e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kGRjG8dmeiqGunI_WWeBsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-kGRjG8dmeiqGunI_WWeBsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:39 GMT
expires
Tue, 06 Sep 2022 20:51:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame 85CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJJOykNvsSWsLBrmEqmcM_8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJJOykNvsSWsLBrmEqmcM_8&google_cver=1&C=1
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJJOykNvsSWsLBrmEqmcM_8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNW1dMMqC-wgd3OzfRW2c9KR_GnUhsnL2-OO8hcYGXux89HoA4V2hAY-y-H7oXpVEbBYcQRiKyXbiUJ5fy1feNPe4d31fomOl5sDToisYKjWgMa_ZV8uv4JYaU-JriB4a5RAa96gy68uuPSzsIixVqSpYsJIGJEaCdwYu_pcbzVVtv3LcPI
Protocol
H3
Server
104.18.18.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
746a157cfcffbb83-FRA
pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vlh%2BmNZTVheOscXcyPQoJJlJ%2FYjkzBzCRIWQslAlT95N%2B%2FQTZvoaGUzRzwl%2Fz7hw1cXZRq7PnXs%2FJTxrQIPJuCxprwQY7djKVtB4bL5PQZVbudm8i09sSUVx9vzzjs36YWnKhKP%2BjCWqJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFt%2F0FEFlXJSumvSDe%2FKmhQNuuDD4WO1vgus2bJn31Eb8Aaywi6WlTrHb683GvNP9SHK5obRd2iypgw7UJux8IQ%2Bay33gq0KTuThSomeGTf8lfUIIQ00xQcIAgRBBB2Lyn420ilsOsZ6DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEJJOykNvsSWsLBrmEqmcM_8&google_cver=1&C=1
cache-control
no-cache
cf-ray
746a157c9c239b4b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 85CD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yxey29Ntd9GLIEshl8lTfgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJJOykNvsSWsLBrmEqmcM_8&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJJOykNvsSWsLBrmEqmcM_8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNW1dMMqC-wgd3OzfRW2c9KR_GnUhsnL2-OO8hcYGXux89HoA4V2hAY-y-H7oXpVEbBYcQRiKyXbiUJ5fy1feNPe4d31fomOl5sDToisYKjWgMa_ZV8uv4JYaU-JriB4a5RAa96gy68uuPSzsIixVqSpYsJIGJEaCdwYu_pcbzVVtv3LcPI
Protocol
H3
Server
104.18.18.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
746a157d7dcfbb83-FRA
pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BCRTAmcqFNWD9EPJyZ58241KxGUyMqi1CwTXDk9NHvmxocS7f9SZKLke9iXJ8YDaWnUSwFocdCpv9cg17hGqVEMG7dTUIxucCt75k8G206hvlImbLCeRImT5zrjjZ3Xxd6zkLHsSlBBbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJJOykNvsSWsLBrmEqmcM_8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 85CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDzRCQG992ZctmbfGBu3zCc&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDzRCQG992ZctmbfGBu3zCc%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDzRCQG992ZctmbfGBu3zCc%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNW1dMMqC-wgd3OzfRW2c9KR_GnUhsnL2-OO8hcYGXux89HoA4V2hAY-y-H7oXpVEbBYcQRiKyXbiUJ5fy1feNPe4d31fomOl5sDToisYKjWgMa_ZV8uv4JYaU-JriB4a5RAa96gy68uuPSzsIixVqSpYsJIGJEaCdwYu_pcbzVVtv3LcPI
Protocol
HTTP/1.1
Server
185.89.210.46 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Sep 2022 20:51:39 GMT
X-Proxy-Origin
217.64.151.31; 217.64.151.31; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
57b544be-c473-407f-b840-241f54074a0e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Sep 2022 20:51:39 GMT
X-Proxy-Origin
217.64.151.31; 217.64.151.31; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
146ded92-a938-4ab2-91d6-7a133b439c50
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDzRCQG992ZctmbfGBu3zCc%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 85CD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3ODc1Njg5NTk3NDIwMDIzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3ODc1Njg5NTk3NDIwMDIzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNW1dMMqC-wgd3OzfRW2c9KR_GnUhsnL2-OO8hcYGXux89HoA4V2hAY-y-H7oXpVEbBYcQRiKyXbiUJ5fy1feNPe4d31fomOl5sDToisYKjWgMa_ZV8uv4JYaU-JriB4a5RAa96gy68uuPSzsIixVqSpYsJIGJEaCdwYu_pcbzVVtv3LcPI
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Sep 2022 20:51:39 GMT
X-Proxy-Origin
217.64.151.31; 217.64.151.31; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
a72c4bb3-5fd8-47fd-ac6a-d2331405819a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3ODc1Njg5NTk3NDIwMDIzNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9778 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 07:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46843
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Sep 2022 07:50:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/ Frame 9778 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwHT6nYqatiWaQiFU6P5M3dhbbMQItVaDbEoAL74ifeNgantrJ2A2J6PK3pYcjhgZK7eXD7PvzRofEmOdicqmKajjmOg&cry=1&dbm_d=AKAmf-BON4gSu3piwHiCnb2U7gXeY092WazDoR9klZzRdEw0JyDrvOSBUF6S3FtJsrCYXzvZ0FjXWWZ5SBLMqHqjFOUgcpoM_iUZdq75USfTX_ZXsx9S5jERF1OKfRMuFgRgyP6O1QMZuVZUE-wvskfPDr6wk_5xgNEGFPX8THc2Rl_0WYw5i2dtO3-jN5ZBId3dc1EASn-TBd8aDXGrig3AQcJQ9wNh0Y5uuz-NHEf0u6HI_ijhQfWGymKfwt6JNRTFsfGxvzfs3-Xvt9zSH38y0RLPLrboyd8krmC02c0o-7pWIEcGeWTShQXl9ESz3PtPhUJs9yDXlH5-ZUUCzUaQda651JfDZwo0tfI71mMLbLZTn1FoCuW594V3WRsIIXudPuq5un6rhODwDvc_4L5LAnlcFzvXdpruYc8batDmEoX7EQ50eXMdiNBa_FaPjP_a-ZSPpLJQEqmalh-nsvHxh0o7ofXoNfbq4bKDOUS5wt_HPhWqQ71ar63MYCT7KCD2uj-nJBqRiIFfU3DsI4y1NxxWWKGPUEJrfeo4WPKnU5ma2rX_5RisiNtpDd2-beG6OGTE8yJvDigc2vGd8pVOfp8fqSWYyqSK5zVXDW_1hlPKBC_uEngUF08QEBKYOCbG6y5lasB2Boa1zh75LhZQbXmZ-4G4XEwsuBPIc8lRYozGkxGEDGwBQIy8Ht96TDp-0972v9hpE8lNMVt6cjQd1qUIlv1gj_M-ac5U39IY-lnJksZpFMA4Xaqod-Dmaf8NCYOJQIVvLxEpQ1TP4dglPTMgVbxzEX3oRCMxkmFDsvuRwDqGONhXVLgWyAlhP2-ySW2G45-KoenfykYIzMh6sX46CEM6Eu_D0eXai-YJH4Xe8nqDwpwhlgSixcFf6p1i5qjxG5fUxrM8g465g3hU-kCH0N6Z-szPHd9g7Hej6a7n-dVEMC0wu-aJya10ivBz9I_RlVz5PaHLYVhoJn_40V-9AMi_c40r7feO3npiSc7J-w7jNMoAaexMlTWt7vDI8sd0JXkHB33t0HfikgpNYHTCeW4JNjWbuCU1EUBl26u3wa1zb7A-st69bkj5hbxS5kdmyzqha1JKvNyyZE7qIb_YaeBuO3mgPyX-X0iKGeJqGJwyd7M_NoDVxJ_Ld-q90onATaKZrtxsCUkt3L2VOqtRtJzoVNGYS4odk6w7lxonVDTU7Gu8WScmKCGPENwg_mKqqShNCTxOLp9Viz36LpzEcNWWX3O_1AK4uL0BPtYxFSIgzWtuOQyVvp1owwUN-nR4sGTZ6-wkmxs8fNf3Z-fgdDuoCnzs51iqP-ARX4zOF6eZmuJmmShki5VQiNZhbGpK_IKvKtUEV1YfTegowGnp7nzzvdOyG0SEFXfcLWnjFfvh6fGoZIHVHiaBSYIUT-J9c3bhmWOWv3nMp-GRD-0isAJ0NbuEbO57bcrk1u3eFCivvlHhi2aw6uM6VXkRsW1n9zTom0x-STdQz70hyXGajNi3TGAveUbLoYriPskju1Ji0wg6HBDVQdwjBus0rEURPdL1-b3KvebQH2buAmHkN_kpZ1U0ni4jpa-hKez4MADxZFmJYxO_gx_io31tUYwUP1BdxxWoNmUO95oAlddBIXurRBsKv6kLO-QALkwaX1jRZo7F2g4ZYFo-DOH8x19Ygj8R3OvbWeJA87EXgEMqtMjEZhCKcby3MDJtkCGsd1KPJL0mx8SMgBLjV1Oi9FSbDspkATxeLo56tUmoMbCe-Tx3ZEePDHfpgW81DBof0N56IEQ4-P78lvHnLiICzLROuy1MUf2NvRJDoO8LjmnDGN-DHzmgugjhQSKhcOOUADBz6leoeWi_3H_Vg4x8mrepc1vutR0daHtMobjG9MFDoLsZw_FhQ2v7WeFCIKMPor1GpcMYUWx149SglgkqahBkTzRiZ_Bene0t4v1ghpT9DbBSV5RkXyIzbyCbfkUok7sxKbD_-mIgBHEj6uyOwnl30LGvIZkKUyykaf7kX-arFTBOpzsCB0FcAPmBQIUI2fvpeLc3X8ztnTRwfZ0LFzITTdlT33xu8nl6rJC1Pg2-uOsRYZIKsKi6xEmLy-JGNGP1mgphVfl8ntggofaVNOfbyl8ZQEig6SW6LBngy0E4cf-UR_ihjHuHlaFIvj67bO0oLT034PZAvWZXn9hjhpGgnMmLxGHYIWUNNqhnrtxcnTxFf1USpSNIVuNfxribaJp-aIyJY0AQs-Ps-KrOK9N-CZ8yPtOqYV4e3LYU-GMuApQ5WClgXWvXIM_ffpvjL-gIaJoSVrbRWBmVwRDjq5PyeqQFg4yM_KdX3fR52CNC_kK8m6ZIgNevA8wPyhDTLG0Be4DQCTYtxMsXEzWkAr6s8YxcYotz9A_p80aT-rjCeTFh3BABye1vOVrsKsbtZyXOiSmMHkC7II6Z9vvkr70MgAv7vLEdDZqUw3mdTZ4hR_YO6E0DxwC54NkPovhXrHnO9wCnrXdI8Azn69euPdh20w9Q8JIF9OLx7R_0Isl_0I3gXiRiMQsrn8h8-S25NOzgizHOhaY8Ny8WLVa0FwV_q4Vx9q_5jyryqbFjkaZ6D1JmZIZXDXrtHxkT4btnZxUx42T7s0YpSd_n9v1-f2YROg55S8TQfIPA0lUm_q04S12CvvqdJaJov5Lj0sw1GX6C7eU72vD-a3BKwlyJp5U6wWBmPCKPcQ8Wrj4AF22eLPAIHZv65kwLYJdWdIIkYyo2kc7hWwnu1OCguT5384RmR5CISV6fKeTRFxsbDb9dHdM5Ktbt7QrLmkoTPF5Oioi7yoBFeF_-jGyQ49bU82cXMgjxBDO98SyJmUxWlURMYrOMhrWqssrUDVrV2s9FL5IUx4o&cid=CAASJORo74aCqPI_co68wmEahVXas7FWv9tZWs7EykB2NB6T6nikew&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 20:47:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame 9778 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwHT6nYqatiWaQiFU6P5M3dhbbMQItVaDbEoAL74ifeNgantrJ2A2J6PK3pYcjhgZK7eXD7PvzRofEmOdicqmKajjmOg&cry=1&dbm_d=AKAmf-BON4gSu3piwHiCnb2U7gXeY092WazDoR9klZzRdEw0JyDrvOSBUF6S3FtJsrCYXzvZ0FjXWWZ5SBLMqHqjFOUgcpoM_iUZdq75USfTX_ZXsx9S5jERF1OKfRMuFgRgyP6O1QMZuVZUE-wvskfPDr6wk_5xgNEGFPX8THc2Rl_0WYw5i2dtO3-jN5ZBId3dc1EASn-TBd8aDXGrig3AQcJQ9wNh0Y5uuz-NHEf0u6HI_ijhQfWGymKfwt6JNRTFsfGxvzfs3-Xvt9zSH38y0RLPLrboyd8krmC02c0o-7pWIEcGeWTShQXl9ESz3PtPhUJs9yDXlH5-ZUUCzUaQda651JfDZwo0tfI71mMLbLZTn1FoCuW594V3WRsIIXudPuq5un6rhODwDvc_4L5LAnlcFzvXdpruYc8batDmEoX7EQ50eXMdiNBa_FaPjP_a-ZSPpLJQEqmalh-nsvHxh0o7ofXoNfbq4bKDOUS5wt_HPhWqQ71ar63MYCT7KCD2uj-nJBqRiIFfU3DsI4y1NxxWWKGPUEJrfeo4WPKnU5ma2rX_5RisiNtpDd2-beG6OGTE8yJvDigc2vGd8pVOfp8fqSWYyqSK5zVXDW_1hlPKBC_uEngUF08QEBKYOCbG6y5lasB2Boa1zh75LhZQbXmZ-4G4XEwsuBPIc8lRYozGkxGEDGwBQIy8Ht96TDp-0972v9hpE8lNMVt6cjQd1qUIlv1gj_M-ac5U39IY-lnJksZpFMA4Xaqod-Dmaf8NCYOJQIVvLxEpQ1TP4dglPTMgVbxzEX3oRCMxkmFDsvuRwDqGONhXVLgWyAlhP2-ySW2G45-KoenfykYIzMh6sX46CEM6Eu_D0eXai-YJH4Xe8nqDwpwhlgSixcFf6p1i5qjxG5fUxrM8g465g3hU-kCH0N6Z-szPHd9g7Hej6a7n-dVEMC0wu-aJya10ivBz9I_RlVz5PaHLYVhoJn_40V-9AMi_c40r7feO3npiSc7J-w7jNMoAaexMlTWt7vDI8sd0JXkHB33t0HfikgpNYHTCeW4JNjWbuCU1EUBl26u3wa1zb7A-st69bkj5hbxS5kdmyzqha1JKvNyyZE7qIb_YaeBuO3mgPyX-X0iKGeJqGJwyd7M_NoDVxJ_Ld-q90onATaKZrtxsCUkt3L2VOqtRtJzoVNGYS4odk6w7lxonVDTU7Gu8WScmKCGPENwg_mKqqShNCTxOLp9Viz36LpzEcNWWX3O_1AK4uL0BPtYxFSIgzWtuOQyVvp1owwUN-nR4sGTZ6-wkmxs8fNf3Z-fgdDuoCnzs51iqP-ARX4zOF6eZmuJmmShki5VQiNZhbGpK_IKvKtUEV1YfTegowGnp7nzzvdOyG0SEFXfcLWnjFfvh6fGoZIHVHiaBSYIUT-J9c3bhmWOWv3nMp-GRD-0isAJ0NbuEbO57bcrk1u3eFCivvlHhi2aw6uM6VXkRsW1n9zTom0x-STdQz70hyXGajNi3TGAveUbLoYriPskju1Ji0wg6HBDVQdwjBus0rEURPdL1-b3KvebQH2buAmHkN_kpZ1U0ni4jpa-hKez4MADxZFmJYxO_gx_io31tUYwUP1BdxxWoNmUO95oAlddBIXurRBsKv6kLO-QALkwaX1jRZo7F2g4ZYFo-DOH8x19Ygj8R3OvbWeJA87EXgEMqtMjEZhCKcby3MDJtkCGsd1KPJL0mx8SMgBLjV1Oi9FSbDspkATxeLo56tUmoMbCe-Tx3ZEePDHfpgW81DBof0N56IEQ4-P78lvHnLiICzLROuy1MUf2NvRJDoO8LjmnDGN-DHzmgugjhQSKhcOOUADBz6leoeWi_3H_Vg4x8mrepc1vutR0daHtMobjG9MFDoLsZw_FhQ2v7WeFCIKMPor1GpcMYUWx149SglgkqahBkTzRiZ_Bene0t4v1ghpT9DbBSV5RkXyIzbyCbfkUok7sxKbD_-mIgBHEj6uyOwnl30LGvIZkKUyykaf7kX-arFTBOpzsCB0FcAPmBQIUI2fvpeLc3X8ztnTRwfZ0LFzITTdlT33xu8nl6rJC1Pg2-uOsRYZIKsKi6xEmLy-JGNGP1mgphVfl8ntggofaVNOfbyl8ZQEig6SW6LBngy0E4cf-UR_ihjHuHlaFIvj67bO0oLT034PZAvWZXn9hjhpGgnMmLxGHYIWUNNqhnrtxcnTxFf1USpSNIVuNfxribaJp-aIyJY0AQs-Ps-KrOK9N-CZ8yPtOqYV4e3LYU-GMuApQ5WClgXWvXIM_ffpvjL-gIaJoSVrbRWBmVwRDjq5PyeqQFg4yM_KdX3fR52CNC_kK8m6ZIgNevA8wPyhDTLG0Be4DQCTYtxMsXEzWkAr6s8YxcYotz9A_p80aT-rjCeTFh3BABye1vOVrsKsbtZyXOiSmMHkC7II6Z9vvkr70MgAv7vLEdDZqUw3mdTZ4hR_YO6E0DxwC54NkPovhXrHnO9wCnrXdI8Azn69euPdh20w9Q8JIF9OLx7R_0Isl_0I3gXiRiMQsrn8h8-S25NOzgizHOhaY8Ny8WLVa0FwV_q4Vx9q_5jyryqbFjkaZ6D1JmZIZXDXrtHxkT4btnZxUx42T7s0YpSd_n9v1-f2YROg55S8TQfIPA0lUm_q04S12CvvqdJaJov5Lj0sw1GX6C7eU72vD-a3BKwlyJp5U6wWBmPCKPcQ8Wrj4AF22eLPAIHZv65kwLYJdWdIIkYyo2kc7hWwnu1OCguT5384RmR5CISV6fKeTRFxsbDb9dHdM5Ktbt7QrLmkoTPF5Oioi7yoBFeF_-jGyQ49bU82cXMgjxBDO98SyJmUxWlURMYrOMhrWqssrUDVrV2s9FL5IUx4o&cid=CAASJORo74aCqPI_co68wmEahVXas7FWv9tZWs7EykB2NB6T6nikew&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:46:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
313
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11802
x-xss-protection
0
server
cafe
etag
16304758110791105277
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 20:46:26 GMT
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame 9702 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 19:40:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Sep 2023 19:40:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 988B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220901&jk=4417266648250826&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9778 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 07:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
392442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Sep 2023 07:50:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 047C 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27384
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 13:15:15 GMT
etag
48472445140208031
expires
Wed, 07 Sep 2022 13:15:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9778 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af8c6136595007e680cd30c53c0ae4c8084809e459ddab035f56b8f3a9525922

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
sid
mug.criteo.com/ Frame 9E64
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=yCOFN3xtWkhzaVNaa2Z1QnBLSDh6YVU5SFZOdnZkc1hmemYxbngyVTdydjVFTEN3QjdKUjVBNVBVU0dGWHV0akFvSFZUaUlKcjA0MVpEOG1PTzhaNWtXcmc3VWxHSzlWRjdCczc0M0lHOXlWTU9uWDBOWTh3Y21lKzlZeV...
417 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yCOFN3xtWkhzaVNaa2Z1QnBLSDh6YVU5SFZOdnZkc1hmemYxbngyVTdydjVFTEN3QjdKUjVBNVBVU0dGWHV0akFvSFZUaUlKcjA0MVpEOG1PTzhaNWtXcmc3VWxHSzlWRjdCczc0M0lHOXlWTU9uWDBOWTh3Y21lKzlZeVBlOW92NFdxSVlWK1phZTdjM2RFNEEyeEVndDVPdEtBNFZaSGxkenoxbE5idjVQZ3VDTzRvRFo5d0p5OGRtaVREZEFMclJ0OGF1Q1pPQ0t3eXpFSzJrTGJUMktUZG1ZeVVBVmMvOTVCN0xEeXZiNWpLVEtYcTFUSXRNMWoxVUJteUhBUGlTSUJKckk1VXZJdUFLK0dvZEdjTGRvSm8zTklqdjNYL3p3a0E5Z0IwU2NXZWI0Yz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d3625003d30ae778418ada878092b90ca4be5918f00c6fe5825bf8a34d787cc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1665195
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:38 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=yCOFN3xtWkhzaVNaa2Z1QnBLSDh6YVU5SFZOdnZkc1hmemYxbngyVTdydjVFTEN3QjdKUjVBNVBVU0dGWHV0akFvSFZUaUlKcjA0MVpEOG1PTzhaNWtXcmc3VWxHSzlWRjdCczc0M0lHOXlWTU9uWDBOWTh3Y21lKzlZeVBlOW92NFdxSVlWK1phZTdjM2RFNEEyeEVndDVPdEtBNFZaSGxkenoxbE5idjVQZ3VDTzRvRFo5d0p5OGRtaVREZEFMclJ0OGF1Q1pPQ0t3eXpFSzJrTGJUMktUZG1ZeVVBVmMvOTVCN0xEeXZiNWpLVEtYcTFUSXRNMWoxVUJteUhBUGlTSUJKckk1VXZJdUFLK0dvZEdjTGRvSm8zTklqdjNYL3p3a0E5Z0IwU2NXZWI0Yz18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
472866
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Sep 2022 20:51:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
392625
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
idSync
sync.aralego.com/ Frame 9E64 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 20:51:39 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cm
c.holmesmind.com/ Frame 9E64 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:39 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 83D8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
392442
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Sep 2022 07:50:57 GMT
expires
Sat, 02 Sep 2023 07:50:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 047C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM8C6dgXmcEB9PkzSpAbZe8&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEM8C6dgXmcEB9PkzSpAbZe8&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVQ4TUl4eE8xT3ZGeE41&google_gid=CAESEM8C6dgXmcEB9PkzSpAbZe8&google_cver=1&google_push=AehlK4B6qIJyUUAnELk7nLoyiWJtRztiCCH74W9EDrnUOlV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVQ4TUl4eE8xT3ZGeE41&google_gid=CAESEM8C6dgXmcEB9PkzSpAbZe8&google_cver=1&google_push=AehlK4B6qIJyUUAnELk7nLoyiWJtRztiCCH74W9EDrnUOlV58rxq1rEZ2DMjrQKC-NBuZxXATGmEcrnK181EZHJi2UvOw5MJl1Js2A
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Sep 2022 20:51:39 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-09d402fd386b2a89c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVQ4TUl4eE8xT3ZGeE41&google_gid=CAESEM8C6dgXmcEB9PkzSpAbZe8&google_cver=1&google_push=AehlK4B6qIJyUUAnELk7nLoyiWJtRztiCCH74W9EDrnUOlV58rxq1rEZ2DMjrQKC-NBuZxXATGmEcrnK181EZHJi2UvOw5MJl1Js2A
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 047C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEOtgHUO_xDnJrPdkA_C5PQ&google_push=AehlK4BeZ6dc_iSvfURNVkt2gLAEPYQhi7EfAP0aTlFBTrC19-tP9yIESZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEOtgHUO_xDnJrPdkA_C5PQ&google_push=AehlK4BeZ6dc_iSvfURNVkt2gLAEPYQhi7EfAP0aTlFBTrC19-tP9yIESZdKo8lYy-_LqeZO8_B7Rxusf6Yz_cNfaKo3nwanibPXaQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1662497500.699454,VS0,VE89
x-served-by
cache-hhn4022-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEOtgHUO_xDnJrPdkA_C5PQ&google_push=AehlK4BeZ6dc_iSvfURNVkt2gLAEPYQhi7EfAP0aTlFBTrC19-tP9yIESZdKo8lYy-_LqeZO8_B7Rxusf6Yz_cNfaKo3nwanibPXaQ
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 047C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAi8bopQFy3dsBF0E5X0arU&google_cver=1&google_push=AehlK4AtGSIk-c3Opgi93oAcRjUoZqZTzOfVwhDo2svANsELxYXTTrsxTp2EfuWP9bUh2Qkg0i3q4RBWVxhLdwaCvBFL...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAi8bopQFy3dsBF0E5X0arU&google_cver=1&google_push=AehlK4AtGSIk-c3Opgi93oAcRjUoZqZTzOfVwhDo2svANsELxYXTTrsxTp2EfuWP9bUh2Qkg0i3q4RBWVxhLdw...
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=4252b6eb-3095-401e-91d9-5c741c054eaa&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4AtGSIk-c3Opgi93oAcRjUoZqZTzOfVwhDo2svANsELxYXTTrsxTp2EfuWP9bUh2Qkg0i3q4RBWVxhLdwaCvBFLf1hfKWdT&google_hm=VL65KmVmQrGUKKpOZsCvDg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4AtGSIk-c3Opgi93oAcRjUoZqZTzOfVwhDo2svANsELxYXTTrsxTp2EfuWP9bUh2Qkg0i3q4RBWVxhLdwaCvBFLf1hfKWdT&google_hm=VL65KmVmQrGUKKpOZsCvDg==
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4AtGSIk-c3Opgi93oAcRjUoZqZTzOfVwhDo2svANsELxYXTTrsxTp2EfuWP9bUh2Qkg0i3q4RBWVxhLdwaCvBFLf1hfKWdT&google_hm=VL65KmVmQrGUKKpOZsCvDg==
Date
Tue, 06 Sep 2022 20:51:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
gg_pixel
sync.adaptv.advertising.com/ Frame 047C 		0
0
pixel
cm.g.doubleclick.net/ Frame 047C
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEIsbyo4b52uu9GdWFGER7ro&google_cver=1&google_push=AehlK4BU-k_ADVRernfoHzW6yG6s3VUJdVAjJ4VlrJPgc6GmSQ3BGKbK1tMtVhlnQJuIbj2pwxKN3EpnCviDqtlmqBK_cg...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIsbyo4b52uu9GdWFGER7ro&google_cver=1&google_push=AehlK4BU-k_ADVRernfoHzW6yG6s3VUJdVAjJ4VlrJPgc6GmSQ3BGKbK1tMtVhlnQJuIbj2pwxKN3EpnCviDqtlm...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oKT-yjiGT2yO0C9SERVApg&google_push=AehlK4BU-k_ADVRernfoHzW6yG6s3VUJdVAjJ4VlrJPgc6GmSQ3BGKbK1tMtVhlnQJuIbj2pwxKN3EpnCviDqtl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oKT-yjiGT2yO0C9SERVApg&google_push=AehlK4BU-k_ADVRernfoHzW6yG6s3VUJdVAjJ4VlrJPgc6GmSQ3BGKbK1tMtVhlnQJuIbj2pwxKN3EpnCviDqtlmqBK_cgu8PYuw3A
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=oKT-yjiGT2yO0C9SERVApg&google_push=AehlK4BU-k_ADVRernfoHzW6yG6s3VUJdVAjJ4VlrJPgc6GmSQ3BGKbK1tMtVhlnQJuIbj2pwxKN3EpnCviDqtlmqBK_cgu8PYuw3A
date
Tue, 06 Sep 2022 20:51:40 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 047C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4AU0sAOe19YTmG8Khx8lpmxwlP01M2OZf1AFnHm_h-lhgOBiMf-GyyuuntIZQ6j7ENsKHfDLq8V7AEQwa5xOIbIZ8iQZWgMxA&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-66ff9461-a101-4ec0-88d6-632e8dd510e1-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4AU0sAOe19YTmG8Khx8l...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4AU0sAOe19YTmG8Khx8lpmxwlP01M2OZf1AFnHm_h-lhgOBiMf-GyyuuntIZQ6j7ENsKHfDLq8V7AEQwa5xOIbIZ8iQZWgMxA&google_hm=A2b_lGGhAU7AiNZjLo3VEOE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4AU0sAOe19YTmG8Khx8lpmxwlP01M2OZf1AFnHm_h-lhgOBiMf-GyyuuntIZQ6j7ENsKHfDLq8V7AEQwa5xOIbIZ8iQZWgMxA&google_hm=A2b_lGGhAU7AiNZjLo3VEOE
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4AU0sAOe19YTmG8Khx8lpmxwlP01M2OZf1AFnHm_h-lhgOBiMf-GyyuuntIZQ6j7ENsKHfDLq8V7AEQwa5xOIbIZ8iQZWgMxA&google_hm=A2b_lGGhAU7AiNZjLo3VEOE
date
Tue, 06 Sep 2022 20:51:39 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX66ff9461a1014ec088d6632e8dd510e1003
content-type
text/html
/
onetag-sys.com/match/ Frame 047C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPanpw9HiP6PWnSbFjKkNAg&google_cver=1&google_push=AehlK4C2T9aOwf65yfDDYeseaUG0YmLeCWuJRiE1KdWWHv7fV7vRZKcBZXw9Ohd23XI4zInmPFquDgSryyA...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4C2T9aOwf65yfDDYeseaUG0YmLeCWuJRiE1KdWWHv7fV7vRZKcBZXw9Ohd23XI4zInmPFquDgSryyAOHqHrgyocjFICstdxMFI
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Protocol
H2
Server
51.89.9.253 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 047C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlEjHcCk3Jtrbj9L4ImoUXAjZmBUuJzCrSIy9TCnxOWBgtTMSD9JFjHjOUWRTpgEUikaA5rA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1662497499&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498970&bpp=13&bdt=459&idt=181&shv=r20220901&mjsv=m202208310101&ptt=5&saldr=sa&cookie=ID%3D4a154e35509040fe-22e9721915ce000d%3AT%3D1662497498%3ART%3D1662497498%3AS%3DALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg&correlator=7378697288917&frm=23&ife=1&pv=1&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=434354673&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1089055806&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069329%2C31068920&oid=2&pvsid=610479110487878&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.jy83z8aecayn&fsb=1&dtd=193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/11265002931640406990/ Frame DD31 		35 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
36dca21cf18cf318853921fc7bbab0e2bd6d3a7d0f4fcd8b002cb6e91b32087f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
25251
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5573
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 13:50:48 GMT
expires
Wed, 06 Sep 2023 13:50:48 GMT
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9778 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhVqG8pFP4R9RhVhUpsvCWJz51m4ZqyhXFYU2dNpckdAqwsU-VqJsg4BxlmHOQ1Ou1q_dtzHmtVoAhqM37oSkOeVsVVNqHKq23GNftM30-EpKbDMqivjE9Y1cPMc0Bco8AYoHi_bjSLbPKxwn_z_QgfWGyQ3KabcIuVAC1w7Kxpcy95DmBYyt15LRi3VLfT04wk62F1O8sHOYPkTOybriz26S_wg24w3-4zokPXCkxJT7iRcynJBoQzrM0tCEnMk6uHXaCWbdNoBkm9f4jcvztxQYpExv3lKfO3RTA3b12tYP70GO2oaSYc4svhIxb_PXLojGzN6yp7_C9YYZgh8q3_vlOHiJTJ8DusdZaHNofXuuSMC5dhBOsSAArHLutLpbT1peY5zU5G5-ZswTPcLbGAlmDCPiaGjdOx147f5IsW_kYlp1DOPPbUCS4ldCVVCmNGC2IVfMWt6-mfSHY0TGlR9elnBxvjhnjueFOkOrihWA_KseXt6eLG2QpL1lNcesnMeXUUVi3Os_vgnTtJ6Tk4-7EtKs3WmyFP7WJtzBOb_NaA1_cdEF8Nc-0UMqIjb6o3ntXYRkFA1TWxYnE_-ZEb3JbkvXvfJxYQRqXEdvoNNhSLMon66z1Y4tgjMnEcOHVgT-VkpXORdBGEQVj0yXuMHt9u08DweGlWN3dEOn6rZ5A__lNXrpExPWO51InXypYw5JZDiAzUYp4t33Ytdv2jj9iksXGF60_N5R2R--iMTMZbl_UEF0gq964nodQCBZowA1DZUVWxM9ngLG5eoCz1ZXBHQZnYFO2F0mhlW2OalqaiUJBANkb_KOmm3e1HjbPt5oqxpMphAEc7kyFFk31ZPeZtNiwYzi73JPdOlcK1EkZNJWRAkuvK-SZpLsVGriWNnVkcu92CTu65rUzmOSwOiAZwxB1edru-lXal6hI2Vf9gTmQ-jPiq_f1voRo38-BiZYpJhh9Jr-KdG82LZF2zjtQq-_SqfyjLg4_qcilnB4j_O9at6T11QsoTZYNCEEfApfX1IxYRF3IEbvjt6kpgPlLzKQwpgvoomrxmVpx35a0VGdaPUydrESqPnLn63o6R7ni-q1s9CvIx9JlfRhuPLhiLIdaSg4U7Th5MbwUZvddd6a6aUV6WHS0XfEuumjD99dtCNCd9Awtb6K0&sai=AMfl-YQgQttkYcHV5KrRSQubmoLahKc9fCjRTir0UiDS1SWQ05_FNYnc6W7xfk0AG8E_Cv_07q-a8DTxhilOX0gQT0Z2te53e-xjI4osCOf85tmWO-0H6WzmoQZTDI1tltwhzndw7NO50-TVAGWWF7xHwauQKqjYtoxugM9EksFoEMRnYleIO3xliTiPWHRUzAGkB4nEWVgwQjC-0bmGPhGVk53eSuiEXBi062nnb6Qtl7ZP&sig=Cg0ArKJSzBkMdaqZzZr3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=97&cbvp=1&cstd=95&cisv=r20220901.71494&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 06 Sep 2022 20:51:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yCOFN3xtWkhzaVNaa2Z1QnBLSDh6YVU5SFZOdnZkc1hmemYxbngyVTdydjVFTEN3QjdKUjVBNVBVU0dGWHV0akFvSFZUaUlKcjA0MVpEOG1PTzhaNWtXcmc3VWxHSzlWRjdCczc0M0lHOXlWTU9uWDBOWTh3Y21lKzlZeVBlOW92NFdxSVlWK1phZTdjM2RFNEEyeEVndDVPdEtBNFZaSGxkenoxbE5idjVQZ3VDTzRvRFo5d0p5OGRtaVREZEFMclJ0OGF1Q1pPQ0t3eXpFSzJrTGJUMktUZG1ZeVVBVmMvOTVCN0xEeXZiNWpLVEtYcTFUSXRNMWoxVUJteUhBUGlTSUJKckk1VXZJdUFLK0dvZEdjTGRvSm8zTklqdjNYL3p3a0E5Z0IwU2NXZWI0Yz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 06 Sep 2022 20:51:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
452413
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
generate_204
tpc.googlesyndication.com/ Frame 9702 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YSgAwQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame 83D8 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 19:40:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Sep 2023 19:40:35 GMT
45d92f8f595e6f0d29129d0a9e75108b.js
s0.2mdn.net/sadbundle/11265002931640406990/ Frame DD31 		89 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/45d92f8f595e6f0d29129d0a9e75108b.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cc5699231fdc88e30eb73ad21cd91bb3e67f8d63eca747080e88ca91643ec9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 13:50:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25251
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25351
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Sep 2023 13:50:48 GMT
css
fonts.googleapis.com/ Frame DD31 		4 KB
593 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d352797c9473d7a0f0d88d182633330a8a7058a68cd6c052a8a2e2e6ffba4e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 20:48:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 06 Sep 2022 20:51:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Sep 2022 20:51:39 GMT
d071fe7046e1d7af466c36fcf4e2c6d9.jpg
s0.2mdn.net/sadbundle/11265002931640406990/media/ Frame DD31 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/media/d071fe7046e1d7af466c36fcf4e2c6d9.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
151399565e841b5bc0abe1bdd07b7f7143183fd6300518a14edc5fe665fa48bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 13:50:48 GMT
x-content-type-options
nosniff
age
25251
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13219
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Sep 2023 13:50:48 GMT
06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/11265002931640406990/media/ Frame DD31 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 13:50:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25251
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1998
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Sep 2023 13:50:48 GMT
a2292ba95cee61cdff2ee6d583b99808.png
s0.2mdn.net/sadbundle/11265002931640406990/media/ Frame DD31 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/media/a2292ba95cee61cdff2ee6d583b99808.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f733b80a77aeed329f3b0e4b38c7bdb342a367847fac6a8f9647bb48c333aa3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 13:50:48 GMT
x-content-type-options
nosniff
age
25251
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2101
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Sep 2023 13:50:48 GMT
d8a4848a2c6ab306e084f3f211618a69.png
s0.2mdn.net/sadbundle/11265002931640406990/media/ Frame DD31 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/media/d8a4848a2c6ab306e084f3f211618a69.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b03919a01615423f8881da95bc3f1f9a9f6d8330fb18c710f1dca463e18fe6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 13:50:48 GMT
x-content-type-options
nosniff
age
25251
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5664
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Sep 2023 13:50:48 GMT
5eded377b78fe0844535a69788efbd10.png
s0.2mdn.net/sadbundle/11265002931640406990/media/ Frame DD31 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/media/5eded377b78fe0844535a69788efbd10.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
28a008879e1b9e67d23125f4627ffd4c8e738d47b9820860da4f27dc8c6a037f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 13:50:48 GMT
x-content-type-options
nosniff
age
25251
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Sep 2023 13:50:48 GMT
aa449a535a846d6ae1cecb4a6549fb4c.png
s0.2mdn.net/sadbundle/11265002931640406990/media/ Frame DD31 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11265002931640406990/media/aa449a535a846d6ae1cecb4a6549fb4c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
17d57538011219c60aec91ff6d35c15abda9314d0f692f071843563e730c0858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11265002931640406990/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 13:50:48 GMT
x-content-type-options
nosniff
age
25251
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2908
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Sep 2023 13:50:48 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9778 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhVqG8pFP4R9RhVhUpsvCWJz51m4ZqyhXFYU2dNpckdAqwsU-VqJsg4BxlmHOQ1Ou1q_dtzHmtVoAhqM37oSkOeVsVVNqHKq23GNftM30-EpKbDMqivjE9Y1cPMc0Bco8AYoHi_bjSLbPKxwn_z_QgfWGyQ3KabcIuVAC1w7Kxpcy95DmBYyt15LRi3VLfT04wk62F1O8sHOYPkTOybriz26S_wg24w3-4zokPXCkxJT7iRcynJBoQzrM0tCEnMk6uHXaCWbdNoBkm9f4jcvztxQYpExv3lKfO3RTA3b12tYP70GO2oaSYc4svhIxb_PXLojGzN6yp7_C9YYZgh8q3_vlOHiJTJ8DusdZaHNofXuuSMC5dhBOsSAArHLutLpbT1peY5zU5G5-ZswTPcLbGAlmDCPiaGjdOx147f5IsW_kYlp1DOPPbUCS4ldCVVCmNGC2IVfMWt6-mfSHY0TGlR9elnBxvjhnjueFOkOrihWA_KseXt6eLG2QpL1lNcesnMeXUUVi3Os_vgnTtJ6Tk4-7EtKs3WmyFP7WJtzBOb_NaA1_cdEF8Nc-0UMqIjb6o3ntXYRkFA1TWxYnE_-ZEb3JbkvXvfJxYQRqXEdvoNNhSLMon66z1Y4tgjMnEcOHVgT-VkpXORdBGEQVj0yXuMHt9u08DweGlWN3dEOn6rZ5A__lNXrpExPWO51InXypYw5JZDiAzUYp4t33Ytdv2jj9iksXGF60_N5R2R--iMTMZbl_UEF0gq964nodQCBZowA1DZUVWxM9ngLG5eoCz1ZXBHQZnYFO2F0mhlW2OalqaiUJBANkb_KOmm3e1HjbPt5oqxpMphAEc7kyFFk31ZPeZtNiwYzi73JPdOlcK1EkZNJWRAkuvK-SZpLsVGriWNnVkcu92CTu65rUzmOSwOiAZwxB1edru-lXal6hI2Vf9gTmQ-jPiq_f1voRo38-BiZYpJhh9Jr-KdG82LZF2zjtQq-_SqfyjLg4_qcilnB4j_O9at6T11QsoTZYNCEEfApfX1IxYRF3IEbvjt6kpgPlLzKQwpgvoomrxmVpx35a0VGdaPUydrESqPnLn63o6R7ni-q1s9CvIx9JlfRhuPLhiLIdaSg4U7Th5MbwUZvddd6a6aUV6WHS0XfEuumjD99dtCNCd9Awtb6K0&sai=AMfl-YQgQttkYcHV5KrRSQubmoLahKc9fCjRTir0UiDS1SWQ05_FNYnc6W7xfk0AG8E_Cv_07q-a8DTxhilOX0gQT0Z2te53e-xjI4osCOf85tmWO-0H6WzmoQZTDI1tltwhzndw7NO50-TVAGWWF7xHwauQKqjYtoxugM9EksFoEMRnYleIO3xliTiPWHRUzAGkB4nEWVgwQjC-0bmGPhGVk53eSuiEXBi062nnb6Qtl7ZP&sig=Cg0ArKJSzBkMdaqZzZr3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=263&vt=11&dtpt=166&dett=3&cstd=95&cisv=r20220901.71494&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 20:51:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DD31 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 20:10:25 GMT
x-content-type-options
nosniff
age
520874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 20:10:25 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DD31 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 08:45:00 GMT
x-content-type-options
nosniff
age
561999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 08:45:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 142F 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220901&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31069329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db087061449633412585677f7951af1ced81ddb5cc4c43f5c9575a04fec52b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 20:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11261
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 83D8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bk7Yq27IXY_P7HpiN7_UPmbyP0A0AAAAAOAHgBAI&bg=!sLOls_fNAAZTikH4c4o7ACkAdvg8WvFzNqSFPWMRFRfA-gATtK2-MFFOyFOpET1JJZ4FbSDUw6Im3QIAAABaUgAAAAJoAQcKAG731300I3saHfMjr8RWkTNL5JOTgZKHRQWcRAIPV6ykKjOw7k91szlVjyoU9L_D9Es8a0Q-oFHXCdW02qhu1pQ1gwzoNBskHtzKtvCUJG6o8-ttuA5oEQP3HmSqwiBZndYFKoYq5nVsXPWgfF300pkDJha21UlAQ9G26EUiBkCW4C9aGv7XrCDg5a0KM1uoz--pyyRpicFFYnuxKeXz0X9xWH2S0e3ZP6D7l-t_yoNrBeDrWhBEQ8IhNnRZYlbFoW5pT_DW7mY_WeQIFmEsFqedohHeS-C0BK06i6-Gsj_wOZxJgaYH3YzaIFGZKAyWzyM8HnRGKVg7XgqGeOWk_SZiQEzeavgvyunVynuabP87VW8plC_MbHSfde5KMXyINdaOdATVP34RSzyh6Gyi2fG9RH2wiAOXOPVWGAsojThkYW-WRSo0sLhrNNAuggbNJaYWIlI54bUCona-pb1wMr3bpRSFRROLde5EsML7d-00Nua6gjBaMcZFo3XKcdiNTWYd-Cur4cl5iDtQLQxfviuka5a31cZS6aY15XHqzrk56xU3E950oWQraczpF_1Ptfvg86NKpXRCuTL7MA5nneWWRSbonFeK4nsWn_Nho4bXDBBo6rH2oFyxmRrVzCHzWjja49UOXcpB4yDfaowyayeXgKS-k_IGBNqMgf_T7OxNT6zD0_1GW5JxGNaXh-JbBhUF_O_60S7EiGcmVliJeQDLR7LMU8Ow_xMKM4xMq8q3kVVo5q6ypZiOhpyMJcg49RTUo9w_SqXahJjoHL30CP7q2VEr2gTvvRDd1M_HuEZkEKtt4kZ0CWnme8cKibG9shNgZ_ti5A9opE7sDs4MA0tfXO0qf-8rZ85q3m49DUrxYPSg5lV4TihR8CTJo_DXr00cKTZo6QOTQV0y-Y6cCZzaGNMDIXFlDv-5aH1Lwz8AYL52Gqf8w0rLa_hd-NJkzYSO9N5bmPYLzjuIvLJwdrhcGJ6Y38lLwlSyQ_a6OiUGOU15ATy2q70e-hwJt9_jZOpnt-NbEh76QX9wMBvX--AaDqK1WV2-HugeyJoOS8xbv-Qib9IQK9hIP16TQvF1WHsjkTWz3iUtfhnv7mBHnWC1p5XGaU7JeLiq_HbSa5lC7LqzGg4ViCBz6TB0Y_nw7n3CgP5pF6C3ZvWgn7eugkdBG23ULt6hdp6sEMzWOqppCB9gLgTUC9zt_Vw3Z95vsz1WjNnlpBvR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 58AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090101&jk=1439908549522713&bg=!o6CloOTNAAZTikH4c4o7ACkAdvg8WqGxYrnllYXYap9KYosxwpCxfTP9KcvRXPAKe5Z-NjGqiE2aDQIAAADWUgAAAAJoAQcKAIe8jk4q4MzHZvz7ayrRi_dlzi6OnpSdx_cPvgcOaQLHVMal9zJaBEuvc5vklWlbnn_MKbB-blLeW-xM-DWaE8m1Msy1S9fMX76wQdHFtekBCiQyHrMEiDypfY3bzdoejJB9b5g--KBXxrcQH8_C_qQpHMZqHkEiH9GsVV870MZOxClDVr_3QWuZAvMPRkDUP0oenSnS2NiKdUEv9JzqCZNIop7Wa-mpZuDQndkHMdfW9ehocSL-gaeBFTeBzh3oNJUCF8ZAHgtGl7u5W0RWfshZtU72OuY5YAzGEiY0R7fTMAE18wwPUClTmjI2PUrFg7J3zHOQCm7VBqeXjlBfUkb2rVU8_YFi_VBqnszqlhuEj6xDE8SPJ33u87HAGoyPnfihYdulpQpGf6MGX_U5Dp7HUYgPcVRNtrNNHklKYrQQrKonqvCtOxxrL-JIsBEYD4E_-NsvzZmpCDSXXHOZAo5Qj4b1f5pn5FeMgo0kqRlGWVYii85vCSYrUihytp_HWN5M-apPaGsn8FovCaoScTDs58RuLX0nmkVaGB5fDaw3wREu2nYl_vCNkUuRfZ7YgRKCARC7Y3b2FFvvBxRVmoBzBM69CSfRubjAAh4TIowFsxPgExhdwib8TLtvQcTA6-21NLLY3KeDF1lE5YtoibYgaYpaMELtOKVymml6nX0kNZH3JV3c2JwOmF-uNI8SOQBeGU7bpufqgjL0jJjoeWg9y78bMeuO1v95VomkhfYXkF2CWHn1VLcYOWyOkuqh-hMV5zy8nfV0IVFkxaOGcNq7WgUe_ZxkB3Xo84EwnAAlE_E5eyaq8tOTLJPl1VzBJ3icJlTKyqSPF61VtqBofVIIh1KvoeqGn8T9XA-nZcYk1TT3GWFPpc91xTtg75zisArfrD_w-ZY902iAmlrI9PvQnJvz9sSCyCdmVLkh7lTizGd-EWugFDWlxz1N7hRSay4SFWpo27rQVSbW4D5fQx14ZlHBfemZOuLdpq4qK_tsHwO3gE7twiwmzDQ_sPybwN3znwSrogYwDAPv1Qf0TrL9xDmr3-lSpCfm1F2kiWdJh-jPs7u47nT1p8vIeQg0v7ymsZwVKFd-DQVq6hjSKfTTJDrRgOTWGAwsJeBPPZypTnT5GYWejjxE4SVSEGCAUDLIC6ulUYmoTFwJU65S3K39t_ZV2l0PL51BjgnPnQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame CD6F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090101&jk=2417438156392097&bg=!d3SldDDNAAZTikH4c4o7ACkAdvg8Wir6Y0mi975JoEZgWZXIESiT0nQ3pUEIS9bLTlJYuldytgCORQIAAACEUgAAAAJoAQcKAHei5wFH9GB2Ewl8LazPonTWRMtplh2raSgQDmUzhuvM6o7XJgc19ONZeYFsdl0ytn31Qi7fCRp66aIayvjlg1QKZdL1ZyybxR8eQlLRT93XyNwSjUFUwgXtIcQBkHR01HuyYkkKI7OKRbLJGIxUsNDN0V4omLlo0pkDBzHGfUW_Lw7nFFFT2qEg_QKtnDUbb94YJ5L_Qney79ItBkNt17gwt5KDPXUppKZoIl-QoLWCjmuMUzZSpmWvFcDL88MlwRWYo4ROcfE8UYuP-jgXDWAjf1d7eMknp0Mj-fXJHAjw7LeyqemTteRt7oYr0XHl7jE_ZWjui52BgnNn0szNyfhVTLaY7zCTCarKAt3RtNqukFOOy7JpRG1WJngDUH4WWAAsyHcnzef0LjTZGhefeDlMteyLGztEuqULD11GxlpxTz4NW4ryHFx8vUDbwXivPBeGgZUIRdHkdZh4itL1m7sCXMPNtieS-w-_QAdD-Wk566VSY7UA5eqWRRfQV8Uiwb-bf00hFZyBVpns_iQVGhqlTIuSrO5zm5nEUeIaqylf9MXi8DNoNVxGw8G4-9sTuJ_W14LTI1plaq9Hf2uQP9PHtbxesXhk0QBx7hUinggljWV-Uc5OY13jo-x13u3mKZvj8u0cA_iyUN6JmmUMXIJdEGTEUmZi0W8jM6EYm1TfjYmexGxLR63kH-b9NF9BVo2dcsGLXhJfShH25W0EMYBhXHqqngkrcFZUMeojqUSlmW7dZP6kg2gNAwzKEhYfclCsCT3bg6QpM8cuZY9DJGsRqktrbRhh8KMIkD-VD4vckdUlIU9pGWVKLECzihaoozZcXWrFK-buB9rAnkO0s48bMun9rnRBqadG8hjE1Nn-xOA3vQi4L8JVQEGqNkFYvIPUn1rzuNIzSc2vbAJZ9WHuUmwsZY7ewpn-O9R7KIoNxKhLwNXkGLizKuIUg-_LdDK7h3v9DgEUCS8DWo5QFEsohUMbnSY278UxOpft5mqYJ3u_f5yMo09NeyteqHlxKG-dRNrQrrSBt5pt1G1HXBEmKOnPbpS0B_3BnRVgHEMKtf7LeMOiu_4xhA9HQKqVBO9fsGJUOPuX8wjIxpRdTmprDz7EEFzVKSShxXZMQb3h-WFtMyql2B3myUkFcoNOns2fJfD-r6o4ch-KEaTOE_2gWrg1LFBrokWcqR7GKV5sido
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 142F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31069329
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 20:51:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E16B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
19519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 15:26:20 GMT
expires
Wed, 06 Sep 2023 15:26:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 92C6 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a833780079afd26f7dcb41de754726aa4a94abb8dcee6aa62c6ded25c9700ca8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wmVrxQjn9_pQTcSKTCpBxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-wmVrxQjn9_pQTcSKTCpBxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 20:51:40 GMT
expires
Tue, 06 Sep 2022 20:51:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame E16B 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 19:40:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Sep 2023 19:40:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 92C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220901&jk=610479110487878&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E16B 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lsLeUw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:51:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 2747 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220901&jk=4417266648250826&bg=!2dql2p7NAAZTikH4c4o7ACkAdvg8WoCmiXusNiaSJf_H3L1AEcC8LQjdcuzh-WQholKJQYkGr91-twIAAABpUgAAAANoAQeZAu5ffbBgv_TUqS2AQF6nIldywt39tNL-7UnCVG2UXJWzC3zaTs9-s2Rd6zw4byUl5-AE7bVxg1L-ru-eoi5iEnZE4-n4HxI9H7NabLLoVy_TKNk92k6vpEIqWpkMEJdMm0A710JPidqKwbC8oHrChEOEPXlpcrbVwCnhVKyF1tIprRvZnwNS9hUZ56SHAPiceeSQuXeIMYeaJLYrHIxEX3llLMBrplPnQmte-XImwV0OF5x9A2Pe5rDrCP4T_T_vRVXHALljsK7AiiyHF1aV4ndF7ufD8ub82Zj03TIcWaMl9mBalWgIosm5VaXAJz_pxEtHZboXHvBphhhV3uF5iYUW8YJH-M3tOEREkDUrg1ES-vHOtxnNx4jBM3vPhwujP6ICt93nJz4mLUhkVGOK1z1QZDMCAQ9gH4YTMbrf6rtlwecc8lzQRW7p5rnYNdi4jBqObKnWIXoJBtg4g2AErHgX7DGo-B919Prprv6e91XEutIwukxGyY_uQnm9TZ-30B5yNAhlkJMoNy4WWAAo09Cdxgv0ESCQoM3moi1QoNlI-F_hUxG9OretcQBGV1QDqYUzserCGKWq5g2ShmcZVGYmDYhzRntkJ6qllv59ZRzgxpiLrMQQ6-k_ZR4XC_ocCCumhsoYFaruRum3tr3xebCqEAOqHYyQFnPkz8NsZVFoFSdjMIyx2o16u8UmHLFud9cD9892H3su7Hb4vQsqN38yIf_317XjxomLGA8qyEv8o7rnLl8f-VgANNROCEmbipnXEH2qrSIV1GtswoTAFHBoUASyfHL5tU7TibJrxgL9isVu9s-slwY9HqdcRFIUpzw9K15F5o_S7IpEcEvebKgDTUTMo-K1rzXtCDY6DtXXWqucKIJsno2f2_bFQY6t-koQAH-KPzcGJPqio6naL9aVHYuH0Q-2oup9_MuIhFI6cbOB2j24x8dmv18Kv5I0rYpoNvs-5HVIc30ArD9oovYFDDMaMujMzEegb0B9VCA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame E4AA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssneMyQP-my7P6u3XFhrXz6mpnQcmQELhQPCTnzHlNaUx1Ep9wlXFnzIImNFH8dBDp0HprvPF7CE2hXzLO4lUnsk3H-6NDDYvf-ljHVH5UbjXQZ36o9GPme_A9wBbSl4ug9a3VoiPCxYwptWeBhRAjXbd3EXGgWLt_X1Q&sai=AMfl-YSg15m23W-ZZaTE86QhPKiucU-qFjPPJwiLcmNKCilsGj2pSYP8M1zOvG0F9qsBCWIG0cIwGshvGDBcK3doaPAp8Tanx3bvGI8&sig=Cg0ArKJSzHy7904h83RWEAE&cid=CAASF-RokFzytXNq9IqWQaYOXBsUI0NQ7ZH0&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=727071374&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662497498749&rpt=660&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 142F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220901&jk=610479110487878&bg=!x8SlxIDNAAZTikH4c4o7ACkAdvg8Wgq8JYkDRMerEvjkgw-dWs1YdzunLO1DnI-dILCY0jOFibxDxAIAAABWUgAAAAJoAQeZAvNJaLGCvb-r_MKtMguQkCwBz78MKbjSXRRSTUnTfJx4_aO0YGCIuex4LC_FGybnuI3HSxGKDIXnbuqt6vsf0GEUROn8dJ_baDySSLpdbMRZFUH222nVKJlBsb0d45Kpyfw5I5DEaKP50umjvnXf3wKjIBXvl5sI4S9v7IObDP-qdRmaFeGNzLAnJhx2FR4HP68OL2rRAkgBrdWdeQp676Ryy0yvMr3dlwYyYaCEzCKWYcB9vvcV7kDKAi8xWiZK_PiHf6Tf-m4Tr8GHX1tYbI1ctV-ohj1Xt_7Xl7tRfIBHlkBwtxxob-S3GYxQsMEuaEZz0pBEFWihW8OcTQ4JmxBTtsQWoNj9ChqrFuq9djP55Q0i9tlX5vtR7-kitqw-qYU_U_wv0iw4vlyQzaPIVm3GCAA0EudyU_tauUaXXH3bXx65z7lMyaVgVzC2f2WzvKXis444dqb4IuEePRPqxBlkXPNh2V7GVY-pigQgW90402yoR-x6lW1fuiyaMqDB2UuLyiMSHx5F8mCt75H4SVggxiwscvuOHnRLll7nQU2tzg6OaERCL90T9T7d40un-aKHiD_yNi5uEf9MgTltIE9UKUC33p3AYVoASfyQX8k0tM96ecR7eyqcOY4nvXI9nTiPB_jGORn_eK_3p5N4gY3mqw84-L-K8vespi_TtzWR-sc6mKmRcCrdRiTDYYXrbug0aqcsdjzPNf39lAuJK8zXf9XnzkaZq1vF9vzaubXF7bvdaY3-BDyxDSjxVVmG9OihnhCBDKCZ83T1YjkPBBA3BXExmQLicanaV2cQlfbCfpULZktwhSLj2BTTIR7X6VN9Q2Nt6bszdLqATuM6AaFw8zdUaq3tLBX8DBfhc1w-erX56ZTs9fBY2BOZn46kmZUhc2ySiSScwNEDG0T6FuRKsEOEWakeXil8En9S1Q645TXlYzPfpT5x9r29YtT4sLED6DIphiA_0L3utEIY5YKvGly8_pRcgp06sCprnt0ay9895Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 9778 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_4FAlokE76R3BNDp9n_917Ygcmk42NuSL_muUYojhUE8M7jQb9g6sq2lq1ZldY8MLBFtEp7k7uU5BXN-2DE_wVAqpG43YpDbd5YYUXHBKXrEC5FO4F6_SZ87Z9PJYRl4n4CS0qg&sai=AMfl-YRV3-o6-P8IIqYkxRCQ22JrrwCfQ8ownNTXvnIBFVUfHVqJImIvsEchWRSVxJgKls9epRGYi3YGiKoX5gUXPb-IywvPn0nMhbWfriWsaYwAHNMaDrt1LrTMcLo&sig=Cg0ArKJSzLqySveVuTT9EAE&cid=CAASJORo74aCqPI_co68wmEahVXas7FWv9tZWs7EykB2NB6T6nikew&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3645501049&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662497499164&rpt=634&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 20:51:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.adaptv.advertising.com
URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEKFJqw7hiGF_pkIKf3xX-HM&google_cver=1&google_push=AehlK4BuoLcIlrfCL6by1zDD1kdzJDpqTp5TKfkG2RYDnZCH1G1LzzB-ElRnHyEy6seRLxYOX_1yI7_L96dmV2XQnanW7RnoOqz4

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| fbq function| _fbq function| Vue object| renews function| getRenewsFeeds object| app string| labelToken string| category string| GoogleAnalyticsObject function| ga object| SD object| device function| sitemajiDebugger string| adUnitType number| edmpvct number| edmpcct function| c_tag_mk number| cftkn function| chktkn object| ElandTracker function| stfpjs function| cookie_mapping object| Scupioads function| hasOwnProperty object| scupiosdk object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| criteo_syncframe_state object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

40 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _fbp
Value: fb.1.1662497494926.719615353
.facebook.com/ Name: fr
Value: 00N8IPTHVpGV2S47i..BjF7LW...1.0.BjF7LW.
.reurl.cc/ Name: _ga
Value: GA1.2.930838179.1662497495
.reurl.cc/ Name: _gid
Value: GA1.2.864080584.1662497495
.reurl.cc/ Name: _gat
Value: 1
reurl.cc/ Name: CFFPCKUUID
Value: 2763-mWmSa24VSYOwnaWmTBxpHcwxbfprsHOy
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 2400-7MW881w0A9XYUase4wKsnFEYrxU841Bv
.prnasia.com/ Name: __cf_bm
Value: 3nbQf7Fu7VhKDJ8R5apEYtTvAB3Q88AA5snpTUKmTrI-1662497495-0-AYgZcd5BOwNEkVecERFL+vq7aHijfbDzzNHYwV16fcYQxlRDJt+IzDwS9P6tAHMjyOBOtLHxFMKP3YHPC77YWDQ=
.holmesmind.com/ Name: P
Value: 859360-96aUE8lyVPKwDCljPTiem5LS2ATJgjkq
.holmesmind.com/ Name: Vision
Value: 20220907-23:59,20220907-07,20220907-07,20220907-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.criteo.com/ Name: uid
Value: 4b189f89-fd0f-4b24-a6c8-08d6d2d163c9
.hinet.net/ Name: uuid
Value: 7c449a90-99c4-45a8-b09d-c95f3f18d280
.reurl.cc/ Name: _ht_50ef57
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlgFI99ZytpGrmSLvRpJeax2peB0evRbKH0MgvR2vGGI-hwPR50cDPjWhpVV_o
.holmesmind.com/ Name: fcm
Value: 1
.c.appier.net/ Name: _auid
Value: 0Z3p9ENoDQqH1snX2LIXYw
.reurl.cc/ Name: _ht_em
Value: 1
.reurl.cc/ Name: _ht_hi
Value: 1
.reurl.cc/ Name: cto_bundle
Value: HGahnF9FNnhxbkVrNyUyRmU2aXViWTdRRGtTbHFMZEdwSWs5dWVEVEhDQXFSeGxVemw0SlF5bzc0RU9wUDZXR0klMkZCM2EycTNUMDRlRU5DSFFWZUFrR2tabEtuaEpzQnZZUjVId1F5OEVmM0slMkJPSGNCMEVJY1ZyYllVWiUyQmlad1lsY2h1JTJGaUYydyUyRmNxRmJlc1QyTm5DbDNxVXJEZXclM0QlM0Q
.reurl.cc/ Name: __htid
Value: 7c449a90-99c4-45a8-b09d-c95f3f18d280
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.scupio.com/ Name: fxc
Value: 1
.scupio.com/ Name: gx
Value: H4sIAFkjGGMA%2fxNmYGDg4ub4dXHyv89TOqwFWIVYOOwFmABMf8nMFwAAAA%3d%3d
.scupio.com/ Name: gxc
Value: 1
.aralego.com/ Name: sspid
Value: 8de4e1a2-2192-37ed-93a8-c392c0edfd46
.yahoo.com/ Name: A3
Value: d=AQABBNqyF2MCEFzmawgkVyfsJU-O95UQJsgFEgEBAQEEGWMhYwAAAAAA_eMAAA&S=AQAAArbiqsPArb8xlpBPOPT5HSA
.scupio.com/ Name: OrgKeyValue
Value: CHA20220907045137636754
.scupio.com/ Name: uxc
Value: 1
.reurl.cc/ Name: __gads
Value: ID=4a154e35509040fe-22e9721915ce000d:T=1662497498:RT=1662497498:S=ALNI_MY2tR6utaAjKTYAITzKAvhxH5tJTg
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMID
Value: Yxey29Ntd9GLIEshl8lTfgAA
.casalemedia.com/ Name: CMPS
Value: 5160
.casalemedia.com/ Name: CMPRO
Value: 5160
.adnxs.com/ Name: uuid2
Value: 6878756895974200237

3 Console Messages

Source Level URL
Text
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1662497498&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498464&bpp=14&bdt=412&idt=270&shv=r20220901&mjsv=m202208300101&ptt=5&saldr=sa&correlator=7378697288917&frm=23&ife=1&pv=2&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=1585925989&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=66188118&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=4417266648250826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pux83iswozt3&fsb=1&dtd=283
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/13243569959638451932/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1662497498&url=https%3A%2F%2Freurl.cc%2FGE486v&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662497498464&bpp=14&bdt=412&idt=270&shv=r20220901&mjsv=m202208300101&ptt=5&saldr=sa&correlator=7378697288917&frm=23&ife=1&pv=2&ga_vid=930838179.1662497495&ga_sid=1662497499&ga_hid=1585925989&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=66188118&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=4417266648250826&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pux83iswozt3&fsb=1&dtd=283
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/13243569959638451932/index.html".
network error URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEKFJqw7hiGF_pkIKf3xX-HM&google_cver=1&google_push=AehlK4BuoLcIlrfCL6by1zDD1kdzJDpqTp5TKfkG2RYDnZCH1G1LzzB-ElRnHyEy6seRLxYOX_1yI7_L96dmV2XQnanW7RnoOqz4
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6d18858f6c3c6302aa1f516eef96cd83.safeframe.googlesyndication.com
7c449a90-99c4-45a8-b09d-c95f3f18d280.t.ssp.hinet.net
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bfbe74b7c569249406a4a5423692f87c.safeframe.googlesyndication.com
bidder.criteo.com
blog.alphaloan.co
bw.scupio.com
c.holmesmind.com
ccm.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
creditcards.com.tw
de70bd22-baeb-44a3-94bb-14cd46e17526.t.ssp.hinet.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
fp.holmesmind.com
geo.yahoo.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i0.wp.com
ib.adnxs.com
img.gbyhn.com.tw
img.racingcharger.tw
img.scupio.com
m.holmesmind.com
match.360yield.com
mma.prnasia.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-apac.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
r.scoota.co
rec.scupio.com
reurl.cc
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
sync-tm.everesttech.net
sync.1rx.io
sync.adaptv.advertising.com
sync.aralego.com
sync.targeting.unrulymedia.com
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
sync.adaptv.advertising.com
103.132.192.30
104.18.18.126
13.224.189.20
13.230.137.226
151.101.66.49
162.210.196.208
172.105.221.240
172.217.16.130
172.217.16.194
178.250.0.157
178.250.0.165
18.158.190.248
185.89.210.46
192.0.77.2
192.0.78.187
192.0.78.244
192.96.200.41
2001:4de0:ac18::1:a:1a
203.75.214.136
210.59.219.175
210.59.219.180
210.59.219.181
213.19.147.45
23.205.235.133
23.75.240.210
2600:9000:20eb:8a00:0:e06c:e940:93a1
2600:9000:21f3:e00:3:1794:2540:93a1
2606:4700:20::ac43:47fe
2606:4700::6810:fd04
2a00:1288:110:c204::b000
2a00:1288:80:807::1
2a00:1450:4001:802::2002
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::2006
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c0d::9a
2a02:2638::1c
2a02:2638::3
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:400::485
2a05:d018:d29:3602:330c:6850:f997:69b7
2a06:98c1:3120::3
2a06:98c1:3121::3
3.124.103.115
34.102.176.152
34.117.219.39
34.95.67.231
34.96.119.68
35.185.130.121
35.186.215.140
35.201.76.93
35.227.249.156
35.244.196.223
51.89.9.253
52.16.225.88
52.68.234.1
54.72.207.25
69.173.144.165
69.173.158.64
74.6.138.64
078faf153830306b0fc86526dec3bbc456c3792f867934d952589b1e6120c79b
09231ab80770934e3bb11a071d207db2dc8b6d01e3ea524197b90c4c36396090
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca26a1ea3dd8aced926b746e1e7fba836618f72513a82ad857991f16dd8613b
0cd39e6f26b52b1f624ef0ba9af33d1462d3ea7fae567340a1bff76cb0a77d1d
0d4a348c4e97036c8b30dcc76ceed47e8726f12945e2ceef545440f01cdd7685
0d4d0fad25b7914bce391d84e3980c5e2c918c14faed6b89f3506d0dc8a1547b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b360963cee2563b6f93fc397a436c1c5b8ace543f35a9bb76095bd40ceccb2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12bc83cd3d7f1a3dc4371c98bc05d1daaee800370ad2e9219afa7d41550d2de1
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935
13e489437eb5e0a8fca4eb72a5340a380644bf3f18c90cd93c4dd10a35b0f3ad
151399565e841b5bc0abe1bdd07b7f7143183fd6300518a14edc5fe665fa48bd
17d57538011219c60aec91ff6d35c15abda9314d0f692f071843563e730c0858
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a70ddba11bf36ff0f38237fb467dad12bbc3bd8f6d8472a75ad93d630e751b3
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d352797c9473d7a0f0d88d182633330a8a7058a68cd6c052a8a2e2e6ffba4e4
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
215d586421ace57bbeb7d71662d5b934ba0920c7749b2982e1ed1d7b3522b6df
223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7
228ed27c5709ded3a4ee236927e9fd6db15dec2f0f2509b77cba799107daa65b
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721
22dd4b58a0e582425cec50d94841cd72155edc012b42c84576add2cd672000d5
25355805f44af99037c6b951f9afd762f5fd74eb126aba4b2f82cafa563c0f90
25d42eefefe5622b148f94c8c82dd297805a6b987c5a4d8e2da65f2397992753
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
28a008879e1b9e67d23125f4627ffd4c8e738d47b9820860da4f27dc8c6a037f
29c7902eabb7adb7094f332a003468515faf5685a587f5c9618ac74a3ca1c0d3
2d54603fd4481951f3e4ccb362f9e6d97a65e2516cf2b68ce8ca771b3bc9dda2
2dc59097a75277176a58499dc9c118020ec37976f392b96a76704ed444fa2396
3627578c97087f0edeaef535e297ccae05a50014a95e95f12534ac9bdda47d29
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36dca21cf18cf318853921fc7bbab0e2bd6d3a7d0f4fcd8b002cb6e91b32087f
37f7cb504e24d04c0a0ad415ed8612013957406bceb5dc53e21ce7480ecbe46d
3ec6c20917b275ab192bd889c6c20ac80560ac6331e5bde1ce23aedb3bc8deea
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40483d572e14e4690c54b8e14dd955f3f97696a48d9ded7c65d1adb8af09b17d
4063cb985703d3943b546ca69dbbc96ca18da2316dced5856d09c2b2f6bf3074
42176dd8bba6d2b3043429bc0f0401f069e2c8e3e2642fa3f2cfef58cad0071b
4591c41a23e218c98aa5d30b44d786150e3f34d6502877c3545d2f733ce9b436
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49b66c2ccaa3fe4120f86382ad2d46cde7f9cc1e002e4cd97723acc123db6461
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4d73e8a3460f7d0a6d772cdc0f0d81d551bc98576ea5a8535061eec0935ee83f
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55854802eab625cd794ad36f7b2d44150cd9379e676f66ea5aaa76518465eb3c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57d3da37e04b89af517579e92611c9445d0022c73efe375a2742935cdcd0bfcd
58198173ea6444feaeb64ef76fed8f3a45a0faf74a89bed485485aa64f916311
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
5b098d2faca0251b7f5131e05fcb412642b2c459a71885a7dce3561a7bccdd3d
5b7ff1cab81b0c30a68b3e27f7720bcf2dd1956912d7a3b57addb32f71d9f393
5ca444e32f5c7231d8669cdbc0a642cea05b3db75e5fe6189385e01583e5aba3
5e9aba51285654b771ed54969cc04a459808c7177c9104cd7acf6fb32a099d35
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60ea373057de7520f017d7ced2dce303747cf717e76b8594a05ed26428f144fb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62eec41f1904765b1d973e774e6b3dee84f1037459149eb858547822ce89f996
649bb51c7988e50a72ba3202a01713b60c3ca192847bc878e1505203418a207c
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6762f30f0154800fb3918b9b2b85c5fb600058c6b38b1900c048cfc0738eecf3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b9c2c13a736cc4405b4bc0dedabc92edeba21888d4dc7737c050dca70a1b82b
6c54d1bc2012f4e16384ff0386b7e4970ea049f5e78ac9a7f08c47ceaab26214
6d564ee850001507f3fd0ac9ce23e4c4e5459062f095869bcbf7a65efb0f619e
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037
7211e6781274b87f592ada564da109fca86c9da54e9a50ab37d0fdb6f0e22e4a
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
75aa5fc5ab5ca68d3d60dc850c3b5c107f1c1217eacf71d60cb4b835460c04c7
79ba062e591b1cd913c80a3a50b05160d227e482420425018268db6a327ee86e
7ae2f5b5d641c02de5d3222990df1b555a4a41f06b0eedac42b7f5e984454769
7d3f0c278eba7ca4904ef08e954e5d21231a363ddf14d74592de748ec54aa299
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e3aebdf717e37cc765a6f4404cde0d200e7b8f62d4e0c9922a318b544979bf5
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
804dbf1cfb8eff67c2af5b744d54c6d809bc0077b7425463b666410b55629bac
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
830c4c982b5e5e5fcc39f267c7cf289c3e1bc664bf9f591d5be39ad09528e5b3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e
83c664de923e3404fa4d802e220c55463fa423844f07184528aab1b841766d78
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87422baa4d8decfa5c93fdfa9c7ecc6888e75984f37d3aae68ba867fd52dc0fd
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015
8b6ab43f26780e43a94664e734a2c13f13b746e77c140ac4833fc2d8aaf0b59e
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
909b56c47451ef73e3685930dacaf27a007e65b1ab2e46bf2fafa2f8766007cc
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd
91eb9adc2d04829e4360211349482a4294d872e051b8f4967a0a83d9b036aa2f
93848152b280dd0aced8cff4b318a1fc68be484694c41ea675132c9a269bddf0
9478e704767afc0805e5a7d79aec5a4a1d5a2279d3a3418f885b42e234284d8d
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9abfda65b439af48631f96c926b8f3590e0bdff2fb81558867d0405bae19e344
9bcd2276fce67d340eba6667763be3692e175bc864d2b001e30ea00c89cbe603
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6
9f1c30d3f3f0b2a418e6d3b735ab2a2a73ce6522b0c97a2c1cd8e67b247dc2f4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00d1fc9ef0b4b77d6100090937f10c5f6092edc86be236ca26f76614d795ad5
a024558c7bd1977df1d60ed18f624953f4e8c7fc936152980c1afa4346d80faa
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
a2e7649b6955bf22325434e8e7fb7ff7211f836d4976197e80f9056b06fdc3b6
a35963001f061ff61a2eab6be76cd002f4f6db8e717dc8d61d38a6030546ce9b
a4379075b3fa8d6eba5f4dfff40696c76d80fd61349989b693d42c1e761f14d3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793
a7d1ad0006cf1950121ad6835c13ef6ed3a5bcb8ad583b3b072d5cd776bc83c9
a833780079afd26f7dcb41de754726aa4a94abb8dcee6aa62c6ded25c9700ca8
ac91914ff217a1e51a8db3171a0f689fd3577d72a5e926b9179b90a694355b87
adb8a7a253940fb66d417f28392bd7d0c7e15f30de603ad4756e7acd2fd6b0b0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8c6136595007e680cd30c53c0ae4c8084809e459ddab035f56b8f3a9525922
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b03919a01615423f8881da95bc3f1f9a9f6d8330fb18c710f1dca463e18fe6d1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6753a62e0b50dba9eaaa92bd19154fa585fc47a1dacfcbd7bbeb7306d2fb681
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
bb245a239cb23804d33118c1beadcaaf64739662cbd49e0b84caa77de1f0d75a
bc71a05215f54a1bb4a16508fb84ed84e31a97f7ac0a4fbf49ba9d023131f3c2
bee51233f1b4d46f9d8084127f2aae3ae36cbd9cba68ce34e70a9d046aaa7129
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
cc5699231fdc88e30eb73ad21cd91bb3e67f8d63eca747080e88ca91643ec9da
cd302d50a31d96d73822050f4184baf2fe93e0e38d0fd2f4f4783ed6dc33c0a2
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267
d106b52be51cceb76c964d7b72f98a4e57ecfa07e6c47377adf2e3816c5d94b4
d3625003d30ae778418ada878092b90ca4be5918f00c6fe5825bf8a34d787cc0
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d5ecde7dcf3a9d9507633562104fd12ce7087d4aa29c6e2e09ea16a4ebddf5a3
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d79b2fcf1a0aace74fe185f3bf58af9c0ca1dca2a5526507df2e5993a40603cd
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
da8eb35efab0bc6643deddbbbb38200db3fa4e093ad52480b457ce3263d2e67d
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db087061449633412585677f7951af1ced81ddb5cc4c43f5c9575a04fec52b1c
dc03d96af9f1e84e7720a87c54ea1000a5bd2c16b24c6da224fe72de9010cfaf
dc9c82e22cc8e4786160076e3d7a8401176b9efbfdaef587c55d443edff6eab0
dd0e6105830807eed3fa90db33dd79bb436b03ef5cfe148eda8a19eaa0d7f930
ddb8f85acace4268d38d131835f214f5fdc9b5ee04d86a3c576cb70547219212
e1aa64b0abcf314497e4152fe273728e6a0d02c2f1ca0849aba06368b87bfe10
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e54e601faee15c866fc80659f34bf9b78048d72901b77795bb0109d4fdabccf7
e5d7cf8170dfa0e5b3c496b63c8225c9249a8424df4ad728377e5d5b4fef28e3
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
ec92c979c02376ec9a291ef5543acd565b5311b823193895a2d43ce9e5b8b960
edade1b328fe21499058c22e4a1771553b74499c960580e719061d5fad2ed309
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef589598a2e7f53b2d64dabea0957822a6ee33e921023cafb6b6bd78ff125074
f00e821b1332a58e3d148edf2a39915e4a1b60f0a66b9a2b5e6a210b9cc24983
f039c920bb5417936d4737f1a45af696ffa6d11caecc45e5e1e8216568bf8e07
f3c04d7b56d97ffd98246bf9b0a3b75bf982d9f1723ffa82cc7f495edbcc3656
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f5076e83673a9dd158f53364dd014001af2705977e6200184769bce745ef43a3
f641ad0c0e2731c3ab3eaabdfd3699fa311335b36cd38285a4a7e5fd41f8a896
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c
f733b80a77aeed329f3b0e4b38c7bdb342a367847fac6a8f9647bb48c333aa3a
f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf