reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://reurl.cc/
Effective URL:
https://reurl.cc/main/tw
Submission: On April 05 via manual (April 5th 2023, 7:32:00 am UTC) from ID — Scanned from DE

Summary HTTP 309 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 59 IPs in 8 countries across 50 domains to perform 309 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 304750.
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	35.185.130.121 35.185.130.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.149.98.30 34.149.98.30	15169 (GOOGLE) (GOOGLE)
1	151.101.1.55 151.101.1.55	54113 (FASTLY) (FASTLY)
34	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
22	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1 1	2400:52e0:1a0... 2400:52e0:1a00::845:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	2600:9000:239... 2600:9000:2396:2600:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
37	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.78.135 192.0.78.135	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:fc04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.149.36.179 34.149.36.179	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.176.152 34.102.176.152	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.185.136.122 35.185.136.122	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
6	54.65.46.111 54.65.46.111	16509 (AMAZON-02) (AMAZON-02)
2	34.95.67.231 34.95.67.231	() ()
1 4	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2600:9000:225... 2600:9000:2250:1000:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
4	3.114.128.184 3.114.128.184	16509 (AMAZON-02) (AMAZON-02)
4	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
5 10	34.96.119.68 34.96.119.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 5	172.105.203.31 172.105.203.31	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
9 20	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
4	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
4 6	185.80.39.216 185.80.39.216	() ()
3 4	185.89.210.101 185.89.210.101	() ()
2	35.244.159.8 35.244.159.8	() ()
2	2.23.197.36 2.23.197.36	() ()
4	142.250.181.226 142.250.181.226	() ()
2	2a00:1450:400... 2a00:1450:4001:813::2006	() ()
1	15.197.193.217 15.197.193.217	() ()
2 2	213.155.156.181 213.155.156.181	() ()
2 2	185.64.189.115 185.64.189.115	() ()
1 1	69.173.144.165 69.173.144.165	() ()
1 1	2600:9000:211... 2600:9000:211e:4c00:1b:5138:8a40:93a1	() ()
2 3	51.89.9.253 51.89.9.253	() ()
3 3	213.19.147.45 213.19.147.45	() ()
1 2	46.228.164.11 46.228.164.11	() ()
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	() ()
1	185.86.138.153 185.86.138.153	() ()
2 2	3.71.149.231 3.71.149.231	() ()
309	59

9 35.185.130.121 (Taipei, Taiwan) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com

storage.reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.55 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7e184910-e6d2-42d5-af0f-b286aa42108b.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a00::845:1 (Slovenia) 1 redirects

ASN200325 (BUNNYCDN, SI)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2600:9000:2396:2600:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-fra3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.135 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fc04 (United States)

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.36.179 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 179.36.149.34.bc.googleusercontent.com

www.rayskyinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.185.136.122 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 122.136.185.35.bc.googleusercontent.com

re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.65.46.111 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-46-111.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.67.231 (None, )

ASN- ()

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.76.93 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2250:1000:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.114.128.184 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-128-184.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.96.119.68 (Kansas City, United States) 5 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.105.203.31 (Tokyo, Japan) 5 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1857-31.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.98 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.181 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-181.hinet-ip.hinet.net

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.80.39.216 (None, ) 4 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.101 (None, ) 3 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (None, )

ASN- ()

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.197.36 (None, )

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (None, ) 1 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:4c00:1b:5138:8a40:93a1 (None, ) 1 redirects

ASN- ()

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.253 (None, ) 2 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (None, ) 3 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.153 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (None, ) 2 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	holmesmind.com 1 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 136332 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 196998 fcm.holmesmind.com c.holmesmind.com — Cisco Umbrella Rank: 103184 adcdn.holmesmind.com — Cisco Umbrella Rank: 147657 ad.holmesmind.com — Cisco Umbrella Rank: 99288 m.holmesmind.com — Cisco Umbrella Rank: 278361	243 KB
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145 d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com	474 KB
39	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 cm.g.doubleclick.net — Cisco Umbrella Rank: 228 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 googleads4.g.doubleclick.net	389 KB
35	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 760 scontent-fra3-1.xx.fbcdn.net — Cisco Umbrella Rank: 10034 scontent-frt3-2.xx.fbcdn.net — Cisco Umbrella Rank: 9803 external-fra5-1.xx.fbcdn.net Failed	590 KB
22	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 79559 7e184910-e6d2-42d5-af0f-b286aa42108b.t.ssp.hinet.net	24 KB
15	appier.net 10 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 44243 gocm.c.appier.net — Cisco Umbrella Rank: 2331	2 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	621 KB
14	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 90	87 KB
11	reurl.cc 2 redirects reurl.cc — Cisco Umbrella Rank: 304750 storage.reurl.cc	40 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com ssum-sec.casalemedia.com	4 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	53 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	128 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2284 www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 748	1 KB
4	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 19777	681 B
4	google.de adservice.google.de — Cisco Umbrella Rank: 7832 www.google.de — Cisco Umbrella Rank: 5216	1 KB
3	onetag-sys.com 2 redirects onetag-sys.com	825 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	91 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	802 B
2	turn.com 1 redirects ad.turn.com r.turn.com	869 B
2	1rx.io 2 redirects sync.1rx.io	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	647 B
2	2mdn.net s0.2mdn.net	26 KB
2	teads.tv sync.teads.tv	344 B
2	openx.net us-u.openx.net	418 B
2	googletagservices.com www.googletagservices.com	98 KB
2	scupio.com prebid.scupio.com — Cisco Umbrella Rank: 74829	3 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 670	80 KB
2	re-news.tw storage.re-news.tw re-news.tw	32 KB
1	smartadserver.com ssbsync.smartadserver.com	75 B
1	quantserve.com cms.quantserve.com	465 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	573 B
1	smaato.net 1 redirects s.ad.smaato.net	441 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	adsrvr.org match.adsrvr.org	265 B
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3491	488 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5346	195 KB
1	rayskyinvest.com www.rayskyinvest.com	41 KB
1	prnasia.com mma.prnasia.com — Cisco Umbrella Rank: 915285	58 KB
1	racingcharger.tw img.racingcharger.tw	405 KB
1	creditcards.com.tw creditcards.com.tw	73 KB
1	gbyhn.com.tw img.gbyhn.com.tw	116 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	601 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	5 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 11957	728 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	81 KB
1	anymind360.com anymind360.com — Cisco Umbrella Rank: 22729
0	mathtag.com Failed sync.mathtag.com Failed
309	50

	Domain	Requested by
34	pagead2.googlesyndication.com	reurl.cc pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
33	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
30	cdn.holmesmind.com	reurl.cc cdn.holmesmind.com ad.holmesmind.com
20	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net reurl.cc 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
18	t.ssp.hinet.net	reurl.cc t.ssp.hinet.net cdn.holmesmind.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com reurl.cc 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com googleads.g.doubleclick.net
11	www.google.com	reurl.cc www.gstatic.com www.google.com tpc.googlesyndication.com 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
10	ad2.apx.appier.net	5 redirects reurl.cc
9	www.gstatic.com	www.google.com www.gstatic.com
9	reurl.cc	2 redirects reurl.cc
8	securepubads.g.doubleclick.net	reurl.cc securepubads.g.doubleclick.net
6	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
6	www.facebook.com	reurl.cc static.xx.fbcdn.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
6	cdn.jsdelivr.net	reurl.cc
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	gocm.c.appier.net	5 redirects
5	fonts.gstatic.com	www.google.com reurl.cc
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	bidder.criteo.com	static.criteo.net
4	prebid-asia.creativecdn.com	cdn.holmesmind.com
4	ad.holmesmind.com	cdn.holmesmind.com
4	7e184910-e6d2-42d5-af0f-b286aa42108b.t.ssp.hinet.net	reurl.cc cdn.holmesmind.com t.ssp.hinet.net
4	adcdn.holmesmind.com	cdn.holmesmind.com
4	c.holmesmind.com	1 redirects cdn.holmesmind.com
3	onetag-sys.com	2 redirects reurl.cc
3	www.google-analytics.com	reurl.cc www.google-analytics.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	connect.facebook.net	reurl.cc connect.facebook.net
2	ups.analytics.yahoo.com	2 redirects
2	sync.1rx.io	2 redirects
2	image6.pubmatic.com	2 redirects
2	d5p.de17a.com	2 redirects
2	s0.2mdn.net	5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.googletagservices.com	5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
2	d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	prebid.scupio.com	cdn.holmesmind.com
2	static.criteo.net	cdn.holmesmind.com
2	m.holmesmind.com	cdn.holmesmind.com
2	fcm.holmesmind.com	cdn.holmesmind.com
2	region1.google-analytics.com	www.googletagmanager.com
2	storage.reurl.cc	reurl.cc
1	ssbsync.smartadserver.com	d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
1	ssum-sec.casalemedia.com	1 redirects
1	cms.quantserve.com	d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
1	r.turn.com	reurl.cc
1	ad.turn.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	match.adsrvr.org	5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com
1	i0.wp.com	reurl.cc
1	re-news.tw	reurl.cc
1	static.wixstatic.com	reurl.cc
1	www.rayskyinvest.com	reurl.cc
1	mma.prnasia.com	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	creditcards.com.tw	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	www.google.de	reurl.cc
1	scontent-frt3-2.xx.fbcdn.net	www.facebook.com reurl.cc
1	scontent-fra3-1.xx.fbcdn.net	www.facebook.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	storage.re-news.tw	reurl.cc
1	cdnjs.cloudflare.com	reurl.cc
1	cdn.rawgit.com	1 redirects
1	www.googletagmanager.com	reurl.cc
1	anymind360.com	reurl.cc
0	sync.mathtag.com Failed	d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
0	external-fra5-1.xx.fbcdn.net Failed	reurl.cc
309	76

This site contains links to these domains. Also see Links.

Domain
imgus.cc
youtils.cc
aiieyes.com
re-news.tw
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
storage.reurl.cc GTS CA 1D4	`2023-02-27` - `2023-05-28`	3 months	crt.sh
anymind360.com R3	`2023-02-27` - `2023-05-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.t.ssp.hinet.net	`2022-04-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-12` - `2023-04-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gbyhn.com.tw GTS CA 1P5	`2023-03-29` - `2023-06-27`	3 months	crt.sh
tls.automattic.com R3	`2023-03-24` - `2023-06-22`	3 months	crt.sh
*.prnasia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-12-08`	a year	crt.sh
*.rayskyinvest.com R3	`2023-03-09` - `2023-06-07`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-05` - `2023-09-01`	6 months	crt.sh
re-news.tw R3	`2023-03-01` - `2023-05-30`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh

This page contains 37 frames:

Primary Page: https://reurl.cc/main/tw
Frame ID: E809E08F8BF515B25618E4758D7C3E84
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230330/r20190131/zrt_lookup.html
Frame ID: 7A377ADDFB8D8A4F43A80F1467676BD2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9999486404371312&output=html&adk=1812271804&adf=3025194257&lmt=1680679913&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680679913398&bpp=2&bdt=705&idt=178&shv=r20230330&mjsv=m202304030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7622034864295&frm=20&pv=2&ga_vid=400798822.1680679913&ga_sid=1680679914&ga_hid=724618695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788217%2C44759837%2C44759876%2C44759927%2C31073581&oid=2&pvsid=1862533163576936&tmod=628033227&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=196
Frame ID: DC7991C5D28A26E27D35F153615ACDC1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 616C764365033E85658752B891969437
Requests: 50 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=x2n1mjr5x0fz
Frame ID: E84EC2B9D63FEC705720175F069C5C8A
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Frame ID: 5AA1815C4637EF7F72DE6304E762A569
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 49BD38DBA33ADA7EA413A1BF86FCD033
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 8F2E42B64D4C40FB17310FFDE92A670D
Requests: 7 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: E108A46072E0097A801D3940A9BEC7AC
Requests: 10 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 9F7ECC6A8AB216B63F660156D9DB0556
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: DC81E1C90A1C0E0CB8E6C87A560C705B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: D94AD7B922DE9896DD3B48F0EFF1315C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 50549B7BF05293A11C67BE4FD72403A1
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Frame ID: 4F929266BC023B8022F220FA2D4DB81C
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: A4A3BBBF2C572BD5A3F04122B435F72A
Requests: 19 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Frame ID: D14A5DEB4275508052F276E499FB45B0
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 8FA37019482A2376D31E01311E684145
Requests: 17 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: 1DA9DA85285E009B752032791D7A3AFB
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 65E8C9B7676A554BB5805D8D679C27B0
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: C104502D1DC874F8D6E5E88472996FA0
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 059D810FD25E68C804AB779FEA6987D5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: A2B1FADCB4C3C1254C4C9A76F052AE1C
Requests: 9 HTTP requests in this frame

Frame: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: 98B996FDC633997A317864BAA0F2CA8F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: CA6E54122793A41DBD21DD05D178ED24
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 35973C340EAECE76D6F6869F02167440
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2A1E835ACCBF5A86101E926706946466
Requests: 2 HTTP requests in this frame

Frame: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: D433B15B1D82F2867664D0479E2CA132
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7AA9AA93CCBE23F5643BA4D5752CBF22
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4B5888D524ED982EA5391C79CE1AD5D2
Requests: 2 HTTP requests in this frame

Frame: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: C9C8BE6EDD282B85BA331567CE247338
Requests: 20 HTTP requests in this frame

Frame: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: 2320439926CA43C199F279819CD370B9
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5977cATAB&v=APEucNUTGCRGiy3535Litn_MEQgt8jHVogEyZPqSaGs8BCZITaowc5tY4WTpRe2mrAb4QfTSF-bwJie-2-FN-f5SIv-SPZXAtZ3eYE6hW2mxFvkY_rPWFt_7hlmtjrwiUHxdyuFDWmxFunsj5LC9qBWDD1JJ24xXQwxbJV0UT2n9GOVD4twREsM
Frame ID: 4AB0D3C6FB8A368AF67242A8D9DC3AD0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5977cATAB&v=APEucNUTsieODEU5yM3pQx_70r5R3GV7cDgF1krkqwFsrX9MwiJb7tZogsr4SKUHFprSleojm630zO9mWRBTec-umpV0-8NKOT7uartyHb7uQ-fISWp-G6-A3i0GoaTrO46PFAL1fzUpcAymJu-DPVDnLMz4QTGWO2RrGXcsvH8bk9J6jDlAFYQ
Frame ID: F2BC608B8012B52FAC0EC13C9528CE90
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 08F91D56A478506CEC5666EEC94C12ED
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 988179F0B30FF9EB25FBD3C366458008
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F5AF8A66E7506370DF1089D496170AC5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5A8D00E27D6380FD0A262795D9A819DA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

http://reurl.cc/ HTTP 301
https://reurl.cc/ HTTP 302
https://reurl.cc/main/tw Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

309
Requests

88 %
HTTPS

48 %
IPv6

50
Domains

76
Subdomains

59
IPs

8
Countries

4464 kB
Transfer

9774 kB
Size

30
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://imgus.cc/
Title: 縮圖片

Search URL Search Domain Scan URL

URL: https://youtils.cc/yt-dlp/main/zh-hants
Title: 下載youtube

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: 什麼是utm?

Search URL Search Domain Scan URL

URL: https://aiieyes.com/?utm_source=reurl&utm_medium=cpc&utm_campaign=f202302&utm_term=testtype02

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/47934

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/283089

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/37983

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/4057199_XG57199_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/rayskyinvest/98387

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/64019cafb97a8a05a7412b28

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/25257

Search URL Search Domain Scan URL

URL: https://re-news.tw/renews/151

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/14027

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/password/zh-Hants
Title: 密碼序號產生器

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://reurl.cc/ HTTP 301
https://reurl.cc/ HTTP 302
https://reurl.cc/main/tw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js HTTP 301
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

Request Chain 126

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 141

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO&uu_m=undefined&google_gid=CAESEByfgVVO6r1hicxfvJQalns&google_cver=1

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO&uu_m=undefined&google_gid=CAESEBRLkKs8jTC8yQvCXygB1-E&google_cver=1

Request Chain 187

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA

Request Chain 193

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA

Request Chain 209

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA

Request Chain 216

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA

Request Chain 253

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHj9tW0W0ZHkWWd9l8qfHb8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHj9tW0W0ZHkWWd9l8qfHb8&google_cver=1&C=1

Request Chain 254

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZC0j70GsDFZdmeu4QnucIQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHj9tW0W0ZHkWWd9l8qfHb8&google_cver=1

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEV9kghjPwLdHH8NDc4RaaA&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEV9kghjPwLdHH8NDc4RaaA%26google_cver%3D1

Request Chain 256

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY0NzgwMDc3OTIyMTg1NDkwNw%3D%3D

Request Chain 257

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMyfeqUrXguRUnsTrjI9p4M&google_cver=1

Request Chain 259

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEBqJUvO-oIrjVX3eUfltC1k&google_cver=1

Request Chain 278

https://d5p.de17a.com/cookies/google?google_gid=CAESEGyeBzdxSl1zNrtm6nSZZIo&google_cver=1&google_push=Aer7DvKvm4Yx4jMtv_hruxkrRIPZGNP_yLOkMqvZp_BQB-I7cCZUandwXmb2E7oj1NiyC94yn6ls2V0NjXO727Lz5NAryOBL2i_U HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGyeBzdxSl1zNrtm6nSZZIo&google_cver=1&google_push=Aer7DvKvm4Yx4jMtv_hruxkrRIPZGNP_yLOkMqvZp_BQB-I7cCZUandwXmb2E7oj1NiyC94yn6ls2V0NjXO727Lz5NAryOBL2i_U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKvm4Yx4jMtv_hruxkrRIPZGNP_yLOkMqvZp_BQB-I7cCZUandwXmb2E7oj1NiyC94yn6ls2V0NjXO727Lz5NAryOBL2i_U

Request Chain 279

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMerIIz3GkvRYoLdE7mQ4HI&google_cver=1&google_push=Aer7DvLNWt9sIaYilqZfhOc2w0gJSqJfmgDuBnwQJbaZ3IHA7jq3XFCy-eQIU2QoS_xu0vjG5Z-MPHW_uWdogcAmDx5vJQ9SoSI HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMerIIz3GkvRYoLdE7mQ4HI&google_cver=1&google_push=Aer7DvLNWt9sIaYilqZfhOc2w0gJSqJfmgDuBnwQJbaZ3IHA7jq3XFCy-eQIU2QoS_xu0vjG5Z-MPHW_uWdogcAmDx5vJQ9SoSI&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=D3MLD1F1Q4K-sYtbzzwL1A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLNWt9sIaYilqZfhOc2w0gJSqJfmgDuBnwQJbaZ3IHA7jq3XFCy-eQIU2QoS_xu0vjG5Z-MPHW_uWdogcAmDx5vJQ9SoSI

Request Chain 280

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPxtw6Vx5FWj_Eo3uM9UH9Y&google_cver=1&google_push=Aer7DvKvOYx96Ty488U15hNb9n2kFlb4vDCBHOp3XbJokzhg6r-JYNkaZJRysp8uMSozEUtKEj8cfmjEcZ9D2odQAZuU--FGC82L HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczREZIUEotMUItSlJUOQ==&google_push=Aer7DvKvOYx96Ty488U15hNb9n2kFlb4vDCBHOp3XbJokzhg6r-JYNkaZJRysp8uMSozEUtKEj8cfmjEcZ9D2odQAZuU--FGC82L

Request Chain 281

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECYxNeIDocVNXho1RTkJ_I0&google_cver=1&google_push=Aer7DvLDpaKrcaWXjaOb_7itclxH0R8Y3b1Gtc-dpXf-5zEzjL58QQl3eE4NZlVHKtLgPoZdAcH_qgw4Qa8KerbDwRpXXfVXi9_O HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvLDpaKrcaWXjaOb_7itclxH0R8Y3b1Gtc-dpXf-5zEzjL58QQl3eE4NZlVHKtLgPoZdAcH_qgw4Qa8KerbDwRpXXfVXi9_O

Request Chain 282

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHf7WB_2hCicvR449O01JV8&google_cver=1&google_push=Aer7DvIlyQc3dtGfylpP3h1g4Bh7x2pA42JBHMJoyNfkIGDAPe_bancNTQojssLmiPIVR-s4nyD18i4xI7bk4na9r6VWH3ee-XkT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIlyQc3dtGfylpP3h1g4Bh7x2pA42JBHMJoyNfkIGDAPe_bancNTQojssLmiPIVR-s4nyD18i4xI7bk4na9r6VWH3ee-XkT

Request Chain 283

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB2mNk54qg4wXFhiuFG9jh4&google_cver=1&google_push=Aer7DvLRqCyeb7qaXPKBib1S-JfA4wiqNcFx85mGeaKd5O9mlrjQdSb1XNo7Pf92qeMuANZo16KcMP8rds1OEe7vIJ1xxcJMDO8 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aer7DvLRqCyeb7qaXPKBib1S-JfA4wiqNcFx85mGeaKd5O9mlrjQdSb1XNo7Pf92qeMuANZo16KcMP8rds1OEe7vIJ1xxcJMDO8&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1680679919697 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3d7d4112-3455-48b8-b0e2-049ac9fa2a8e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAer7DvLRqCyeb7qaXPKBib1S-JfA4wiqNcFx85mGeaKd5O9mlrjQdSb1XNo7Pf92qeMuANZo16KcMP8rds1OEe7vIJ1xxcJMDO8%26google_hm%3DAz19QRI0VUi4sOIEmsn6Ko4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aer7DvLRqCyeb7qaXPKBib1S-JfA4wiqNcFx85mGeaKd5O9mlrjQdSb1XNo7Pf92qeMuANZo16KcMP8rds1OEe7vIJ1xxcJMDO8&google_hm=Az19QRI0VUi4sOIEmsn6Ko4

Request Chain 295

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKghzr6HQ-Ubf2A-NNt6rBg&google_cver=1&google_push=Aer7DvKNsTqeiC8jN-ADlchjL9pahl6A0vzoKedVQ-OdGFXc6k7JF0KrkoVohLX4a7wvky_nhaQh8GUEA31ubYgn8c2ptOHVaJFvvA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE5MzY4ODAzNzc1NzU4NTIyNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKghzr6HQ-Ubf2A-NNt6rBg&google_cver=1

Request Chain 298

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJX66Zm37SUm2O7pn_JHKo4&google_cver=1&google_push=Aer7DvK6YwsiV-Mrd6mRhJuRJm2RSrerJOlIWWhAabXRPzmX5d0DetRBOD_X0C1WKaLkiVmaUqMdJLMsufQDInf_tTvEPr1jqgMSuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJX66Zm37SUm2O7pn_JHKo4&google_hm=ZC0j70GsDFZdmeu4QnucIQAAFHUAAAAB&google_nid=index&google_push=Aer7DvK6YwsiV-Mrd6mRhJuRJm2RSrerJOlIWWhAabXRPzmX5d0DetRBOD_X0C1WKaLkiVmaUqMdJLMsufQDInf_tTvEPr1jqgMSuA

Request Chain 300

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMvGrNOIPoZ9FgNZc5tR2ak&google_cver=1&google_push=Aer7DvKXxSxpHlR0qKTBxM5tHXQ9cD1UWVV-Dng1PCXYDdjuzBgQ2fprLwGl6KEXiRlxWOyB-OLKzitmqTNqCSPLwdaFawD-6m6MOmA HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMvGrNOIPoZ9FgNZc5tR2ak&google_cver=1&google_push=Aer7DvKXxSxpHlR0qKTBxM5tHXQ9cD1UWVV-Dng1PCXYDdjuzBgQ2fprLwGl6KEXiRlxWOyB-OLKzitmqTNqCSPLwdaFawD-6m6MOmA&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS11QUROb2RaRTJ1RUR2eXBnS0pSdUN5b0xibFBsRklva35B&google_push=Aer7DvKXxSxpHlR0qKTBxM5tHXQ9cD1UWVV-Dng1PCXYDdjuzBgQ2fprLwGl6KEXiRlxWOyB-OLKzitmqTNqCSPLwdaFawD-6m6MOmA

Request Chain 301

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHf7WB_2hCicvR449O01JV8&google_cver=1&google_push=Aer7DvIIsY6cz1JspPtWhEYwNI_SrssAYNf5cjBrFLqCuX-ZJy6qIfMH6-p9szEumz6NsuHvNa0qlTztSpFXLR6PwKDHC3rFJ4uidTk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIIsY6cz1JspPtWhEYwNI_SrssAYNf5cjBrFLqCuX-ZJy6qIfMH6-p9szEumz6NsuHvNa0qlTztSpFXLR6PwKDHC3rFJ4uidTk HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

309 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tw Show response
reurl.cc/main/
Redirect Chain

http://reurl.cc/
https://reurl.cc/
https://reurl.cc/main/tw

14 KB
5 KB

242ms
241ms

Document
text/html

35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 472fdef60a9c14dae3f16bc488545ba8ba1c728ced1bdc253362ffcb386d8d20

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 05 Apr 2023 07:31:52 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

Redirect headers

content-length: 31
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 07:31:52 GMT
location: /main/tw
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
25 KB 44ms
17ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3625047
x-jsd-version: 4.3.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230028-FRA, cache-yyz4557-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PR1mzYXUPwD9U1u1ijDHJ1Byefpj8G7N6NXe87AMbMWXizC0QKAreklkayFat6rMKNPzNkWiiiJN2kZUa%2F%2BsnFIANNFrhOYUrlUN1nl426kHqTwZNoYZtze%2B7zX850ksBJbi9cwpSKsRQCiXc84%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b30180e881a921d-FRA

GET
H2 200 style.css
storage.reurl.cc/stylesheets/rwd/ 2 KB
1 KB 35ms
7ms Stylesheet
text/css 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/stylesheets/rwd/style.css
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 00:39:38 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 24734
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public,max-age=28800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 918

GET
H2 403 ats.js
anymind360.com/js/9479/ 0
0 552ms
272ms Script
application/xml 151.101.1.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://anymind360.com/js/9479/ats.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 97ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9999486404371312

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91226d544fb70382cf764a6a42a38f9231a983b6e200c8461f216d4bdadd8860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Origin: https://reurl.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47909
x-xss-protection: 0
server: cafe
etag: 3130708236866473237
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 07:31:53 GMT

GET
H2 200 pixel.js Show response
reurl.cc/javascripts/ 429 B
524 B 240ms
239ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:52 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-1ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Thu, 04 Apr 2024 07:31:52 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 5 KB
3 KB 1087ms
275ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 05 Apr 2023 07:41:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
81 KB 60ms
24ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0265a3323ee1813e0fa34a3da6b7711be8c3aafd86975c42e5d46cf77be45fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82262
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 07:31:53 GMT

GET
H3

200

clipboard.min.js Show response
cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/
Redirect Chain

https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

11 KB
4 KB

14ms
14ms

Script
application/javascript

2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1037576
x-jsd-version: 1.7.1
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-yyz4550-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2aa5-qeaI8MJlRinRJjDbMhGpT3WiLLY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zd045IfKZVAHhYfkKO1C0DrRYIHDoCsL85amA0begv0HQrekFcqmiCmy0yt4sD0nyR7IhkOe9jWxsZihPoqUKwuPfwhYT9wxZJGfBlg6L9FB%2Bs%2F3MkeLw5TwFJb5upq%2F3VCQV2h%2FZGdpHdUmpi4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b3018144b053a6d-FRA

Redirect headers

date: Wed, 05 Apr 2023 07:31:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 1070
age: 11376
x-cache: MISS, HIT
cdn-cachedat: 04/05/2023 07:31:53
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 113
x-served-by: cache-fra-eddf8230071-FRA, cache-chi-kigq8000055-CHI
server: BunnyCDN-IL1-845
cdn-proxyver: 1.03
cdn-requestpullcode: 301
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers: *
cache-control: public, max-age=2592000
cdn-cache: EXPIRED
cdn-requestid: 923a8ecf58fd84f8158cb05b03eda0f5
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 13 KB
5 KB 47ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8898095
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4224
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6a-3580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Efh4uqnfK9MNPZmuV3u05XNEx70Nm%2B7ALm%2FKbWC8hBQ2hpo06m6cjieaVKAI49rRwKuHQ8HWZXWYLXtsjolwERCVPhhjET5TP6dWI4Bv5YORfyt%2Ftf11BjiDSWGNjYvQvpdZ2u4bfOZsv2BKfDk8Xw2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b3018122fc12bc2-FRA
expires: Mon, 25 Mar 2024 07:31:53 GMT

GET
H3 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.net/npm/sweetalert2@9/dist/ 66 KB
19 KB 27ms
16ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@9/dist/sweetalert2.all.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 39391
x-jsd-version: 9.17.4
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230045-FRA, cache-yyz4552-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"1080d-uB5K/9b4efMtYCfkBM9HcldmPDk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oQxkOcPqU393kIrRDbeSP4vjtzxVtIYSid%2BeV6dUumgdkUQN%2FyvOecbuZ5rGwiOlaCxeu54O5Nz2PWYsXkkCw1LDF7NPX8gjLjgLgzribCRGVvtqO8hj2258WEgxZ8o9iKIGDxI8rW4rAG4kRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7b301812088d3a6d-FRA

GET
H2 200 FileSaver.js Show response
reurl.cc/javascripts/ 4 KB
2 KB 254ms
242ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/FileSaver.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5ad88988f5871797f8a6ae266d8cf7449aaaa85007064bf7fcc256abb80b39d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-efa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Thu, 04 Apr 2024 07:31:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 86ms
57ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92f417353244bcbcbe333268dc2c44e69066c723dffe204bcda3bbe5048fded3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47942
x-xss-protection: 0
server: cafe
etag: 10710833119995045215
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 07:31:53 GMT

GET
H2 200 aieyes_720x90_2.jpg
storage.reurl.cc/images/ 24 KB
21 KB 15ms
7ms Image
image/jpeg 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.reurl.cc/images/aieyes_720x90_2.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 9cea8bf1b593007a1a8b4ae46c4781cbaa12670e8fccd253d787125eea07b2b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 06:14:07 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 06 Feb 2023 15:10:38 GMT
age: 4666
vary: Accept-Encoding
content-type: image/jpeg; charset=UTF-8
cache-control: public,max-age=28800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21715

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.4.1/dist/ 86 KB
31 KB 17ms
16ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.4.1/dist/jquery.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3625078
x-jsd-version: 3.4.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230115-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"15851-iFI5JDUbrAtdVg/gxXgeJVbnaT0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlbFpdO%2F9nf6wQJQitLLhmL%2FWmeRLLJK4M9wKB%2F%2FP2gpkN8Q5nJmD8RdUkySceeN0yjfHH6TV1gJtMT001gW%2BCXo3OkNphFxEn9GRPJMd5wUoeO82WwW3%2F25e6IhjdkfEb4WCtbGhi0z7KEHEqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b30180ff9ab921d-FRA

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/ 59 KB
17 KB 19ms
18ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3624761
x-jsd-version: 4.4.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230118-FRA, cache-yyz4526-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"ea6a-s8EWxl5vBTqqtF5WGaeOwAJxpQ8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7oLTmY3v13gnNoA8JT1CrLOKbyGmISSMjjFVBktz1zT%2FtNoo4maS1ZqozLlZVKehE7w2aWgSj1AJ7h3ul5GTlXzGD%2FBkMiezoV3ffXgJbpx3uSV%2Bt7pCjRHDFdZiMyXtVjsYGvCjtaRaSzA5jI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b3018101e633a6d-FRA

GET
H3 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
33 KB 17ms
17ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3624983
x-jsd-version: 2.5.16
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230020-FRA, cache-yyz4542-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9BFZAbqCXftEL12n6hpawXiaD1kAa0M3MYRt3B4ZRy6sK%2B3IJs09LP7%2FzshLAIS5pYkZ8XN%2BUJwOy5c2%2Btdgm0CaRJmjHPaHci46gpTqy1tb71X0kiJBGqj7HGZrYLVrdBO36wwfHqgalVhbXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b3018104e9d3a6d-FRA

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ 17 KB
17 KB 984ms
357ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53df1526fdc2b4f441555de54276736c9e11bca04fefa66d67a1c6185fcb24d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: YZMOA73VlZIg6eVWuW5Xyfagq.s2oEDa
date: Wed, 05 Apr 2023 07:31:54 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:20 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 33
x-amz-server-side-encryption: AES256
etag: "5f199ebe685ea58160019a49b75a72c9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 16908
x-amz-cf-id: HEulhKF0_H3vQUYUU2DQ7LL9a16perc1dzBC4RuWA0EMlF_6CsFPBg==

GET
H2 200 vue-qrcode.min.js Show response
reurl.cc/javascripts/ 18 KB
7 KB 244ms
244ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/vue-qrcode.min.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0165c15a2bedf362f02f1dd1835b5c625faa48d7c0807de80cc4dd3ca40de809

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-46e9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Thu, 04 Apr 2024 07:31:53 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
879 B 61ms
16ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b356b30f869c97834461915d72eccd69f2461568c372bacc3a36bf2ed803b0fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 559
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 07:31:53 GMT

GET
H2 200 main.js Show response
reurl.cc/javascripts/ 3 KB
1 KB 253ms
236ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/main.js?v=15
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f49ee6865adfa19b7a80104eeeea91a42b07dc3f9bcef001ccb142da35f4ede8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: gzip
last-modified: Sat, 01 Oct 2022 01:29:32 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"633797fc-bce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Thu, 04 Apr 2024 07:31:53 GMT

GET
H2 200 renews.js Show response
reurl.cc/javascripts/ 412 B
493 B 257ms
239ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-19c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Thu, 04 Apr 2024 07:31:53 GMT

GET
H2 200 ga2.js Show response
reurl.cc/javascripts/ 536 B
550 B 257ms
241ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/ga2.js?v=2
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-218"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Thu, 04 Apr 2024 07:31:53 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 33ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Apr 2023 07:31:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: lW7RZAGls6msqVrLGUXaFYwYUv9MHFqzqmF5Ba7+ZfXdW+6Voe3IJzgfPEz+q2uVGeHJc/2NbihPeZFUHYtFKA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ 410 KB
165 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb03a90ba8e768848eccdace513b8d3a36a2c29b5497a2b43662b09dd59eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Origin: https://reurl.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 21:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167953
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 21:08:32 GMT

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 150 KB
41 KB 233ms
233ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9c9f87285251bbcc9a701bc74e755b0c48e1321efdccafd33c28896b40aa3ff3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Apr 2023 07:31:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: nciwlSWXwMmtxB+Air3xvMjMw977oVtqc2rTcvGalK/GXwCIeDeT1I4De7GYty5SrPZT4SK5lmjwLjeMnRvXww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 36ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3430&_p=724618695&cid=400798822.1680679913&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680679913&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304030101/ 348 KB
117 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9999486404371312&plah=reurl.cc&bust=31073581

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b2bfc37e0b68001b27c4ffa74191320a3a2ca08ac1ca6539a680e13848b673e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119176
x-xss-protection: 0
server: cafe
etag: 14105329917039862240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 07:31:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230330/r20190131/ Frame 7A37 10 KB
5 KB 33ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230330/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29384
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 23:22:09 GMT
etag: 2378337311435320485
expires: Tue, 18 Apr 2023 23:22:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 feeds Show response
storage.re-news.tw/ 7 KB
7 KB 762ms
302ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 727456104982ee9656af33c88ff09b800de852444c31e78f295638b31925bea9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1d1d-lREtRutwNQBaCWFqtBXUydfoUsk"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7453

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
601 B 46ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-9999486404371312

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9999486404371312&plah=reurl.cc&bust=31073581

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59ca1db7627a43046fe89e16e5b27c19b5e5a06e8bebf9167fe53732e2d41cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 86ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=reurl.cc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 36ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-expand-lg%20navbar-dark%20bg-reurl%20fixed-top%20nav-no-padding&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC79 603 B
245 B 67ms
66ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9999486404371312&output=html&adk=1812271804&adf=3025194257&lmt=1680679913&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680679913398&bpp=2&bdt=705&idt=178&shv=r20230330&mjsv=m202304030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7622034864295&frm=20&pv=2&ga_vid=400798822.1680679913&ga_sid=1680679914&ga_hid=724618695&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788217%2C44759837%2C44759876%2C44759927%2C31073581&oid=2&pvsid=1862533163576936&tmod=628033227&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=196

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 07:31:53 GMT
expires: Wed, 05 Apr 2023 07:31:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 06:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5201
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 05 Apr 2023 08:05:12 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 616C 97 KB
27 KB 99ms
78ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f1f2fe3fc8b47fadd0bdc08f66cbf28173f433d5879c1714432a5f041b169635

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 07:31:53 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: GR1L1p4EyV7hhD+qR8Hty4QJC6KTMIxlfLv6O9nrL2Y7OWDe+yd1Hj8WPuKTPZ0HDfJUeqnjh53Y9JoBfBkl6g==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Apr 2023 07:31:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: povsQ7RC9sDDvHdyMcoXNJKc5Rnq7R4r/7ZAQ+F26CPTBJBYyoAkX4tTdnTrLi01F+/5Bq13ZKvaPnsQLOlrxA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
142 B 14ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=724618695&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=41919983&gjid=812149779&cid=400798822.1680679913&tid=UA-102456694-1&_gid=866425897.1680679914&_r=1&_slc=1&z=8132239

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 6ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=724618695&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=0&el=MjE3LjY0LjE1MS42OA&ev=1&_u=IADAAEABAAAAACAAI~&jid=&gjid=&cid=400798822.1680679913&tid=UA-102456694-1&_gid=866425897.1680679914&z=1582583025

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48401
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 6ms
6ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rl=&if=false&ts=1680679913646&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1680679913645.809449101&it=1680679913335&coo=false&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Apr 2023 07:31:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
344 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-102456694-1&cid=400798822.1680679913&jid=41919983&gjid=812149779&_gid=866425897.1680679914&_u=IADAAEAAAAAAACAAI~&z=1736917418

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Apr 2023 07:31:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E84E 48 KB
27 KB 35ms
34ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=x2n1mjr5x0fz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

77f6ce97ecb9856cc270cfeb0a077095667f4f47fe26630994e82bfad3619a26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ksKGpl7IREMmQeDWIB4WhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27095
content-security-policy: script-src 'report-sample' 'nonce-ksKGpl7IREMmQeDWIB4WhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 07:31:53 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 oAvRVzS4StJ.css
static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/ Frame 616C 20 KB
5 KB 27ms
7ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/oAvRVzS4StJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a91751f1f02d78175e9cd38947d12745be0260d4e39ae65b4cb8565428d8f760

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oCeJCyqik8F1O6E4M3bxdA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5136
x-fb-rlafr: 0
x-fb-debug: 23VAUh6fTwVKs9LUfxuXwLZbM+LuQnUF1mT4+QtQwEuhQbHL8aaNThX38/2jdc+Kay1OwBjXMszTQFdK8ddQ5w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 03 Apr 2024 17:18:07 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 616C 2 KB
1 KB 28ms
8ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: qPAwpRVSuQA7RSWOWEceEq8SpmyallbkmdjKdQlAJAPUUuTdxtXosBVXgfyY0Ir1158RacxwwVPc6WSMB5zBtA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Mar 2024 20:52:14 GMT

GET
H2 200 XMHgiwdrM2B.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame 616C 33 KB
7 KB 28ms
8ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/XMHgiwdrM2B.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43cef17a32d6403565654fc0972e73949f5cdb2c7e51830898b0738078f89f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: x1EIOauApyTRaW/nXejV3Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6475
x-fb-rlafr: 0
x-fb-debug: lymNJv11fLvbbo+DJ7ipC7/UhJLCG2d8rrTA1NDWoU7NZNhcDjrAc3FKidKrQwgNRGxc4kynHkT8KxQxmFZn8g==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Mar 2024 20:13:34 GMT

GET
H2 200 t9GwRKtkA3G.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/ Frame 616C 17 KB
5 KB 28ms
9ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/t9GwRKtkA3G.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a4fa50b79e19d74fe9b591e9db8dc8677dcee7f8d88678b31c5e205dbd86295

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DQufHZ7XnsI98uOHJT4Jew==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4636
x-fb-rlafr: 0
x-fb-debug: +Ovuo52OvLaVfdsZkKvCc7qxae7E07z5SHA/6GmUcbmWC+DGgQMT75o8j78utlc9obna8AxkXG7/OBRwiXXXZg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 02 Apr 2024 16:48:01 GMT

GET
H2 200 du3c8SH_B5Y.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 616C 300 KB
80 KB 29ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/du3c8SH_B5Y.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e741e3e6d08ba44b9f033e6105b520106de2300fa686ebd673d91290badd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 68WFfu++q9RPoFVYM8q8wQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 81167
x-fb-rlafr: 0
x-fb-debug: rz30eRM3tiFH0DE5dg6wFKr2mCWYTAzMZvrm+hUiCEOssTWIRJHeVDuOMlDPwmFShPIDDtI7OEgvlechTmOlLw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 03 Apr 2024 00:06:24 GMT

GET
H2 200 sN8pzo7zgao.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 616C 38 KB
12 KB 29ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/sN8pzo7zgao.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1276adca00b19d123d3829d7657445758c774ef42342e8184e844c691af0ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: A+MHdwa4tQA5oSoFTbkTkQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12398
x-fb-rlafr: 0
x-fb-debug: Lbt4rASCq3YvC1eJETtTccnPb+1QH7Xy6JoIkulwG3vL4RBwSqSDdbmG+ggLHOogj2zyQY0cuZ5lurPxThDmDQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 00:19:29 GMT

GET
H2 200 x9ob8vCc1UZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 616C 53 KB
16 KB 43ms
24ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/x9ob8vCc1UZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d422135203d1e49c401349c8dc9372dfa93398de8c8aa0b191cb202871b05ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: x5WYKAb4xvJQC2ZYjHeJ6w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16693
x-fb-rlafr: 0
x-fb-debug: bpFk6J3ls29u/lQS+S2IeHd/iRYqNV5OMyU2P5C2ggcrJdBLC+xBJgq9GNPQtHB+WOB58ZmS5EN2nQluo3U+LA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 00:19:29 GMT

GET
H2 200 iLg9Fs3tuzi.js Show response
static.xx.fbcdn.net/rsrc.php/v3i2aq4/yH/l/de_DE/ Frame 616C 59 KB
17 KB 28ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i2aq4/yH/l/de_DE/iLg9Fs3tuzi.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

465c56187a03836cf6d6259aba8013a71c7aaf6a041d27d7d917cd4089d2fa6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GAVtjyDzS+6pc+qFHz4xWA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16978
x-fb-rlafr: 0
x-fb-debug: uu+HlvwF4V04SBPimdAxjZ7A+ySrTC7UoxQeiz5Kx7CINCCc8lh9H0QaprIEsF5pK+4L4aKVprkLCzemxhq1EQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 03 Apr 2024 18:24:42 GMT

GET
H2 200 WFfLyNUeqOu.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 616C 13 KB
5 KB 29ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/WFfLyNUeqOu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8bb6ace1e4ccd1e39830827276afbd4e65b57815b2039e89772accc3e6450054

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oOPG1azT8t8QXZLDVp09Vg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4642
x-fb-rlafr: 0
x-fb-debug: Nqf3bLBwgk6M97KWREkQgxpP7e+Wwt5p6xSq27A5XbZsHx/l+Redw7ySxv76KYeUcIEpi1RSN+yRiLjkR67gFg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 04 Apr 2024 05:12:14 GMT

GET
H2 200 gWJhn_1G1cu.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame 616C 13 KB
5 KB 39ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/gWJhn_1G1cu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6704266b2bfce04a8783cfcc06e1d2263474815e1763acca8551fa8fe3cfcc10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: jCmXrrKuuzUlfKUnE9JBcw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4770
x-fb-rlafr: 0
x-fb-debug: DbN94e2ixC1MBNX0EkTNixMDolEqzuw8G+OVfXHxh3vCKZU7eM+gu5hyszw8urLffbQjg087vwmsFrMwdgHwdg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 04 Apr 2024 04:02:27 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 616C 507 B
489 B 39ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: 5cRKbCHCOVe4S35kXGwCaz6924L+aXN74mW0XpqgwDqmrGH8HC+TWj3+PaiwHcclofsvLhL+sh+HkGCEPrzk3Q==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Mar 2024 19:28:04 GMT

GET
H2 200 X_XifH79S2J.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 616C 188 KB
54 KB 38ms
20ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/X_XifH79S2J.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a449f86065b1da3e0a491a2f28a1a5c3d1bdea4489719b15dbc285e86ea2452

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pDnt4Oq9YCtlw+cL2F/95w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 55520
x-fb-rlafr: 0
x-fb-debug: l8y+rXpUVleiRsDZJbWX7z5f6NjKysRI56PcOr6k5UxJOPwTTrMDv2KIpoTGWcHQRfV+zsvJxbyp0B6BaxYlVQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 02 Apr 2024 20:55:49 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 616C 5 KB
2 KB 50ms
32ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: koakLGY1v5R2GWTxsSnA3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1615
x-fb-rlafr: 0
x-fb-debug: natHaOmId9HgeTpZH7L65wf0rRhzCeWb9uU4cPxBuJEbl1pEv1bczPENHRgcDDezNuf/tBzvoJ+D/x4UkT2mKQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 18:36:52 GMT

GET
H2 200 1Ulfz6rnzSd.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 616C 16 KB
5 KB 39ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/1Ulfz6rnzSd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de1fd422a1243bd2d255755467fc11f395000fbf42bcdc988ffa266437560094

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xfWMMaV5c0pvNJXy8MG8og==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4534
x-fb-rlafr: 0
x-fb-debug: 2dl5kBMBBRq78MQwbeR58NcO2MuY8g7T3+bCcZpAtVgjx7k1IAcC613wL+nPoeeA+DyIyWrbDPkuYc7X7KDzEw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 31 Mar 2024 17:07:03 GMT

GET
H2 200 UIbhq_otiob.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yg/l/de_DE/ Frame 616C 70 KB
21 KB 39ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yg/l/de_DE/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a99644ac3b98f4a7d4a9e1eb1894af7ffe5883cad0ca2ec71fa9c3bd291b26c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zU/kQ8XLBLL9qzneqAvI8w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20995
x-fb-rlafr: 0
x-fb-debug: +I7bejc6M2D2XFn2uGQSrLr94Ugdvm6/s2oio9Zfi9uCTVcin5l9S2xGeyVX6JOGtPECnBM8CfL/d+Ch1HA3vw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 27 Mar 2024 09:42:36 GMT

GET
H2 200 Wtl6tMxz2hH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 616C 27 KB
9 KB 42ms
25ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/Wtl6tMxz2hH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2429dfbe741449bf01449b46bbf212b18f464038995e771ca9a4bb1e0925610

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zreoT9hZjaMMYMRJ1AEzzg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8978
x-fb-rlafr: 0
x-fb-debug: 1uXlWrfplN9Lj3K6bHfMJf22G1xYkhTaVWFGvxemQuo+2BGqvu4I+KmD9B3GdFtOuUkpWfS5beTX7GFe0Ppx6w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 27 Mar 2024 11:05:56 GMT

GET
H2 200 LYXHqB_QgZG.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 616C 5 KB
2 KB 39ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/LYXHqB_QgZG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

395834ce888977fab5c27173baad78496ebbce8540bd07a4c781ef3a54c52271

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KPo6gCBqevepMF5DpTbSSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1658
x-fb-rlafr: 0
x-fb-debug: lCHCnwrQoEPE9BiBEPSw0dxb74pTkOipYwKNjsVIS8tORRocnrGOHqspNGcQQ2XIcTntsD/lElgE72pGAbMeCg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 31 Mar 2024 17:07:03 GMT

GET
H2 200 1_Vl38oy0lQ.js Show response
static.xx.fbcdn.net/rsrc.php/v3i2dl4/y8/l/de_DE/ Frame 616C 328 KB
77 KB 49ms
32ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i2dl4/y8/l/de_DE/1_Vl38oy0lQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ea729704c1d680074fde37c8dc5ea5ded171cfe5ead33a7c59e4509ad64b726b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sKP0796/a8GBkOJNQpNeMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 79031
x-fb-rlafr: 0
x-fb-debug: rSF+W2r6mI4ZqGJY991IfgGEyR0LfkG/ghWjqoLhPmW4tIJF/kNdnKtg2ty6prZxcDQTdfWc2JbhQeZG4FGGvQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 28 Mar 2024 18:53:45 GMT

GET
H2 200 dKGK0McILid.js Show response
static.xx.fbcdn.net/rsrc.php/v3i6WS4/y7/l/de_DE/ Frame 616C 408 KB
96 KB 40ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i6WS4/y7/l/de_DE/dKGK0McILid.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ace598cef1d9acffd2c90a3b1ef06d74eeb14e8aab559ea69af6d6d7af5ad199

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SWzBh7tVpDmJ0q/IbpavwA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 98311
x-fb-rlafr: 0
x-fb-debug: 45RHiIxXaU6sbShDBPSsSw0R9ySKW8bn4OqcrqIIRztcS6WcOyRjLrP7EgiedjBIYHndi+t0M2aMrNg4fr5/bg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 22 Mar 2024 04:45:19 GMT

GET
H2 200 UN3_PbR-HJ4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 616C 21 KB
7 KB 40ms
24ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/UN3_PbR-HJ4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e239a7ef6b367100ceb17647f6057f4b9db339e29e8e0778151df9ca5e07e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3uuABC/lnX9uyekO3Kn9bg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7104
x-fb-rlafr: 0
x-fb-debug: 5/8Micko4ntgEGENfQInjza/7STbAVCQ9WyoFQKirObHC25nvic0kgUaOhoEsSVO7G07M9RoDrkiTh5rvPkFvA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 27 Mar 2024 09:42:14 GMT

GET
H2 200 7TQpq0fzfu4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 616C 2 KB
974 B 39ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TLChQoDhUYzpJFadDZTs1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 782
x-fb-rlafr: 0
x-fb-debug: 5wbz6oWve9voULmPvgDWPWgryyrwOVg5UDNvjYj5cXJX/LO1Vo1m8R4fbFUTveBNEZjovgNfhnlgd4yb0Dr4kQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 24 Mar 2024 10:42:24 GMT

GET
H2 200 h8ulkmpky8f.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 616C 55 KB
15 KB 39ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lbhbphR1BNPxW6RqDJiiow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15174
x-fb-rlafr: 0
x-fb-debug: yVyfpiSi8gVmowWJrIqRb4KqtwzU8F6SXnAtKy+XIOou43fHH6lJoCFHYmpOiQZWPb66SJ4zjINGdUabKhXSWg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Mar 2024 17:04:14 GMT

GET
H2 200 325141786_6140032619364934_7377705774471631398_n.jpg
scontent-fra3-1.xx.fbcdn.net/v/t39.30808-6/ Frame 616C 16 KB
17 KB 24ms
9ms Image
image/jpeg 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=dd9801&_nc_ohc=3XBgGhv4hyoAX-1TMtm&_nc_ht=scontent-fra3-1.xx&edm=ADwHzz8EAAAA&oh=00_AfBPB-OKbs24c-CY059DOX-5RfozZ3QDD2nC3Fjr4q6qtQ&oe=64314005
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-haystack-needlechecksum: 1290236993
date: Wed, 05 Apr 2023 07:31:53 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 13 Jan 2023 04:15:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1433450679
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2910780274
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 16853

GET
H2 200 305964663_450890893727816_1742559653774706626_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t39.30808-1/ Frame 616C 1 KB
2 KB 8ms
7ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=GUpn1lBKHGIAX8w2mr3&_nc_ht=scontent-frt3-2.xx&edm=ADwHzz8EAAAA&oh=00_AfAGR5pdpO9tiYywnfe7EFNGYf9-ae4aX7qQ0tN5Wnz8VQ&oe=6431F9D5
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-haystack-needlechecksum: 760809244
date: Wed, 05 Apr 2023 07:31:53 GMT
x-fb-trip-id: 686109401
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2540016234
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1345

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame E84E 55 KB
24 KB 23ms
8ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=x2n1mjr5x0fz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 20:07:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame E84E 410 KB
164 KB 24ms
10ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb03a90ba8e768848eccdace513b8d3a36a2c29b5497a2b43662b09dd59eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 21:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167953
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 21:08:32 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 20ms
20ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102456694-1&cid=400798822.1680679913&jid=41919983&_u=IADAAEAAAAAAACAAI~&z=298833548

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 45ms
20ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102456694-1&cid=400798822.1680679913&jid=41919983&_u=IADAAEAAAAAAACAAI~&z=298833548

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E84E 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 394001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 18:05:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E84E 15 KB
16 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:05 GMT
x-content-type-options: nosniff
age: 75648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E84E 15 KB
15 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:02 GMT
x-content-type-options: nosniff
age: 75651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:02 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame E84E 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=NZrMWHVy58-S9gVvad9HVGxk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5eeebeac1fee158e91552b54fd08b8d3db120dbe80ed09075135fa760415a3ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=x2n1mjr5x0fz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 07:31:53 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 616C 573 B
625 B 7ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/oAvRVzS4StJ.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/oAvRVzS4StJ.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: PdWxn4LDHT2+/IeL+C3AuHmyfTTDtNA3nsgyMTyzcwv9PGBEMC4pSWFn847CTKozF86vgsM1uEMnmqBDxlp0JA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Mar 2024 00:31:26 GMT

GET
H2 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame 616C 98 KB
24 KB 276ms
276ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19452.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1007248582&__s=%3A%3Aednvdc&__hsi=7218465262680157578&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5Zx61vw4iwBgK7o1yEfo2IzU2Xwdq1iwmE2ewnE2Lx-0iS1Axy0gq0Lo4K2e1FwbO0NE&__csr=&__comet_req=0&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yg/l/de_DE/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

479448e7725806b27b5a3ed384da98482c1da3465d1979bdb81c69adaa4ddb4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: PFc4YLCGI5YpO68ISZS0At
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 198387
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 07:31:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: LF/YbTVJIexwwhrRiw73S2xZ3vxHlkvqmfPsszNrS0g628WbsSgIBnQ17UpB4gYFTHm2Gnxz1LrhRPqHKZWwyg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 616C 907 B
1 KB 40ms
40ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yg/l/de_DE/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4f98c649b23ea92015a5d93f2499a91585972463231bbed65eaa432716086f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: PFc4YLCGI5YpO68ISZS0At
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 198387
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 07:31:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: rXFn/rixGPTd9LVWEGBJtLR6qr0wUvM935CmZGNDZD+AeMglhQJGEo5nrUEdcQ5PWV73kfwGvVOk9emMqst4cw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 616C 907 B
568 B 32ms
32ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yg/l/de_DE/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e28a14804045f708324e50a61eafd1e6de85b8e0e2a2106c546f60388657ce08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: PFc4YLCGI5YpO68ISZS0At
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 198387
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 07:31:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ROxqVNg1G39jFaw2stzydQD+ovp/439hlmUfm1dyv/7kNh9ZQiOqZQFyD4VQQm+AL21Em7ZxVmnAILW96JXjyA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 616C 12 KB
12 KB 7ms
7ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/XMHgiwdrM2B.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/XMHgiwdrM2B.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
x-fb-rlafr: 0
x-fb-debug: aXmOHFythbhMxFst+s46lamqpYp8BILzdyNRm8Imovy5S9KOqJAwqKPVmf+ef4LGW/q7yLQzavpTJNq6QH6FGA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Mar 2024 04:35:12 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 616C 1 KB
1 KB 8ms
8ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/oAvRVzS4StJ.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/oAvRVzS4StJ.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: dmQyAKJWecbFPpvYSD4B6t/GzmB3oaH2JbqTLPkaRr+FK1HfKQ3cJyljxlXO9dyF3A+cWXUZ4TNn1KPBfhkHbA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Mar 2024 05:25:46 GMT

GET
H2 200 FXcu1F4rkvQ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame 616C 344 KB
75 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/FXcu1F4rkvQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/du3c8SH_B5Y.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c6105837ad333d7fc10554e0345322cf3048c5bf3434c049542ed22726a55ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7tYxwSs2B1uYDrDtdwZaDg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76555
x-fb-rlafr: 0
x-fb-debug: 4/kTF+g6e8ZvTYqbadUXKn1e/M4DgAIw1xlUXjSvFqisAo20wgqQdjIhIEWpS0O0teY6UL21GVrn/O2seRKgxQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 03 Apr 2024 03:35:23 GMT

GET
H2 200 BqEjD1dj1pL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 616C 840 B
549 B 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/du3c8SH_B5Y.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uknKQ5sJ+8vBWLiIBWWBIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 356
x-fb-rlafr: 0
x-fb-debug: 1eY2RD1DzwlPtRRyddURT8UIJx5xr2ceJefsZXQVWW3pJi9QlD5WT5mTfI8e7a8tyO6hC3RO6ZtFU1qhmj+Txg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Mar 2024 19:33:44 GMT

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 616C 198 B
254 B 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/du3c8SH_B5Y.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:53 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: bz+egIMo/9pvytUcQA/vKSCw3LbN0mF2EPHxl9q5GVapz+iRMIfORTHSIbsFURNp7xkOYqdBU0x76rxijn5cmg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 03:31:28 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 5AA1 7 KB
1 KB 20ms
19ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e7d82b880e3757f72346f0922dffe9a481eeb222373b682e507ce17d208fa7c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n2Q53P2RzMYmlLvZyxReZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1122
content-security-policy: script-src 'report-sample' 'nonce-n2Q53P2RzMYmlLvZyxReZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 07:31:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 5AA1 55 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 20:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 20:07:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 5AA1 410 KB
164 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb03a90ba8e768848eccdace513b8d3a36a2c29b5497a2b43662b09dd59eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 21:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167953
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 21:08:32 GMT

GET /
www.facebook.com/login/ Frame 616C 0
0

GET
H3 200 /
www.facebook.com/login/ Frame 616C 0
0 91ms
88ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/du3c8SH_B5Y.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 05 Apr 2023 07:31:54 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: AL/cYRHFanRS34x/oNQ+JCO9cXa62oyssbRk2OJMyvHYfFTTSHtxW+KKlAuUulOHeL99oSua5mBWDz0KqFDH/w==
x-frame-options: DENY
x-xss-protection: 0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 5AA1 39 KB
24 KB 62ms
62ms XHR
application/json 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

14ef3b43995188b93e674bcc38243868e3515e285e5c6df129f1d84e50358752

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24491
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 07:31:54 GMT

GET
DATA 200
OK truncated
/ Frame 616C 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 UislPCXOWc0.css
static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/ Frame 616C 19 KB
5 KB 8ms
7ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/UislPCXOWc0.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/du3c8SH_B5Y.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f75b6ee6e9bd2f4f0e4c5221d955dede1229eae2c137ad283fccc4918cc5bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HlDm5uW9RcrMa0LFO+oNyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4558
x-fb-rlafr: 0
x-fb-debug: fI1YQKF6Wt8djnptzIl5ozKvuxcqU4LjKpC4Lvf2NeG4+HjWomkCcjQ0IhuUpjVW4NWP3CT+a004iVSR0c3O+w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Sun, 24 Mar 2024 13:41:46 GMT

GET
H3 200 zTAcZgbV8nB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 616C 61 KB
16 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/zTAcZgbV8nB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/du3c8SH_B5Y.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc0d49dfd20b6ece5010cdd54bdefad3fe2df62828dc6c579cbaf5a4e63a9fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NST0JUomaRRhKDzRtqfVoQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16144
x-fb-rlafr: 0
x-fb-debug: RXf/TzCB8XeB3D2q4DSL4KI+Dd3WH4e929Mm0184FVimMxyLUT1dd/v6t0tesSVX/ErId6NMAvQdl9GfdYRZuA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 23 Mar 2024 07:54:29 GMT

GET
H3 200 SV0HgmB8RsT.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUY_4/ya/l/de_DE/ Frame 616C 31 KB
9 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUY_4/ya/l/de_DE/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/du3c8SH_B5Y.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

362de89bbfb9611beef7c2c3ccdb317cc4af2bfa53228e816469c45a40547de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 46U2bWt8OWu+fQzp2QtHxw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9061
x-fb-rlafr: 0
x-fb-debug: ryXvbsE4OuGnM25hOKHJ+IITcVG+UZy0XBppWx68XDqj4bVQb+25kwJRlmGh6m4CEYh5bwEE/7FPWVi+JDOKSQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 20:11:08 GMT

GET
H3 200 V8jK12UmQ6C.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 616C 3 KB
1 KB 13ms
13ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/V8jK12UmQ6C.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/du3c8SH_B5Y.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2030569339b862f00a936d97af228b1bc2500d7f7162abc23be7d8acc710482

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G94KxmId/Gs6bmpfm04/RQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1248
x-fb-rlafr: 0
x-fb-debug: eIv81Xer7KnoYj05UXj8p/BWbiwnxWJn/Ofnw18kV/MgcKnpVs6GFzZYNm0JlkBC8AyAsaNm29zqHOo0s5rahg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 18:43:54 GMT

GET
H3 200 ie38mp0O07P.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 616C 25 KB
10 KB 14ms
13ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/du3c8SH_B5Y.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CEYVgZg04j7erS0ub7sNsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10390
x-fb-rlafr: 0
x-fb-debug: lLFy8LtOTRueTZFHhxwATsacfoWLY9Fadqd7Wh/7/MptYmkFVwwjo3JodyekQPwmGnSWAt0US0BmRQjf7POfLw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 21 Mar 2024 18:44:05 GMT

GET 305964663_450890893727816_1742559653774706626_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t39.30808-1/ Frame 616C 0
0

GET 7931410051516434586
external-fra5-1.xx.fbcdn.net/emg1/v/t13/ Frame 616C 0
0

GET 14069597498329024862
external-fra5-1.xx.fbcdn.net/emg1/v/t13/ Frame 616C 0
0

GET 18029814871319172731
external-fra5-1.xx.fbcdn.net/emg1/v/t13/ Frame 616C 0
0

GET 287068195877952849
external-fra5-1.xx.fbcdn.net/emg1/v/t13/ Frame 616C 0
0

GET 16052937817076775126
external-fra5-1.xx.fbcdn.net/emg1/v/t13/ Frame 616C 0
0

GET re1hPxQECWj.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 616C 0
0

GET MKQzjVd1bVq.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 616C 0
0

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5AA1 600 B
624 B 7ms
6ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 394002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 18:05:12 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5AA1 530 B
554 B 8ms
7ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 394002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 18:05:12 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5AA1 665 B
689 B 10ms
9ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 394002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 18:05:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5AA1 15 KB
15 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:05 GMT
x-content-type-options: nosniff
age: 75649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5AA1 15 KB
15 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:32:23 GMT
x-content-type-options: nosniff
age: 75571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:32:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5AA1 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:02 GMT
x-content-type-options: nosniff
age: 75652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:02 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 5AA1 32 KB
32 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AKH6MRG0gucwm7xjPsAJCihdQLc7kofJiiB2Pvufa-H84bkiPEKUh5k1H94Re2dNKiJ6XnREzIPJwYF9DsQppw1HdgaSxI4COLUZMTiCnPf56xjWf785tpHcURA_NkTMxmQsIjjvJYYwTKFk553orslFFOj_F0GEfxB2ypQk7R4sjZ7RNszZ2iBKE1jwhItQ5x--J4NUUGwRYXxKsTwaLSnfom7Sxfy_-HgvmbtM7_974FtzwKYJjbU&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1a11175b9e2a9c453a98d1036263cc1281b5605897e06bb011cc750e7bad3a73

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32485
x-xss-protection: 1; mode=block
expires: Wed, 05 Apr 2023 07:31:54 GMT

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 49BD 7 KB
8 KB 330ms
330ms Document
text/html 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5
content-length: 7381
content-type: text/html
date: Wed, 05 Apr 2023 07:31:54 GMT
etag: "7043648f76be8783efb738bc06c56fa0"
last-modified: Sat, 01 Apr 2023 10:12:30 GMT
server: AmazonS3
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
x-amz-cf-id: 2J-nY40prgcOB0-SGOIjxz8P8WCXHAdw3R-0u7US-4Ra1tPnH7WmtQ==
x-amz-cf-pop: MCT50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: WHGwAu4MTkRcpREkx5kaF0QAk78.5N_n
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ 662 B
1 KB 313ms
313ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 6iQj84llV3rR.0yuaGW5MD4xROopc9DP
date: Wed, 05 Apr 2023 07:31:54 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:10 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 10
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: qIbdkNRVIVuQDNw2XbYI4sd9u45I-x8AE0E3P9PWruAuytAbu5-Bxw==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 8F2E 15 KB
16 KB 400ms
399ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: MFy6Upfl.bsHPMU2T6iRBl4ip_AjYZqV
date: Wed, 05 Apr 2023 07:31:54 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:19 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 30
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: DDXL1AICaFioIY5uTDx96BQFtsUp2-UR7qbGfb1GMyNZpIVg5YdLgQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame E108 15 KB
16 KB 393ms
393ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: MFy6Upfl.bsHPMU2T6iRBl4ip_AjYZqV
date: Wed, 05 Apr 2023 07:31:54 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:19 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 30
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: vikHsZZWOlQNmJO-CIAOOqk0124f2GM5h10XWdRxuKQ9R8zsjld9bA==

GET
H2 200 1680604978-5f4c8c1d4970a526c7dd0e03447ef085-840x525.jpg
img.gbyhn.com.tw/2023/04/ 115 KB
116 KB 1051ms
16ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2023/04/1680604978-5f4c8c1d4970a526c7dd0e03447ef085-840x525.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 638ccc49b336e2a78cfc6494f039ecc1a87e93bf500909d44ea7d9ed7ad08bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72929
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117818
last-modified: Tue, 04 Apr 2023 10:42:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2lZxHFjfqh2%2B3Xi50lWwORt2LYCBL0CT7n1Xt6B%2F3N0ungjbs7CI7Bs8IiFy%2F%2FnxCoLWVSlO4KsYrdf3u9Da3kOffFNcX81LeKAPT1C0%2BmzCVcLw1yJDuAGApK9xAmscED9AnJT03qDRnQgF9kr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b30181f3f6b924a-FRA
expires: Tue, 11 Apr 2023 10:43:10 GMT

GET
H2 200 %E5%85%A8%E6%94%AF%E4%BB%98%E4%BB%8B%E7%B4%B9%E8%88%87%E5%84%AA%E6%83%A0%E5%BD%99%E6%95%B4-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2022/08/ 72 KB
73 KB 786ms
276ms Image
image/webp 192.0.78.135
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2022/08/%E5%85%A8%E6%94%AF%E4%BB%98%E4%BB%8B%E7%B4%B9%E8%88%87%E5%84%AA%E6%83%A0%E5%BD%99%E6%95%B4-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.135 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a61cb8086f55d84a3ff8b152c11c8a21df98355e6e4e6bd89807fa32f6060ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ac: 3.ams _atomic_ams BYPASS
content-length: 73974
x-nc: HIT bur 5
last-modified: Thu, 25 Aug 2022 07:33:56 GMT
server: nginx
etag: "a9f755ccfaa884ce"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Sat, 24 Aug 2024 19:33:56 GMT

GET
H2 200 2023040307395458.jpg
img.racingcharger.tw/wp-content/uploads/ 404 KB
405 KB 457ms
23ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2023040307395458.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0983e9853697bf4429ffafa69435006bac11a895b7823be4fd6caae32d677e76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
cf-cache-status: HIT
last-modified: Mon, 03 Apr 2023 07:39:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1635
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEmyyes%2FYBpfV4C1kYpBNWdBhXghwgv1EaPOyDc7MLTEjEY5sBQTmO8Vz0YqHOoxIskvKg41HB51pwV%2BeaIpaaQvMuy6U71RvFx3Izbzz9Ds2UAi1e5Ge9nRd71NTp6Gmx%2B4jo%2B6JE1jNZCKuXnUA2GZpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7b30181b78ebbb3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 414017

GET
H2 200 image_5022994_30101958.jpg
mma.prnasia.com/media2/2044404/ 57 KB
58 KB 45ms
18ms Image
image/jpeg 2606:4700::6810:fc04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/2044404/image_5022994_30101958.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:fc04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 14976c8ca12c8bd4c33d6aba0d8ff811c0fe350abaa4d94d72f241ff22fca3bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
cf-cache-status: HIT
age: 86165
x-powered-by: ASP.NET
server-timing: intid;desc=c9820aec2312d209
content-length: 58439
cf-bgj: h2pri
last-modified: Tue, 04 Apr 2023 07:35:49 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=1
accept-ranges: bytes
cf-ray: 7b301818e8409100-FRA
access-control-allow-headers: Content-Type
expires: Tue, 04 Apr 2023 07:35:50 GMT

GET
H2 200 %E3%80%902023%E5%B9%B4-3_4-%E6%9C%88%E9%99%90%E6%99%82%E6%B4%BB%E5%8B%95%E3%80%91%E6%B4%BE%E7%B6%B2%E5%90%88%E7%B4%84%E5%AF%B5%E7%B2%89%E6%B4%BB%E5%8B%95-750x375.jpg
www.rayskyinvest.com/wp-content/uploads/2023/03/ 41 KB
41 KB 52ms
11ms Image
image/jpeg 34.149.36.179
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/2023/03/%E3%80%902023%E5%B9%B4-3_4-%E6%9C%88%E9%99%90%E6%99%82%E6%B4%BB%E5%8B%95%E3%80%91%E6%B4%BE%E7%B6%B2%E5%90%88%E7%B4%84%E5%AF%B5%E7%B2%89%E6%B4%BB%E5%8B%95-750x375.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.149.36.179 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 179.36.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 062846e8d28e4b414ed35cb7885ff381f020faafaa66fd379cf9191566f81827

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Wed, 05 Apr 2023 07:31:54 GMT
expires: Tue, 02 Apr 2024 09:38:13 GMT
last-modified: Wed, 22 Mar 2023 14:17:42 GMT
server: nginx
etag: "641b0e06-a41c"
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 42012
x-cdn-c: all
x-sg-cdn: 1

GET
H2 200 file.png
static.wixstatic.com/media/08c74d_3d9ddf04531043dcb39d78ecb7e101c5~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 194 KB
195 KB 40ms
8ms Image
image/png 34.102.176.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/08c74d_3d9ddf04531043dcb39d78ecb7e101c5~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.21.4.1 /
Resource Hash: a66ba6dda43ebd256dfc3de9235b98ec5b0c5e1274868d3d38f333679bb2ef18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 07:42:40 GMT
via: 1.1 google
server: openresty/1.21.4.1
age: 1986554
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199163
wix-tracer: 2MwzJWHj6gE31EYKczpmtOeJxIS
x-seen-by: image-manipulator-5fdcdfd696-fc7ms

GET
H2 200 renews-title1.png
re-news.tw/images/ 24 KB
24 KB 1451ms
469ms Image
image/png 35.185.136.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re-news.tw/images/renews-title1.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.136.122 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.136.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:55 GMT
last-modified: Sun, 28 Nov 2021 04:19:19 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "61a30347-5fad"
content-length: 24493
content-type: image/png

GET
H2 200 1672766450-7-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/01/ 487 KB
488 KB 47ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg?fit=2560%2C1920&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

81a83ad8c65b893ec909609444e653b7e0be9395ccf59016e03284e0d1a13844

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ams 6
date: Wed, 05 Apr 2023 07:31:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Jan 2023 09:14:42 GMT
server: nginx
etag: "fe5977c481a7ff08"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg>; rel="canonical"
content-length: 498450
expires: Wed, 08 Jan 2025 21:14:42 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
401 B 281ms
281ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

6ae217f7992ca44c6420e240cb46727f6a189ac102eef6b6d94d52e28fab6139

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 9F7E 0
218 B 803ms
246ms Document
text/html 54.65.46.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.46.111 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-46-111.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 05 Apr 2023 07:31:55 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 502 cm.php Show response
fcm.holmesmind.com/ Frame DC81 332 B
417 B 6142ms
6110ms Document
text/html 34.95.67.231

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
content-type: text/html; charset=UTF-8
date: Wed, 05 Apr 2023 07:32:00 GMT
referrer-policy: no-referrer

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 49BD 5 KB
3 KB 277ms
275ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 05 Apr 2023 07:41:54 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 49BD
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
512 B

119ms
119ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Wed, 05 Apr 2023 07:31:54 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 49BD 0
217 B 803ms
247ms Image
text/html 54.65.46.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.46.111 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-46-111.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:55 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
271 B 278ms
278ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=7e184910-e6d2-42d5-af0f-b286aa42108b

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 8F2E 536 B
623 B 519ms
458ms Script
text/html 2600:9000:2250:1000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13858
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 051141599f128f399f2cd53514ee1c28ba9d269ce1b065ba81dcc4b11a5d3b02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:55 GMT
content-encoding: gzip
via: 1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: eWJV4ih0dAAH2aqKGGocG9l-13ldjOmEeeNucIKn_I6UQJuukmGpdA==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame E108 606 B
640 B 236ms
236ms Script
text/html 2600:9000:2250:1000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13860
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e830fb2cd84ed7cc6eb54b4f7b682ddc8bf7dfe2bc02c3662631f0ee9abda2b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:54 GMT
content-encoding: gzip
via: 1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: YvXIULixiIh1V6EFz9riu7cr1l5YTCmxm7doNDbmVZbUUOB3r3odKA==

GET
H2 200 cm Show response
t.ssp.hinet.net/ 0
187 B 281ms
280ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=7e184910-e6d2-42d5-af0f-b286aa42108b

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:55 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
7e184910-e6d2-42d5-af0f-b286aa42108b.t.ssp.hinet.net/ 0
79 B 567ms
277ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7e184910-e6d2-42d5-af0f-b286aa42108b.t.ssp.hinet.net/pixel?bd=7e184910-e6d2-42d5-af0f-b286aa42108b&t=a546ca&referrer=%25%25%20referrer%20%25%25

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:55 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 49BD 36 B
407 B 278ms
278ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c5adcb9b89d01887d9c89f5f6b6ce9463732a74b4e39e84eed3ead802009a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:55 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame E108 2 KB
1000 B 869ms
333ms Script
text/html 3.114.128.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13860&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=361&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=5137-5c6D4c5HKpa9BPIPmYghQwk3ZLHc39Op&fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.128.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-128-184.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 828fcedb9def4ac9f1481a4df43378a24d01d2080ca976c14eef797906bbdbbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 05 Apr 2023 07:31:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame E108 3 KB
3 KB 316ms
314ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: WRBr_dYokX.Byxa4FpQXJbQ0mZmVrYNl
date: Wed, 05 Apr 2023 07:31:55 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:31 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 43
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: eKaBiO8RmHZ-4QWRp9wq4VfwCy92seE6YsOUjAm89pc8_a58D_himA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame E108 3 KB
3 KB 319ms
318ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: T9EtLsRBtntiNVebkSkqNjBOT2xj2KFV
date: Wed, 05 Apr 2023 07:31:55 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:25 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 16
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: Xed6zUiUu5dZTjDXpOBUf1GSlytbIP2hozwHxdlqXI80aLW7W9sq3Q==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 8F2E 2 KB
985 B 619ms
264ms Script
text/html 3.114.128.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13858&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=350&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=5137-5c6D4c5HKpa9BPIPmYghQwk3ZLHc39Op&fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.128.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-128-184.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: eb32dfcb968c26d30aa8af0a6c66b004c617d2f4832449013c80752eaab0b366

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 05 Apr 2023 07:31:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 8F2E 3 KB
3 KB 193ms
192ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: WRBr_dYokX.Byxa4FpQXJbQ0mZmVrYNl
date: Wed, 05 Apr 2023 07:31:55 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:31 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 43
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: 9rCyZaSeLTXJWCa-2DedErme9JIoz0RNdMuGPmG8UNfDtiA19Pbf1A==

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame E108 5 KB
3 KB 277ms
276ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:55 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 05 Apr 2023 07:41:55 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame E108 0
170 B 512ms
166ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 05 Apr 2023 07:31:55 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame E108
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA

2 B
168 B

302ms
300ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:56 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Wed, 05 Apr 2023 07:31:56 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 8F2E 0
171 B 455ms
164ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 05 Apr 2023 07:31:55 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 8F2E 5 KB
3 KB 276ms
276ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:55 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 05 Apr 2023 07:41:55 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame E108 36 B
400 B 279ms
278ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c5adcb9b89d01887d9c89f5f6b6ce9463732a74b4e39e84eed3ead802009a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:55 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 8F2E 10 KB
11 KB 372ms
372ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13858&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=350&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=5137-5c6D4c5HKpa9BPIPmYghQwk3ZLHc39Op&fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: STlwqKMa5Lkf38j3kiINzPUJUiNubaIp
date: Wed, 05 Apr 2023 07:31:56 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:11:59 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 9
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: 2RDNxd1qpVN6UoZBnif6lGtoKGaEYLI5YrKXZKipviKTWeEKncQxjg==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame E108 10 KB
11 KB 308ms
307ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13860&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=361&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=5137-5c6D4c5HKpa9BPIPmYghQwk3ZLHc39Op&fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: STlwqKMa5Lkf38j3kiINzPUJUiNubaIp
date: Wed, 05 Apr 2023 07:31:56 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:11:59 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 9
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: bAGLnpYSjy2C-KHN6PoeuSyvwiUw4DPBoEYW6f6arGxDxWr2fTOzRg==

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame D94A 17 KB
17 KB 206ms
205ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53df1526fdc2b4f441555de54276736c9e11bca04fefa66d67a1c6185fcb24d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: YZMOA73VlZIg6eVWuW5Xyfagq.s2oEDa
date: Wed, 05 Apr 2023 07:31:54 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:20 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 35
x-amz-server-side-encryption: AES256
etag: "5f199ebe685ea58160019a49b75a72c9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 16908
x-amz-cf-id: pgr2go0jqb8LPxANBToBeioFQ0mitF0juxVaDYle1-B9Ap9Erg6Vqg==

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 5054 17 KB
17 KB 215ms
215ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53df1526fdc2b4f441555de54276736c9e11bca04fefa66d67a1c6185fcb24d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: YZMOA73VlZIg6eVWuW5Xyfagq.s2oEDa
date: Wed, 05 Apr 2023 07:31:54 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:20 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 35
x-amz-server-side-encryption: AES256
etag: "5f199ebe685ea58160019a49b75a72c9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 16908
x-amz-cf-id: Z0UCsXS4gbTDzgt5NOjB-Ub4QH6erXNndpifURWY1rWuNlbtuFOKJw==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 4F92 7 KB
8 KB 201ms
196ms Document
text/html 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8
content-length: 7381
content-type: text/html
date: Wed, 05 Apr 2023 07:31:54 GMT
etag: "7043648f76be8783efb738bc06c56fa0"
last-modified: Sat, 01 Apr 2023 10:12:30 GMT
server: AmazonS3
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
x-amz-cf-id: oBul3M4wPaY2KqSTUaPrFCSBphtMqMsq3pexSk0N0r7Rz1p43cTDhA==
x-amz-cf-pop: MCT50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: WHGwAu4MTkRcpREkx5kaF0QAk78.5N_n
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame D94A 662 B
1 KB 190ms
189ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 6iQj84llV3rR.0yuaGW5MD4xROopc9DP
date: Wed, 05 Apr 2023 07:31:54 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:10 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 13
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: _LcDbmXCbt5Qy0XznjAHgyz0FG7RpushJU3qz4MfT1t9Xff85jQE3Q==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame A4A3 15 KB
16 KB 204ms
203ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: MFy6Upfl.bsHPMU2T6iRBl4ip_AjYZqV
date: Wed, 05 Apr 2023 07:31:54 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:19 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 33
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: KsJrul4gCKa2mni6DPQ6Mlw8Omz59-T6oxS0yPN-jl-AjeNaeJ0o2Q==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame D14A 7 KB
8 KB 205ms
204ms Document
text/html 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8
content-length: 7381
content-type: text/html
date: Wed, 05 Apr 2023 07:31:54 GMT
etag: "7043648f76be8783efb738bc06c56fa0"
last-modified: Sat, 01 Apr 2023 10:12:30 GMT
server: AmazonS3
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
x-amz-cf-id: 8_fl0B2yeA58929aI0E9xIy0LWig-34mcCFGUkIojvaUPp9_qNDIhw==
x-amz-cf-pop: MCT50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: WHGwAu4MTkRcpREkx5kaF0QAk78.5N_n
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 5054 662 B
1 KB 198ms
196ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 6iQj84llV3rR.0yuaGW5MD4xROopc9DP
date: Wed, 05 Apr 2023 07:31:54 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:10 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 13
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: 32QBM0T2ehyJJor4kzBzT5yIZDfmZCJVCk3EWObjxsfDbUuzL1-jiQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 8FA3 15 KB
16 KB 212ms
212ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: MFy6Upfl.bsHPMU2T6iRBl4ip_AjYZqV
date: Wed, 05 Apr 2023 07:31:54 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:19 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 33
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: S6qi03f7piT2IhyoaAaYbCk_cJO7uxwowT8bXoe-NZj6oUNCs0_T5w==

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 1DA9 0
217 B 249ms
248ms Document
text/html 54.65.46.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.46.111 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-46-111.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 05 Apr 2023 07:31:57 GMT
server: nginx/1.18.0 (Ubuntu)

GET cm.php
fcm.holmesmind.com/ Frame 65E8 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 4F92 5 KB
3 KB 276ms
276ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 05 Apr 2023 07:41:57 GMT

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 4F92 0
217 B 250ms
249ms Image
text/html 54.65.46.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.46.111 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-46-111.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H3 200 cm
c.holmesmind.com/ Frame 4F92 0
15 B 1038ms
1037ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame 4F92
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO&uu_m=undefined&google_gid=CAESEByfgVVO6r1hicxfvJQalns&google_cver=1

0
140 B

1052ms
1029ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO&uu_m=undefined&google_gid=CAESEByfgVVO6r1hicxfvJQalns&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
x-guploader-uploadid: ADPycdsspYffU5JC4nv4un4cvfPJdkSUUV_ksQVWAx6kWGg-XtZ9gQZCcZAdlGdyPCo11NbQRXtVj3-ZUwNHfq1S7vJHqA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Wed, 05 Apr 2023 08:31:58 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO&uu_m=undefined&google_gid=CAESEByfgVVO6r1hicxfvJQalns&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame A4A3 1 KB
740 B 462ms
461ms Script
text/html 2600:9000:2250:1000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13859
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 973c1c3635e44bf3bfe4fe4d5acbd83f571d5dbcb80046d161e1ca19963282dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
content-encoding: gzip
via: 1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: X1J3M8Np5ddXZqPL3ZeUdxyUBa7v6J0_k1EXG8299qeKbJ8874ad-w==

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame D14A 0
217 B 249ms
248ms Image
text/html 54.65.46.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.46.111 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-46-111.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H3 200 cm
c.holmesmind.com/ Frame D14A 0
15 B 1039ms
1039ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame C104 0
217 B 248ms
248ms Document
text/html 54.65.46.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.46.111 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-46-111.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 05 Apr 2023 07:31:57 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 059D 95 B
333 B 3110ms
3109ms Document
text/html 34.95.67.231

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 -, , ASN (),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Wed, 05 Apr 2023 07:32:00 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame D14A 5 KB
3 KB 276ms
275ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 05 Apr 2023 07:41:57 GMT

GET
H2

200

google
m.holmesmind.com/ml/ Frame D14A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO&uu_m=undefined&google_gid=CAESEBRLkKs8jTC8yQvCXygB1-E&google_cver=1

0
475 B

1044ms
1028ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO&uu_m=undefined&google_gid=CAESEBRLkKs8jTC8yQvCXygB1-E&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
x-guploader-uploadid: ADPycdu0qzNrqoJAtzVoOgO_PTBWEPgIqvehDEod3y-ZlTEnFBsf64fXlKhbFFfovOYQBxsZ6hUTKYDAUUTAcxrg-kkweg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Wed, 05 Apr 2023 08:31:58 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO&uu_m=undefined&google_gid=CAESEBRLkKs8jTC8yQvCXygB1-E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 8FA3 1 KB
745 B 235ms
235ms Script
text/html 2600:9000:2250:1000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13861
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
content-encoding: gzip
via: 1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: Cp_g9NrAEdskfGeTGKQMnWb9hQ0W_1QlquXdCNuS8Adr8kflDsjK_g==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 4F92 36 B
407 B 279ms
279ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c5adcb9b89d01887d9c89f5f6b6ce9463732a74b4e39e84eed3ead802009a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 8FA3 2 KB
1 KB 274ms
271ms Script
text/html 3.114.128.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13861&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=642&o=1&fc=5137-5c6D4c5HKpa9BPIPmYghQwk3ZLHc39Op&d=1&b=2&ts=1&ii=2&FPCK=5137-5c6D4c5HKpa9BPIPmYghQwk3ZLHc39Op&fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.128.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-128-184.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2778e8f426015e29c9a33c392e596ee8aa4caec40d5e22ec40b408ee0b0ef4df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 05 Apr 2023 07:31:57 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 8FA3 3 KB
3 KB 194ms
191ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: WRBr_dYokX.Byxa4FpQXJbQ0mZmVrYNl
date: Wed, 05 Apr 2023 07:31:55 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:31 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 45
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: h19tDLYXOIvm26GBN0THnfI-6I8KuxFKcOrGG2mbG5EW3r51UprB6Q==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 8FA3 121 KB
40 KB 51ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-1e357"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Apr 2023 07:31:57 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 8FA3 2 KB
3 KB 323ms
321ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: P1E8iBxNGS7mjMEhVDALdPZvrQlcc87G
date: Wed, 05 Apr 2023 07:31:57 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:11:52 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 18
x-amz-server-side-encryption: AES256
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: 9sBcf27N_v17aBgNXpdpKM2nBY-36Bc7hARtTAsXt8AucYmwVTXXZA==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 8FA3 4 KB
5 KB 318ms
317ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: lWrD6wc3SiXg5HwRRoSNw0qzvPqUXfel
date: Wed, 05 Apr 2023 07:31:57 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:28 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 44
x-amz-server-side-encryption: AES256
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: 9kJAUh5BVcpf5frzRhNyKdgLp8L7jGIzitoXCamO4XDkjEw8TrW5ZQ==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 8FA3 3 KB
3 KB 198ms
196ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: T9EtLsRBtntiNVebkSkqNjBOT2xj2KFV
date: Wed, 05 Apr 2023 07:31:55 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:25 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 18
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: DSSA5tGok7qKNWnlBnRKruw7n_KHI1Fs4IEKGi1l0xALOmEZFwqG1Q==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 8FA3 6 KB
7 KB 1231ms
1230ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: o78TaWNEa4v8vbK9dzm3g9iBvzqJaicY
date: Wed, 05 Apr 2023 07:31:59 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:14 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: r12dDVsbpyome_cv812qgKy4OndHKkMG8BozSl4pNXByVlBL6rif6Q==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame D14A 36 B
407 B 278ms
277ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c5adcb9b89d01887d9c89f5f6b6ce9463732a74b4e39e84eed3ead802009a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame A4A3 2 KB
1 KB 278ms
270ms Script
text/html 3.114.128.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13859&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=92&o=1&fc=5137-5c6D4c5HKpa9BPIPmYghQwk3ZLHc39Op&d=1&b=2&ts=1&ii=2&FPCK=5137-5c6D4c5HKpa9BPIPmYghQwk3ZLHc39Op&fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.128.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-128-184.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 82a384f2d6e44c37988383d6a50c45f6e5f54fffe963cc8a4081ba438e93c3a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 05 Apr 2023 07:31:57 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame A4A3 3 KB
3 KB 201ms
189ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: WRBr_dYokX.Byxa4FpQXJbQ0mZmVrYNl
date: Wed, 05 Apr 2023 07:31:55 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:31 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 45
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: S1O-t4V2FlgtTkj-QvfrGb6t-nYX-GuVN0xOmElxY5HOUvIZNrlXdw==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame A4A3 121 KB
40 KB 29ms
18ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-1e357"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Apr 2023 07:31:57 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame A4A3 2 KB
3 KB 206ms
196ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: P1E8iBxNGS7mjMEhVDALdPZvrQlcc87G
date: Wed, 05 Apr 2023 07:31:57 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:11:52 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 18
x-amz-server-side-encryption: AES256
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: jCanpQGwWK3uVNLwJyu5HeIGKQnFwjs0qS7YHTjykhcOZdu0B0I1vg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame A4A3 4 KB
5 KB 205ms
196ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: lWrD6wc3SiXg5HwRRoSNw0qzvPqUXfel
date: Wed, 05 Apr 2023 07:31:57 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:28 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 44
x-amz-server-side-encryption: AES256
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: MjLeROkyG8Ct_wvUIAwL6Or3wKDGM7iBgseEVwB5LOEb_HlTCDNqbQ==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame A4A3 3 KB
3 KB 200ms
192ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: T9EtLsRBtntiNVebkSkqNjBOT2xj2KFV
date: Wed, 05 Apr 2023 07:31:55 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:25 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 18
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: CNe2bNXG1Gajd7l7RaH3KSNasEwoU-noM3PTy3ZMdhSu3EhRNWPN0g==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame A4A3 6 KB
7 KB 1028ms
1021ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: o78TaWNEa4v8vbK9dzm3g9iBvzqJaicY
date: Wed, 05 Apr 2023 07:31:59 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:12:14 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: 9lMlulRoBWkWSaud0H915vXCnYcF5plHZD3lwKdsUHHl3dUbfrWI7A==

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 8FA3 5 KB
3 KB 278ms
275ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 05 Apr 2023 07:41:57 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 8FA3 0
170 B 165ms
164ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 05 Apr 2023 07:31:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 8FA3
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA

2 B
20 B

306ms
305ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Wed, 05 Apr 2023 07:31:58 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 8FA3 10 KB
11 KB 198ms
197ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13861&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=642&o=1&fc=5137-5c6D4c5HKpa9BPIPmYghQwk3ZLHc39Op&d=1&b=2&ts=1&ii=2&FPCK=5137-5c6D4c5HKpa9BPIPmYghQwk3ZLHc39Op&fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: STlwqKMa5Lkf38j3kiINzPUJUiNubaIp
date: Wed, 05 Apr 2023 07:31:56 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:11:59 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 10
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: y3MnKkUPDtoKqMEaK0NqvQeGFLpggSyaJGifwsKxuXiV2FLQrPNB8w==

POST
H2 200 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 8FA3 2 KB
2 KB 888ms
293ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5279792868491224
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-181.hinet-ip.hinet.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1a150009598468073b136fa532fa59205d7a18b79c20e777e534e46165193dbf

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true
content-length: 1504

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 8FA3 142 B
402 B 189ms
44ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=40824943177

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

dfd5831029e8ce345c31145770e98fd8fed9b4d4fa0d2ad70adc77c5942b70ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 140

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame A4A3 5 KB
3 KB 277ms
276ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 05 Apr 2023 07:41:58 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame A4A3 0
170 B 164ms
164ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 05 Apr 2023 07:31:58 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame A4A3
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA

2 B
20 B

301ms
300ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Wed, 05 Apr 2023 07:31:58 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame A4A3 2 KB
1 KB 795ms
294ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7794118068807756
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-181.hinet-ip.hinet.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b93562203caabcae655710b1c3675ea904561c704ba66b73356ca7d38c2ddca0

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true
content-length: 1476

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame A4A3 142 B
404 B 71ms
16ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=66902132802

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6855a94cf8a240cdc15f85e4b931d3c41abae30065ffb8425d5ec039d97a75bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 141

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame A4A3 10 KB
11 KB 197ms
196ms Script
application/javascript 2600:9000:2396:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13859&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=92&o=1&fc=5137-5c6D4c5HKpa9BPIPmYghQwk3ZLHc39Op&d=1&b=2&ts=1&ii=2&FPCK=5137-5c6D4c5HKpa9BPIPmYghQwk3ZLHc39Op&fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: STlwqKMa5Lkf38j3kiINzPUJUiNubaIp
date: Wed, 05 Apr 2023 07:31:56 GMT
via: 1.1 eec9dad5f79bac9fc198569234c0bd8e.cloudfront.net (CloudFront)
last-modified: Sat, 01 Apr 2023 10:11:59 GMT
server: AmazonS3
x-amz-cf-pop: MCT50-P1
age: 11
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: Il26Xn7dhEwv06wM4LUm-mHnPMNoNZmX2bMkizwpql7GUGWxl6XuJA==

POST
H2 204 events
bidder.criteo.com/csm/ Frame A4A3 0
209 B 12ms
12ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 4F92 0
194 B 281ms
280ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO&mp=7e184910-e6d2-42d5-af0f-b286aa42108b

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
7e184910-e6d2-42d5-af0f-b286aa42108b.t.ssp.hinet.net/ Frame 4F92 0
79 B 275ms
275ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7e184910-e6d2-42d5-af0f-b286aa42108b.t.ssp.hinet.net/pixel?bd=7e184910-e6d2-42d5-af0f-b286aa42108b&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

POST
H2 204 events
bidder.criteo.com/csm/ Frame 8FA3 0
209 B 12ms
12ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 05 Apr 2023 07:31:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 pixel
7e184910-e6d2-42d5-af0f-b286aa42108b.t.ssp.hinet.net/ Frame D14A 0
79 B 275ms
275ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7e184910-e6d2-42d5-af0f-b286aa42108b.t.ssp.hinet.net/pixel?bd=7e184910-e6d2-42d5-af0f-b286aa42108b&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame D14A 0
194 B 279ms
278ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO&mp=7e184910-e6d2-42d5-af0f-b286aa42108b

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3430&_p=724618695&cid=400798822.1680679913&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1680679913&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A2B1 77 KB
26 KB 81ms
59ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a921249405e6a7a59db559662834239567b64a6356f88aff8c02a4949ff0080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25643
x-xss-protection: 0
server: cafe
etag: 645 / 19452 / m202303300101 / config-hash: 5441539219167528270
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 07:31:58 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/ Frame A2B1 397 KB
123 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

991fe33155584583fa75319093a543a4f074e91a7db90ab8b6fbb2f39aa1023d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 06:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5182
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125910
x-xss-protection: 0
server: cafe
etag: 14470834828239977126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 04 Apr 2024 06:05:36 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame A2B1 142 B
113 B 59ms
42ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57c887edbe15917d7b202e67eca64ec45cc5bbd2c3e3e048293bb7b2c8c7353b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88
x-xss-protection: 0
expires: Wed, 05 Apr 2023 07:31:58 GMT

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame A4A3 0
187 B 285ms
284ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=5137-5c6D4c5HKpa9BPIPmYghQwk3ZLHc39Op&mp=7e184910-e6d2-42d5-af0f-b286aa42108b

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
7e184910-e6d2-42d5-af0f-b286aa42108b.t.ssp.hinet.net/ Frame A4A3 0
79 B 278ms
278ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7e184910-e6d2-42d5-af0f-b286aa42108b.t.ssp.hinet.net/pixel?bd=7e184910-e6d2-42d5-af0f-b286aa42108b&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 8FA3
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA

2 B
20 B

291ms
289ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Wed, 05 Apr 2023 07:31:59 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame A2B1 107 B
165 B 18ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A2B1 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A2B1 18 KB
8 KB 377ms
376ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2678979676560860&correlator=2047107162234779&eid=31072020%2C31073289&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13861&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=4072839793&sfv=1-0-40&sc=1&cookie=ID%3D8e44ecffb396e6a8-22ab1c067fdd003c%3AT%3D1680679913%3ART%3D1680679913%3AS%3DALNI_MZJUk-IBrDsXVNGQT5GzGjIv1CWag&gpic=UID%3D00000bd0c0ed12c2%3AT%3D1680679913%3ART%3D1680679913%3AS%3DALNI_MaOnsQf_PCZHTKcscxw3C05bbXbXQ&abxe=1&dt=1680679918872&lmt=1680679918&dlt=1680679918640&idt=173&adxs=935&adys=973&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=rvlxn3ydqsez&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=4&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ref=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&top=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=400798822.1680679913&ga_sid=1680679919&ga_hid=873505810&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0eb71eb9e59fcfd95ac487432f156896c46c9e1e1c2e7d09c053e5d76acad09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8333
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A2B1 15 KB
11 KB 61ms
60ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202303300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c257462dff7f2814faed1219b90b0f9aea60e2f6c0694c514a1a65891c28913e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11296
x-xss-protection: 0

GET
H2 200 container.html Show response
5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 98B9 6 KB
3 KB 73ms
14ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 07:31:58 GMT
expires: Thu, 04 Apr 2024 07:31:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame CA6E 77 KB
25 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961e7fc98e9ef9afdf6f8b408627056f3402c1866499668ed6c99beb58c3aa35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25642
x-xss-protection: 0
server: cafe
etag: 168 / 19452 / m202303300101 / config-hash: 5441539219167528270
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 07:31:58 GMT

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame A4A3
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA

2 B
20 B

299ms
299ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Wed, 05 Apr 2023 07:31:59 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=mY4trBDFDMKbaeAS7CMtZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A2B1 17 KB
7 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 07:31:58 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/ Frame CA6E 397 KB
123 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

991fe33155584583fa75319093a543a4f074e91a7db90ab8b6fbb2f39aa1023d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 06:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5183
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125910
x-xss-protection: 0
server: cafe
etag: 14470834828239977126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 04 Apr 2024 06:05:36 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame CA6E 142 B
113 B 41ms
40ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57c887edbe15917d7b202e67eca64ec45cc5bbd2c3e3e048293bb7b2c8c7353b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88
x-xss-protection: 0
expires: Wed, 05 Apr 2023 07:31:59 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3597 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 06:08:23 GMT
expires: Thu, 04 Apr 2024 06:08:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2A1E 783 B
535 B 18ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6b6fa5681244521cbfc6805dd31d6089a34ba51f94e6d9d30c8e412d21484453

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iAHujaN9WRKMc7JcYeyyZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-iAHujaN9WRKMc7JcYeyyZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 07:31:59 GMT
expires: Wed, 05 Apr 2023 07:31:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3597 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 11:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14293
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 11:16:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame CA6E 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame CA6E 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CA6E 17 KB
8 KB 230ms
230ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2862631850982870&correlator=3677798497707462&eid=31072019%2C31072029%2C31073288%2C44785729&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13859&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=4136938775&sfv=1-0-40&sc=1&cookie=ID%3D8e44ecffb396e6a8-22ab1c067fdd003c%3AT%3D1680679913%3ART%3D1680679913%3AS%3DALNI_MZJUk-IBrDsXVNGQT5GzGjIv1CWag&gpic=UID%3D00000bd0c0ed12c2%3AT%3D1680679913%3ART%3D1680679913%3AS%3DALNI_MaOnsQf_PCZHTKcscxw3C05bbXbXQ&abxe=1&dt=1680679919051&lmt=1680679919&dlt=1680679918886&idt=148&adxs=365&adys=973&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=1iwwuuytpmkb&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=4&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ref=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&top=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=400798822.1680679913&ga_sid=1680679919&ga_hid=1046837452&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

527c9d0004f0f6289d266e922af91ada1b9f29baaa5c5b7a7bb82e90d647a4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8119
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CA6E 15 KB
11 KB 57ms
57ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202303300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fd76c6002ab7e166ca87ee7accc673356d1ab6398d641ce792cd20e04b4f2f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11274
x-xss-protection: 0

GET
H2 200 container.html Show response
d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D433 6 KB
3 KB 34ms
14ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 07:31:59 GMT
expires: Thu, 04 Apr 2024 07:31:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2A1E 0
0 42ms
42ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202303300101&jk=2678979676560860&rc=05AHugmmeEUcNny2ggxhwd2FKWZMsr2VlxTfMlTwOak-OCw2eSqLnjcfhatWrDXJOAiBNUBFJMj69q5-Gt3W-LmFyqdC5ZRAdUbDlCSsRmijmT-UAz0O9-WezchL-DyYBhY48JIs1gq7tbMA5l00H6oZyGeLuFe3yfJDGTWMVTBhIqGF0bZ5KENByVXA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CA6E 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 07:31:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7AA9 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 06:08:23 GMT
expires: Thu, 04 Apr 2024 06:08:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4B58 783 B
536 B 19ms
18ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3eb5dcd02d1ad69cb16154916a015071b1aa561fa96adc10eddcdac8329cbe17

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VCERBEtVPrwHJPP37zCyCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-VCERBEtVPrwHJPP37zCyCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 07:31:59 GMT
expires: Wed, 05 Apr 2023 07:31:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3597 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?d962pA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C9C8 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 07:31:58 GMT
expires: Thu, 04 Apr 2024 07:31:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2320 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 07:31:59 GMT
expires: Thu, 04 Apr 2024 07:31:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4AB0 624 B
242 B 48ms
46ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5977cATAB&v=APEucNUTGCRGiy3535Litn_MEQgt8jHVogEyZPqSaGs8BCZITaowc5tY4WTpRe2mrAb4QfTSF-bwJie-2-FN-f5SIv-SPZXAtZ3eYE6hW2mxFvkY_rPWFt_7hlmtjrwiUHxdyuFDWmxFunsj5LC9qBWDD1JJ24xXQwxbJV0UT2n9GOVD4twREsM

Requested by

Host: 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com
URL: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 07:31:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C9C8 78 KB
27 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com
URL: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 07:31:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C9C8 42 B
63 B 44ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AQCfIHL1KgBuM-7A8ZJXTA6rkMZJmJRzyHY0z9PIf02kT1p1u6CeHPe3ILA7dYz8WzYJSeSDaNacVAjfyOX9A_eCs_kv62XC-6XbIkMAsVDu6afdA

Requested by

Host: 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com
URL: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C9C8 0
20 B 45ms
43ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14982880467506176555&x=1&ct=76

Requested by

Host: 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com
URL: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame C9C8 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com
URL: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 06:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 06:04:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame C9C8 20 KB
8 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com
URL: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:48:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:48:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C9C8 0
0 15ms
14ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4GAQE8fWqjmuxXMRWLSJH5Npkbip97hU11QQQZ4pc6JCugLevA8UI8Ni4i0PztTnyirQO5AUrcaWeu8eG_BlifUTg_g
Requested by: Host: 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com
URL: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C9C8 158 KB
49 KB 45ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com
URL: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 07:31:59 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F2BC 640 B
262 B 52ms
47ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5977cATAB&v=APEucNUTsieODEU5yM3pQx_70r5R3GV7cDgF1krkqwFsrX9MwiJb7tZogsr4SKUHFprSleojm630zO9mWRBTec-umpV0-8NKOT7uartyHb7uQ-fISWp-G6-A3i0GoaTrO46PFAL1fzUpcAymJu-DPVDnLMz4QTGWO2RrGXcsvH8bk9J6jDlAFYQ

Requested by

Host: d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
URL: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 07:31:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2320 78 KB
27 KB 198ms
197ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
URL: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 07:31:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2320 42 B
63 B 44ms
40ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrfODTP3qATMoWHFSeWhiGNVPkir5SNbBmg147dvJeBZ1EPYpsuagtJrFl_HdmSnPr_qBhkKNXam60jphqm8bnQQiQMYi0q1JtzsRacTYn3Gv1t7k

Requested by

Host: d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
URL: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2320 0
20 B 45ms
40ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9129461177390333830&x=1&ct=76

Requested by

Host: d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
URL: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame 2320 3 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/window_focus_fy2021.js

Requested by

Host: d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
URL: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 06:04:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Apr 2023 06:04:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame 2320 20 KB
8 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
URL: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:48:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:48:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2320 0
0 18ms
14ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_6NPWNaclrR15ax55AjUrWzEzdvcabHIrL9nid6e2RcfwiuX72laUrinYPtbcWlnUd0lkkJugcT5Khou-yAHgicpEwA
Requested by: Host: d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
URL: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2320 158 KB
49 KB 45ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
URL: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 07:31:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4B58 0
0 43ms
41ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202303300101&jk=2862631850982870&rc=05AHugmmeEUcNny2ggxhwd2FKWZMsr2VlxTfMlTwOak-OCw2eSqLnjcfhatWrDXJOAiBNUBFJMj69q5-Gt3W-LmFyqdC5ZRAdUbDlCSsRmijmT-UAz0O9-WezchL-DyYBhY48JIs1gq7tbMA5l00H6oZyGeLuFe3yfJDGTWMVTBhIqGF0bZ5KENByVXA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AA9 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 11:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14293
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 11:16:19 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4AB0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHj9tW0W0ZHkWWd9l8qfHb8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHj9tW0W0ZHkWWd9l8qfHb8&google_cver=1&C=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHj9tW0W0ZHkWWd9l8qfHb8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5977cATAB&v=APEucNUTGCRGiy3535Litn_MEQgt8jHVogEyZPqSaGs8BCZITaowc5tY4WTpRe2mrAb4QfTSF-bwJie-2-FN-f5SIv-SPZXAtZ3eYE6hW2mxFvkY_rPWFt_7hlmtjrwiUHxdyuFDWmxFunsj5LC9qBWDD1JJ24xXQwxbJV0UT2n9GOVD4twREsM
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 07:31:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 07:31:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEHj9tW0W0ZHkWWd9l8qfHb8&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4AB0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZC0j70GsDFZdmeu4QnucIQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHj9tW0W0ZHkWWd9l8qfHb8&google_cver=1

43 B
632 B

13ms
13ms

Image
image/gif

185.80.39.216

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHj9tW0W0ZHkWWd9l8qfHb8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5977cATAB&v=APEucNUTGCRGiy3535Litn_MEQgt8jHVogEyZPqSaGs8BCZITaowc5tY4WTpRe2mrAb4QfTSF-bwJie-2-FN-f5SIv-SPZXAtZ3eYE6hW2mxFvkY_rPWFt_7hlmtjrwiUHxdyuFDWmxFunsj5LC9qBWDD1JJ24xXQwxbJV0UT2n9GOVD4twREsM
Protocol: HTTP/1.1
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 07:31:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHj9tW0W0ZHkWWd9l8qfHb8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 4AB0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEV9kghjPwLdHH8NDc4RaaA&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEV9kghjPwLdHH8NDc4RaaA%26google_cver%3D1

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.210.101

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEV9kghjPwLdHH8NDc4RaaA%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5977cATAB&v=APEucNUTGCRGiy3535Litn_MEQgt8jHVogEyZPqSaGs8BCZITaowc5tY4WTpRe2mrAb4QfTSF-bwJie-2-FN-f5SIv-SPZXAtZ3eYE6hW2mxFvkY_rPWFt_7hlmtjrwiUHxdyuFDWmxFunsj5LC9qBWDD1JJ24xXQwxbJV0UT2n9GOVD4twREsM

Protocol

HTTP/1.1

Server

185.89.210.101 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 07:31:59 GMT
AN-X-Request-Uuid: 606383f1-b87e-4d37-a2ca-87fee203c63d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.68; 217.64.151.68; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 07:31:59 GMT
AN-X-Request-Uuid: 9f128bff-ef7e-4c64-938c-cb2cdade85bb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEV9kghjPwLdHH8NDc4RaaA%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.68; 217.64.151.68; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4AB0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY0NzgwMDc3OTIyMTg1NDkwNw%3D%3D

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY0NzgwMDc3OTIyMTg1NDkwNw%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 05 Apr 2023 07:31:59 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.68; 217.64.151.68; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 94a29556-204a-4873-bdae-254ef934eb25
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY0NzgwMDc3OTIyMTg1NDkwNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F2BC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMyfeqUrXguRUnsTrjI9p4M&google_cver=1

43 B
273 B

19ms
15ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMyfeqUrXguRUnsTrjI9p4M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5977cATAB&v=APEucNUTsieODEU5yM3pQx_70r5R3GV7cDgF1krkqwFsrX9MwiJb7tZogsr4SKUHFprSleojm630zO9mWRBTec-umpV0-8NKOT7uartyHb7uQ-fISWp-G6-A3i0GoaTrO46PFAL1fzUpcAymJu-DPVDnLMz4QTGWO2RrGXcsvH8bk9J6jDlAFYQ
Protocol: H2
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMyfeqUrXguRUnsTrjI9p4M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame F2BC 43 B
145 B 39ms
16ms Image
image/gif 35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5977cATAB&v=APEucNUTsieODEU5yM3pQx_70r5R3GV7cDgF1krkqwFsrX9MwiJb7tZogsr4SKUHFprSleojm630zO9mWRBTec-umpV0-8NKOT7uartyHb7uQ-fISWp-G6-A3i0GoaTrO46PFAL1fzUpcAymJu-DPVDnLMz4QTGWO2RrGXcsvH8bk9J6jDlAFYQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame F2BC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEBqJUvO-oIrjVX3eUfltC1k&google_cver=1

23 B
172 B

131ms
106ms

Image
image/gif

2.23.197.36

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEBqJUvO-oIrjVX3eUfltC1k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5977cATAB&v=APEucNUTsieODEU5yM3pQx_70r5R3GV7cDgF1krkqwFsrX9MwiJb7tZogsr4SKUHFprSleojm630zO9mWRBTec-umpV0-8NKOT7uartyHb7uQ-fISWp-G6-A3i0GoaTrO46PFAL1fzUpcAymJu-DPVDnLMz4QTGWO2RrGXcsvH8bk9J6jDlAFYQ
Protocol: H2
Server: 2.23.197.36 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Wed, 05 Apr 2023 07:31:59 GMT
pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEBqJUvO-oIrjVX3eUfltC1k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame F2BC 23 B
172 B 109ms
66ms Image
image/gif 2.23.197.36

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi5977cATAB&v=APEucNUTsieODEU5yM3pQx_70r5R3GV7cDgF1krkqwFsrX9MwiJb7tZogsr4SKUHFprSleojm630zO9mWRBTec-umpV0-8NKOT7uartyHb7uQ-fISWp-G6-A3i0GoaTrO46PFAL1fzUpcAymJu-DPVDnLMz4QTGWO2RrGXcsvH8bk9J6jDlAFYQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.36 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Wed, 05 Apr 2023 07:31:59 GMT
pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7AA9 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8WBm1g
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C9C8 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8174960948555&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C9C8 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8174960948555&version=m202301230201&ct=76&x=1&cor=14982880467506176000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C9C8 70 KB
34 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Br9RZCGGkiV_eRPhBNUSo0DPHPvtPWEt-yhg7OEMi5j67Y1XC635nPrbHHYXnU43EdJWWzgykb0piEgmtjxlZeio0wDQ&cry=1&dbm_d=AKAmf-DreJ6H9MWk7q7wOVire61qdoRKVRfRyJLG-JDyoRgLTjEzKU61IT17E0o63awUU_pRcQkwkafwKGK45usgmzJy6aZDKNJycCU4bXcoY_lGHRjcisoEzUxdxHDURkKtooz0-FN4XFnitoSX3o8_l7eQTtcgEfuTYRfAW_38uXSGShsoQUlopFoP_IAbZqnc4Y-Mb1NukTS_QQR5mNQNgKbFOwEhf5efyMulMw4DDFaxrRvfGsyJGg6nMPeoKuf4w6X6ZC6XXDGkhFYYjPuvr6vF-bQAPXtA2Eq7iQz_HmqRFmIvDcrXixCVCy1vXcU3BO6KmVU2TkSLEQN7RBexLRQYJLYBr70qubtT3GTendhfdqpuoIeo9yyKYXNlpenHv4mAE1GO4sIU8SUjxqAWfK0FSG8CESNoetuzmT6IY-TPlKdyv3_E3GXampUWNaASor1vU8kiek5BPPQZHBdffB8N939Y1ZbtuhskhP3W2-KNbBeA2HkuOMPUmnDmFthX_tcWzpzDpE8zNEazEQz5ojIiee46U90H0LA-lkzP-ODTKa99Hwg6OkbW3ZZY6MWS3ZafolYmFR6Qwh93KN9wXYRGBfAySA5b9JTEBT-JY-Uq3s9aXtCFB2DPYcuvd8oz2bqCm39ywC2ZkpSx0GcsXe7UQHc1Ul9_MR1XiCZWeW4oS7THl3NfQfbfbeZ0uwXnZLujaAnlMzU8e2R5JO2arSgUxZluc0tQvMZSlPzXL2qvcPRyj7wAuu8FX2nLMYwFq3OQh3FnZckNKESh4pWeD3xwsFnCbIbZCO5-nba4mw0cYCLlYdZ4B9eb73c4MwLB1FB06LKrdMX-e1MGYUbY8gGnk5gqlbDQohYJGWFrGo8HPY-hsCbluTciI9Y3Bdr3prKFGk5nVGEx9zg8wRctqA4d6rM8MpdkJvweW7EHr7s8aEuUwTU16s6yDKPpwtJV1FziRpspFAqqlG8f8F36FrPd3UBbA8BS4h_XIgXM6ieaZpgWcdlFwX_XBu0QKn79vUwEJx3NwToJjcBwhBZt3ymYYvXmzGeRq2fWo_iFSvkY_StdFYTcQ1V4UciEmdlikVEl9g82I1Y7S2noldtO5IWbXa50mCUqx9Imq3H4PAPHfUix4u9H8wtLiwiDSdNKR9jBCZFxKuEwz09rqgds5csFjLO7_U_7cjpmg1RITNnXbTj8j5Fp80wG8qkeykLd09X40wn5dN5kSTUw_Fo8FBBWjlXikQFBdYv42GILYi62gJzyLQdK6KWehFSA2TmptqWawgPwy8LgxnPNjNlumDNMvBYMzNahgVnuBFXSwk4BCFnrwBkzxDwOQqvpwz1rFlwG7LTWYFunNbYgzfeJj1SmW8KlJqu2Qn2O-B2HnoIyz_q6VdCRX3FWUeYoGr_6LXO1uytflyCO95UEqZC_nNB1ay6nQIfLehp3MNwMOWknSvUQbRaPa4XCQUxzzHvAFGTZsOOWLQWkVuxRLA6FnQ9aRes2zxtfXLZ_Zf1ETJ9rvsNYPLnPVfiqTtitUdRYk2Gjb0U02CIASLmMD4BgzEXln93Ua1f8jYaMPfmPops_ft6bFR_RHx7bmNFvAYjjcOALATRfYfdVyr2ye78K3cXtB-29P-5GhmEtYcv5aiNhcfxrXviQkiw0Z3ewK0lF4KSbY--o51jcdmehI97VdgZL2nQhMREppQnG7wjonnjYx8Z0_K7dS2q7wKrfXdvFcwR_LWNrjFs5tFDRZbLQlFcHS6NvMstPbO_QZWJD2uSVtb0quc7Y-Zf4R0-eWgjshM3oc3mIxqOaC5cTZ8ELZN8Hc8LjI2tb6-ExNB9PO1Ha1jK4KdoLe9DBVfuhXyWnkruq87fOWnZiGA5v8btGymn3p-GrLv254LdnMpntv49f6DQT6zcNjfk_zdGfRDNJIkwVL-pwug3zBFXgoryokYdJX76tm646_A5uo6UAZUdZAXUAlf9ZnupjJC4vVvqf7O4yctbJraGNqv4SC8jZI2ziQlPKfOl6MYsfYC5vkSu0rTTv-IvHuQ_ENvOKuP9sZ8ptXeh-gHFdEI_9YJtt6rRvz6qlHRIJkAxYhftW_qlYwznTR8VPwSGqFPEF1mkzl6q3ki805Bo2ZESpf8Lm_NUincrAsT69Mh5ABTXdNYL0-Nfue1sOuhUNda745Xe0MY4OmJ9uW8AMahF3gm82QckD-5gj_lvaYOc2gB10lqxkD4lQbyP95IWj4Ucmc2WDN_LX-kSMuh0vk8lWIUcmaDwFXBT6ZynG8ORcIDvYi9S_IFKMj9D_3SwDQRnbdMCvtSyYT8BzONCpdORbxI1ff-Rg8P5vhMDw97ygaK2dzS_Y3YulXWfbcPF8A23kCXUxyVouLzPhq-VcD-QoP87pD4yqgJLvvGN46b1-f17qKLgxST--ool__aWjBsDEcw1jqR3MLsblTf7PwvxUr13EhYYMPW4AdEehk6X1Bwsk3HoCr2LDU2zgvTLU6vI7t2mXnUK5bGcL_A3uG6rF5DshG6c2juiKvl2_BHA4wbgsvUgiJbiSofSHrLgppbEeb1FCu8uJ7MMLXULeExNL_a4J38R5xo63BsPksMrkr8cAzaPqNZs9r3yjgo-x0aHCt4NgePdkIpM9P_9gvd1BatcXqeToLDGB8hdSZeeVNtMR1_Qo2dnB1y02Wqmb53N0FUFlWaZsMC2yRFVOEuuD9S6CgmW7JDBiepda_TWw4MPpQe9hZzNzDqsMR5uXCmgh4TEuWS5fovPgxW29yBPmHQwSt-ypJqdCcd3kX8hbf00GN_eEw99O_1uViYPuJW2gEau8Eayx93mlJsqhqT7SXeNufhpefcn0sVTy8oLDPjDhjmPh9FjPkpDO8N3xX020iiDJkYLJrq6t5Krhvv-u_jgomBOQKAdibVU9f1PwNc9d3Fwq89pUQ0eo3ddZy4ddzpaUIQTNIFZnOzWeM3JT0TpR2yTFB0nJ25NPd-uFoRchU3IXhs7nou05Z5kEpwBHu2oDlC6RPA0Jvb724HKy-TP_3QKc33rcl2_AkvcCmkQWLhrEOIlnGy6m8Vjj-oCoGW42ZHm1HERBvYTWp7u5_yrqXnFgSD1JKoyWoke40Vy4ybroC1jBrKPWmU3AmWMOez4kn3ML-9df&cid=CAQSPADUE5ymxub7nrsqe6rrH45xHakJl_55B5QfG1EVf2bh_Nmvi_xwUlNw7UaHWDKQQBtA3TJMHCZLUTgkCRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Freurl.cc&ds=l&xdt=1&iif=1&cor=14982880467506176000&adk=3121839092&idt=107&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e714c5185d63b672a0cf9ad0cf88a0c1a64b12b32351946bd1d5bc76f28fd084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230330/r20110914/ Frame C9C8 28 KB
11 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230330/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Br9RZCGGkiV_eRPhBNUSo0DPHPvtPWEt-yhg7OEMi5j67Y1XC635nPrbHHYXnU43EdJWWzgykb0piEgmtjxlZeio0wDQ&cry=1&dbm_d=AKAmf-DreJ6H9MWk7q7wOVire61qdoRKVRfRyJLG-JDyoRgLTjEzKU61IT17E0o63awUU_pRcQkwkafwKGK45usgmzJy6aZDKNJycCU4bXcoY_lGHRjcisoEzUxdxHDURkKtooz0-FN4XFnitoSX3o8_l7eQTtcgEfuTYRfAW_38uXSGShsoQUlopFoP_IAbZqnc4Y-Mb1NukTS_QQR5mNQNgKbFOwEhf5efyMulMw4DDFaxrRvfGsyJGg6nMPeoKuf4w6X6ZC6XXDGkhFYYjPuvr6vF-bQAPXtA2Eq7iQz_HmqRFmIvDcrXixCVCy1vXcU3BO6KmVU2TkSLEQN7RBexLRQYJLYBr70qubtT3GTendhfdqpuoIeo9yyKYXNlpenHv4mAE1GO4sIU8SUjxqAWfK0FSG8CESNoetuzmT6IY-TPlKdyv3_E3GXampUWNaASor1vU8kiek5BPPQZHBdffB8N939Y1ZbtuhskhP3W2-KNbBeA2HkuOMPUmnDmFthX_tcWzpzDpE8zNEazEQz5ojIiee46U90H0LA-lkzP-ODTKa99Hwg6OkbW3ZZY6MWS3ZafolYmFR6Qwh93KN9wXYRGBfAySA5b9JTEBT-JY-Uq3s9aXtCFB2DPYcuvd8oz2bqCm39ywC2ZkpSx0GcsXe7UQHc1Ul9_MR1XiCZWeW4oS7THl3NfQfbfbeZ0uwXnZLujaAnlMzU8e2R5JO2arSgUxZluc0tQvMZSlPzXL2qvcPRyj7wAuu8FX2nLMYwFq3OQh3FnZckNKESh4pWeD3xwsFnCbIbZCO5-nba4mw0cYCLlYdZ4B9eb73c4MwLB1FB06LKrdMX-e1MGYUbY8gGnk5gqlbDQohYJGWFrGo8HPY-hsCbluTciI9Y3Bdr3prKFGk5nVGEx9zg8wRctqA4d6rM8MpdkJvweW7EHr7s8aEuUwTU16s6yDKPpwtJV1FziRpspFAqqlG8f8F36FrPd3UBbA8BS4h_XIgXM6ieaZpgWcdlFwX_XBu0QKn79vUwEJx3NwToJjcBwhBZt3ymYYvXmzGeRq2fWo_iFSvkY_StdFYTcQ1V4UciEmdlikVEl9g82I1Y7S2noldtO5IWbXa50mCUqx9Imq3H4PAPHfUix4u9H8wtLiwiDSdNKR9jBCZFxKuEwz09rqgds5csFjLO7_U_7cjpmg1RITNnXbTj8j5Fp80wG8qkeykLd09X40wn5dN5kSTUw_Fo8FBBWjlXikQFBdYv42GILYi62gJzyLQdK6KWehFSA2TmptqWawgPwy8LgxnPNjNlumDNMvBYMzNahgVnuBFXSwk4BCFnrwBkzxDwOQqvpwz1rFlwG7LTWYFunNbYgzfeJj1SmW8KlJqu2Qn2O-B2HnoIyz_q6VdCRX3FWUeYoGr_6LXO1uytflyCO95UEqZC_nNB1ay6nQIfLehp3MNwMOWknSvUQbRaPa4XCQUxzzHvAFGTZsOOWLQWkVuxRLA6FnQ9aRes2zxtfXLZ_Zf1ETJ9rvsNYPLnPVfiqTtitUdRYk2Gjb0U02CIASLmMD4BgzEXln93Ua1f8jYaMPfmPops_ft6bFR_RHx7bmNFvAYjjcOALATRfYfdVyr2ye78K3cXtB-29P-5GhmEtYcv5aiNhcfxrXviQkiw0Z3ewK0lF4KSbY--o51jcdmehI97VdgZL2nQhMREppQnG7wjonnjYx8Z0_K7dS2q7wKrfXdvFcwR_LWNrjFs5tFDRZbLQlFcHS6NvMstPbO_QZWJD2uSVtb0quc7Y-Zf4R0-eWgjshM3oc3mIxqOaC5cTZ8ELZN8Hc8LjI2tb6-ExNB9PO1Ha1jK4KdoLe9DBVfuhXyWnkruq87fOWnZiGA5v8btGymn3p-GrLv254LdnMpntv49f6DQT6zcNjfk_zdGfRDNJIkwVL-pwug3zBFXgoryokYdJX76tm646_A5uo6UAZUdZAXUAlf9ZnupjJC4vVvqf7O4yctbJraGNqv4SC8jZI2ziQlPKfOl6MYsfYC5vkSu0rTTv-IvHuQ_ENvOKuP9sZ8ptXeh-gHFdEI_9YJtt6rRvz6qlHRIJkAxYhftW_qlYwznTR8VPwSGqFPEF1mkzl6q3ki805Bo2ZESpf8Lm_NUincrAsT69Mh5ABTXdNYL0-Nfue1sOuhUNda745Xe0MY4OmJ9uW8AMahF3gm82QckD-5gj_lvaYOc2gB10lqxkD4lQbyP95IWj4Ucmc2WDN_LX-kSMuh0vk8lWIUcmaDwFXBT6ZynG8ORcIDvYi9S_IFKMj9D_3SwDQRnbdMCvtSyYT8BzONCpdORbxI1ff-Rg8P5vhMDw97ygaK2dzS_Y3YulXWfbcPF8A23kCXUxyVouLzPhq-VcD-QoP87pD4yqgJLvvGN46b1-f17qKLgxST--ool__aWjBsDEcw1jqR3MLsblTf7PwvxUr13EhYYMPW4AdEehk6X1Bwsk3HoCr2LDU2zgvTLU6vI7t2mXnUK5bGcL_A3uG6rF5DshG6c2juiKvl2_BHA4wbgsvUgiJbiSofSHrLgppbEeb1FCu8uJ7MMLXULeExNL_a4J38R5xo63BsPksMrkr8cAzaPqNZs9r3yjgo-x0aHCt4NgePdkIpM9P_9gvd1BatcXqeToLDGB8hdSZeeVNtMR1_Qo2dnB1y02Wqmb53N0FUFlWaZsMC2yRFVOEuuD9S6CgmW7JDBiepda_TWw4MPpQe9hZzNzDqsMR5uXCmgh4TEuWS5fovPgxW29yBPmHQwSt-ypJqdCcd3kX8hbf00GN_eEw99O_1uViYPuJW2gEau8Eayx93mlJsqhqT7SXeNufhpefcn0sVTy8oLDPjDhjmPh9FjPkpDO8N3xX020iiDJkYLJrq6t5Krhvv-u_jgomBOQKAdibVU9f1PwNc9d3Fwq89pUQ0eo3ddZy4ddzpaUIQTNIFZnOzWeM3JT0TpR2yTFB0nJ25NPd-uFoRchU3IXhs7nou05Z5kEpwBHu2oDlC6RPA0Jvb724HKy-TP_3QKc33rcl2_AkvcCmkQWLhrEOIlnGy6m8Vjj-oCoGW42ZHm1HERBvYTWp7u5_yrqXnFgSD1JKoyWoke40Vy4ybroC1jBrKPWmU3AmWMOez4kn3ML-9df&cid=CAQSPADUE5ymxub7nrsqe6rrH45xHakJl_55B5QfG1EVf2bh_Nmvi_xwUlNw7UaHWDKQQBtA3TJMHCZLUTgkCRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Freurl.cc&ds=l&xdt=1&iif=1&cor=14982880467506176000&adk=3121839092&idt=107&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:48:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11009
x-xss-protection: 0
server: cafe
etag: 12368014760096651300
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:48:53 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230330/r20110914/elements/html/ Frame C9C8 11 KB
4 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230330/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:49:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:49:24 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C9C8 0
0 83ms
56ms Fetch
image/gif 142.250.181.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssxEiGPNy7-4XNfwjRVdOWm0dgcwhgWUfP_LV37Sdsb48VMohgIsYhwaZ-Y6uDMhgGviPx4FIyK16WhcXoYSPzqM_jjgXeTLPCyhhx3TMgpabCU5tL6_gJOEm7vEeZtPoBvL4oOuecs3DonUN2gBOTMHfykNIMr_YZqFU6L2GTSZ0JLRQBHUVYpCPHF8MX_rOA-BoxG0zjkl5CGOsvhVQOg8TgdWYI9csU-0h0Br3RdcIdwY5TP_1979x02oEc1g4h-DqlK3lILBeezzTZ4Kxy2WztqdzfZTKoK-qDR9IBJ9YbWOuYZVNzy3HKH_Llqpx0wTumlkJ1HIkP1RY4BCPaNcnRV9wXeYa0BW1nrJIdx2aJTvqx8eoSfAAvYhecANGk6o5tQMVTs8o1CBbvABzWiYZD57MhWqVa5qiCGyQiXa72ZiydS1sfwnnBmj4PNvYOzmYuuY_5YX6kf7sxiMi573SytspMMCvGpLp95ctle13DVyZbGu65h4nt806NwQovQ-Z4A2VYCtUk9Yz1LHyE5iolFJJCVx7dqzd5rD59upur39fCbfkYaWmWCgUOi-zJ6RYOXElw7qqZlaNKaCHHAxFgi_rH126uQRC7i-L0fauj7OHGClBIEu72_KuOdcDncmiI6jXQLnhcsGMQXT-kmXwWKMh1ESStLJUjoHwMZ6zmNosFFAZcYBMxva_uJrKlWpNxcdEokByVkIXx9lK7NcnAGKK0a9De1hkLjHuBmexg3cfqLMmoMNl9yIwRijqZmzQmp12I6QoLuHw9sFBEwnVgs3fCrpnuSwBEHbo5wtF5VcdudsfAYw4vLrkdI8Zzr_AsCVrsxnGjC2whp3r_A1vyTOWXs1OVKAKiAY9f3rw6SyAI08JIkgk6eXXN2QvsEP4VunLBSh9NHT_1aUVCCYgkBBsJfvlf-bQLeeSUR_jYxmLOtyFtMrKqPtnNZELatAzXQnOoTmORLLY26HHXxfrMtVpqfskOipqBUEddENaXYvkHr01arR0wUAHpY29WTr5Xk8PPn44td_TL9mOdcar97UbX-tjuHB9fNMjaC00KePpUpq8eq__c2XRsmoqIdcMGAI69xXB9tGSeO3_aXVL8jDW6vw2Q-ZN-7UQrpzHR-votw3Kl63XjG8ALfGsc-tQT3Ph9lrCbKBI_67E5MoKpVuLVFqQOoGCV5Ses&sai=AMfl-YQZ1OBiTrfliylqILB4N4-8aBrEemftcYcPeyRJV7NS2dql_2ZGqio71PqabmeI_t146U6hJ_mqgKxou5Rq9iqL85xqoOUTNVGd28UBr7-O4T6ntBdPeXazg3rzUGmmfBRNsmbHLs4o45eF3HezhZKSG8nGv97JqaCzj3lkTonuFzrH5JSJ3C9khCmcTMpLHe-5JS03-GlZtsbJdFWwmTwwC8xaLq_uPSTFmpy9EPNwPtKCXQHqoGBviFKprQ2UQYVMhgA&sig=Cg0ArKJSzCGAsnVaurPdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230330.21395&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Apr 2023 07:31:59 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 05 Apr 2023 07:31:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C9C8 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 11:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Apr 2024 11:02:19 GMT

GET
H2 200 7701822227073594845
s0.2mdn.net/simgad/ Frame C9C8 13 KB
13 KB 41ms
15ms Image
image/png 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7701822227073594845

Requested by

Host: 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com
URL: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9dbef35ab8a437e0f70ee218f392594fdeea97afac65f192e888e5bcdb242c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 23:03:45 GMT
x-content-type-options: nosniff
age: 289694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12801
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 07:06:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 31 Mar 2024 23:03:45 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 08F9 1 KB
643 B 9ms
8ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com
URL: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 09:37:27 GMT
etag: 48472445140208031
expires: Wed, 05 Apr 2023 09:37:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C9C8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ce3677863b62f41e2055b944580d48783f79b1dbdfe76948d5fe22e75ad0caf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9881 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 510872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 09:37:27 GMT
expires: Fri, 29 Mar 2024 09:37:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C9C8 0
0 45ms
44ms Fetch
image/gif 142.250.181.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssxEiGPNy7-4XNfwjRVdOWm0dgcwhgWUfP_LV37Sdsb48VMohgIsYhwaZ-Y6uDMhgGviPx4FIyK16WhcXoYSPzqM_jjgXeTLPCyhhx3TMgpabCU5tL6_gJOEm7vEeZtPoBvL4oOuecs3DonUN2gBOTMHfykNIMr_YZqFU6L2GTSZ0JLRQBHUVYpCPHF8MX_rOA-BoxG0zjkl5CGOsvhVQOg8TgdWYI9csU-0h0Br3RdcIdwY5TP_1979x02oEc1g4h-DqlK3lILBeezzTZ4Kxy2WztqdzfZTKoK-qDR9IBJ9YbWOuYZVNzy3HKH_Llqpx0wTumlkJ1HIkP1RY4BCPaNcnRV9wXeYa0BW1nrJIdx2aJTvqx8eoSfAAvYhecANGk6o5tQMVTs8o1CBbvABzWiYZD57MhWqVa5qiCGyQiXa72ZiydS1sfwnnBmj4PNvYOzmYuuY_5YX6kf7sxiMi573SytspMMCvGpLp95ctle13DVyZbGu65h4nt806NwQovQ-Z4A2VYCtUk9Yz1LHyE5iolFJJCVx7dqzd5rD59upur39fCbfkYaWmWCgUOi-zJ6RYOXElw7qqZlaNKaCHHAxFgi_rH126uQRC7i-L0fauj7OHGClBIEu72_KuOdcDncmiI6jXQLnhcsGMQXT-kmXwWKMh1ESStLJUjoHwMZ6zmNosFFAZcYBMxva_uJrKlWpNxcdEokByVkIXx9lK7NcnAGKK0a9De1hkLjHuBmexg3cfqLMmoMNl9yIwRijqZmzQmp12I6QoLuHw9sFBEwnVgs3fCrpnuSwBEHbo5wtF5VcdudsfAYw4vLrkdI8Zzr_AsCVrsxnGjC2whp3r_A1vyTOWXs1OVKAKiAY9f3rw6SyAI08JIkgk6eXXN2QvsEP4VunLBSh9NHT_1aUVCCYgkBBsJfvlf-bQLeeSUR_jYxmLOtyFtMrKqPtnNZELatAzXQnOoTmORLLY26HHXxfrMtVpqfskOipqBUEddENaXYvkHr01arR0wUAHpY29WTr5Xk8PPn44td_TL9mOdcar97UbX-tjuHB9fNMjaC00KePpUpq8eq__c2XRsmoqIdcMGAI69xXB9tGSeO3_aXVL8jDW6vw2Q-ZN-7UQrpzHR-votw3Kl63XjG8ALfGsc-tQT3Ph9lrCbKBI_67E5MoKpVuLVFqQOoGCV5Ses&sai=AMfl-YQZ1OBiTrfliylqILB4N4-8aBrEemftcYcPeyRJV7NS2dql_2ZGqio71PqabmeI_t146U6hJ_mqgKxou5Rq9iqL85xqoOUTNVGd28UBr7-O4T6ntBdPeXazg3rzUGmmfBRNsmbHLs4o45eF3HezhZKSG8nGv97JqaCzj3lkTonuFzrH5JSJ3C9khCmcTMpLHe-5JS03-GlZtsbJdFWwmTwwC8xaLq_uPSTFmpy9EPNwPtKCXQHqoGBviFKprQ2UQYVMhgA&sig=Cg0ArKJSzCGAsnVaurPdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=64&vt=11&dtpt=63&dett=2&cstd=0&cisv=r20230330.21395&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 05 Apr 2023 07:31:59 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2320 0
20 B 43ms
43ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4538356977454&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2320 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4538356977454&version=m202301230201&ct=76&x=1&cor=9129461177390334000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2320 70 KB
34 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9f8WsxcL96egmfI53Hal8w-GdDzzbELMJ9moHAxmJrLzvSUEEsQ6f5m4EYKz2ABfcGsbIuXHyUolqCsVgCxtftGMbPA&cry=1&dbm_d=AKAmf-DXrxz-ZnCm7pZhAY9-zt33kavpNMqF5aufkmI8h82aljBgsVDz-E-zof6c0k74BZx0hogyepH_7nj3kjlfQ1Ffjr8ibq0vALVXZCM5G945tTTtts2byM8ieLe0XoufywPza_kZ1_yZ7TH5dlTFUvgxdRRcoyD2-Vu2Q2MiR7Iw4QX11nTOazNdEg6La3EegSztE2bB22ntJUTadBwmCYZ8u0qVqiRL_VPMLUdEvXXVO412lmmrc2hlN0hCZoSVtCpPXNLq4QP-nKa1uPgJ34p-qOaRIFLqLlKF1K40vM-4Rs48UP2swP9WKoMX7bcHs_1FoilaQVqC5y57gPzqPcDz1938Ii0nv0S9blyP-0ESBmToUU9sI4sHvtoAS4292Qp0CgPPqYIIxoG_AfsOUm-Rj1fxlP7Dg2aabm84DBwempOyqmBkKjy56G4t5g4Iy-jXkUGxbH7cJQwRf22w6gb1Tg1A5KSNln4BxdNmDIpUEX-UJIUBpMeoESu-6aud3plkVzvhxDW5mhKrXpRckpWkFisfAdGBiX3uBkvRiw-E5iCs8cmu9PlGhqhEH51S0HcBTzyf8lwIwBTcgP0tPUNoXeqqKInYCocVRdSDYOmaj2CHuZTCIMj0OdBzYTgaqFnwWub8f0RyWu8QUTvvIRovr1uCFQGnCn-H6f6SLGND1BNhqqaRplVBtQvAwfKpH7DknxDFNHJR8HFCLhrld7ABxF78e1pT8X4oEZ1xrEIo9Oo3NINTYA8DpKkMfjK-u1RPAKDQDsMNXd3Q4frOf7P_rvCmAj0jN2rC4CZXqhZrVx_1zzvPyV2EVUjXDZ1VdfCqVWZltD4AjfIB4m2VR1bfmphfK8DGYQnWKf7BOS73XmahL7LolIl2vSXKR90GSCMQyxvpKcjOud6uJtznxNq0BpIDPKYnZ2MPwUIQaWwDgPmu4GIpc1OjJlMZb0LLKDfbDxliuzNcqua9oy27iyNdmTae9o16v_oTcRN241qmwhIUQdlFFJyJOp06CjfD27D7qvrPBvKm0WqCMZgOD21dwEGZDzSSyEyyjD8pSgsUazmQuo7HdWjU7OMj4fG6c19vfODxXkvM0RwPUV3S9OrpnoFBGaMa9hwH0C5A4gDClCx0SSg2uvnVY0CenDpa_vvmr4NcgICMakhHXVVHFK9pfIk4D1OdNqGAbSYAfFsvfX1H_CanOyKmshxtEoWsJRwoobWpkJlB4RVK1M8yDId-lHiCZO0gRnpfFgRgqaLw_i67cGbLPzBoRHdLu5gAgcSxAPneM0NM1V2f3F83VoMrGh1aQUotLyG72gYD9mPbo4tm6Ghn9As3XeIgUu1rjZW_Kf9DDBx7HsF0jXPOHDszmhyd30lvMbm-Bt7ET05TyTDvM4zTB3ctmsJ7BbiSapKdEE0vPRnvv8LB3d8jLZ7uh_ouiui0G9kJA29c9EzFvmG02Gqrgaj60Y5irQYntvLcScUhymzmP2J4ZuHnOs9prTs0lpNW8-OZNmnZoLPNGxlt9J9hXpDjGi8wcPgT20R3zK9Em_iziYSrRcInkr3TsKTZLfwJ8HGokBAMLt5ZqeRlokeuXByOFudiKtqrSI5eD4mQ-MBwBOVZfz2FpolkulUuCL5hl06f50SGS-NjyhvULOIOIe-Kek9YpqUe6OTSyrvHWiEYleG4XhyRMxC9pRjFxwLdtuj61llWhgJGJuHONemxdh-uOHBMr6hasGKVF-1gq1NfKfTyVYGcC6uR5LWNHkLBFXxoGIHuRzrMNFMHyuQPkNAetAtmi_LolmSeDC0enV9yGfmSTZ1RuVSAHDlU1aL20vAw962AuNorCbq1-kt7x0BeYpYkTxnxCpuFnJsXRusX994t4_R_x9l-arVDoos4SOMbTGuKKzodROI55PjSFYq3ZGzK_aI9-L3tzBV_feHvnJtyiZ4GGzsmNwcOuf1RH60OjTfC80KeOt_6IolC9qdTFduFSQXfExyRjwf1Ktdgw98gmvMFK6BEXJHlywCiqwFeUhoSsyayKCD83KNaoIqkQvMCjMZniGgOUUeJ7AlNXpAeQf-HleyLh0vcrBvgabOS6KvanpNHptFh2xXyuKIx5xvzaHjsaMusHngLrY22KkiNxl0uWr6Fu2XwyJxc0WFuWGEbok2n_J51_eIimkjaF6QUajCObG-CegsYdFKgoY7VAuOPWg-nPhSUwhfiSS6lij90WV0WY-fR8PGeS_hHRGVnPOoiz_g9vk1ZkFLeOcBxc0G1CIMcoL1wwJT-v-mAmZATsWFlP8hJOZwYpRpo21Oz48pkGPwbD1tdN7wp_FxJ8axHdXEMKA6VmMoklV2iLQ1efcWVEdrOHcAZL0WmcbvgeAf6qY9Bzfw7bFYwP48CWx0czA69VymYg5cMB8DZtueZVNJkhFuD0XazwW35sUKP0YqTru9gNSandV064HRS1EX_hGwg20hY9VD-1LLBooMFUjVz7Fh6n_SXFlx9MYn3DKqTtr4wgtaJ7az7sOaJ5ARgzg2_2IBHqIw3kwTcpEDClNarhYaN2I7CNr7mxBEoApqHSaKCj5e30wZfhg7GoYmuBmGSU-OabdyjIruURyeQiRA4lztENTbw32bksmy_lvUUCONR3gwedNH_Mzr9XgV66YTmAS4Pw6eVBDKoxTsOJVwxA5_fxLMTDbf6-4odcM7D9dSUTC_8pTlQZjqivlR27I74cgAoMPSEHpgx14olEoTLsFKPe0YG2YIL_nGWL44sNQUKfsbL9yp5AnW0ZFqZl20FonHwfyhNNO9lRZAlVmEZVJVlD-gwfwLe62n3Ca0qabaEH0Z5dlBVBJlSHjIy5EwEfZNgQfbUzRlOluIasQlGNpFfuk5okfBGq9FUwS801t3dkEtoFoV_SQOCWLjU_DE-J2pY5-x7Aifs3GLNmfnkiajPnrkLWt5vUiiCry1YU5Az6csuKw69QlU9V1D7TOIhcas5b_QkxiuL8-Il5nJqYOu64YBpSfB1W2xJdCXw16ZDGGl__4jxu1XGbD2mP672vAPmboZXVykH-tllPSBLd_BokK7Rv3S58x4DAe0UcATUWLQfT3JEVyPJG-Gpem54XWTrzayRpdnoYigbO0DHXICCv_xcWK_fiziFwU5WW_O5Zzrb&cid=CAQSPADUE5ym-Vv4bSeI-AIQIFaeF_ecvEos-HC5cIh7fgVrXRNLAgvVGP7FL_84l6-OgoQNBz4_eqdw94D-6BgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Freurl.cc&ds=l&xdt=1&iif=1&cor=9129461177390334000&adk=3285021343&idt=204&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75f1fbf75f7545d4cba1d526e4b6f28310e21b56163fdf39a361bac232ca3ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34336
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 08F9 70 B
265 B 125ms
36ms Image
image/gif 15.197.193.217

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECQXa00-xP6tQlnlZwKoSLw&google_cver=1&google_push=Aer7DvLGEQPDydZa5mTREOH2LElvdDf4T4drYRe2aCKD4c5HqtDEJwg9g84FLaDI3zjMLKJSIupov3cUZdxRo-25TAN6USZQg9Ov
Requested by: Host: 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com
URL: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08F9
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEGyeBzdxSl1zNrtm6nSZZIo&google_cver=1&google_push=Aer7DvKvm4Yx4jMtv_hruxkrRIPZGNP_yLOkMqvZp_BQB-I7cCZUandwXmb2E7oj1NiyC94yn6ls2V0NjXO727Lz5NAryOB...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGyeBzdxSl1zNrtm6nSZZIo&google_cver=1&google_push=Aer7DvKvm4Yx4jMtv_hruxkrRIPZGNP_yLOkMqvZp_BQB-I7cCZUandwXmb2E7oj1NiyC94yn6ls2V0NjXO727Lz5NAry...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKvm4Yx4jMtv_hruxkrRIPZGNP_yLOkMqvZp_BQB-I7cCZUandwXmb2E7oj1NiyC94yn6ls2V0NjXO727Lz5NAryOBL2i_U

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKvm4Yx4jMtv_hruxkrRIPZGNP_yLOkMqvZp_BQB-I7cCZUandwXmb2E7oj1NiyC94yn6ls2V0NjXO727Lz5NAryOBL2i_U

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKvm4Yx4jMtv_hruxkrRIPZGNP_yLOkMqvZp_BQB-I7cCZUandwXmb2E7oj1NiyC94yn6ls2V0NjXO727Lz5NAryOBL2i_U
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08F9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=D3MLD1F1Q4K-sYtbzzwL1A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=D3MLD1F1Q4K-sYtbzzwL1A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLNWt9sIaYilqZfhOc2w0gJSqJfmgDuBnwQJbaZ3IHA7jq3XFCy-eQIU2QoS_xu0vjG5Z-MPHW_uWdogcAmDx5vJQ9SoSI

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=D3MLD1F1Q4K-sYtbzzwL1A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLNWt9sIaYilqZfhOc2w0gJSqJfmgDuBnwQJbaZ3IHA7jq3XFCy-eQIU2QoS_xu0vjG5Z-MPHW_uWdogcAmDx5vJQ9SoSI
date: Wed, 05 Apr 2023 07:31:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08F9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPxtw6Vx5FWj_Eo3uM9UH9Y&google_cver=1&google_push=Aer7DvKvOYx96Ty488U15hNb9n2kFlb4vDCBHOp3XbJokzhg6r-JYNkaZJRysp8uMSozEUtKEj8...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczREZIUEotMUItSlJUOQ==&google_push=Aer7DvKvOYx96Ty488U15hNb9n2kFlb4vDCBHOp3XbJokzhg6r-JYNkaZJRysp8uMSozEUtKEj8cfmjEcZ9D2odQAZuU--FGC82L

170 B
188 B

20ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczREZIUEotMUItSlJUOQ==&google_push=Aer7DvKvOYx96Ty488U15hNb9n2kFlb4vDCBHOp3XbJokzhg6r-JYNkaZJRysp8uMSozEUtKEj8cfmjEcZ9D2odQAZuU--FGC82L

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEczREZIUEotMUItSlJUOQ==&google_push=Aer7DvKvOYx96Ty488U15hNb9n2kFlb4vDCBHOp3XbJokzhg6r-JYNkaZJRysp8uMSozEUtKEj8cfmjEcZ9D2odQAZuU--FGC82L
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08F9
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECYxNeIDocVNXho1RTkJ_I0&google_cver=1&google_push=Aer7DvLDpaKrcaWXjaOb_7itclxH0R8Y3b1Gtc-dpXf-5zEzjL58QQl3eE4NZlVHKtLgPoZdAcH_qgw4Qa8KerbD...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvLDpaKrcaWXjaOb_7itclxH0R8Y3b1Gtc-dpXf-5zEzjL58QQl3eE4NZlVHKtLgPoZdAcH_qgw4Qa8KerbDwRpXXfVXi9_O

170 B
188 B

22ms
21ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvLDpaKrcaWXjaOb_7itclxH0R8Y3b1Gtc-dpXf-5zEzjL58QQl3eE4NZlVHKtLgPoZdAcH_qgw4Qa8KerbDwRpXXfVXi9_O

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 05 Apr 2023 07:31:59 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvLDpaKrcaWXjaOb_7itclxH0R8Y3b1Gtc-dpXf-5zEzjL58QQl3eE4NZlVHKtLgPoZdAcH_qgw4Qa8KerbDwRpXXfVXi9_O
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: uIfgefK5diKJrgAJdFLl0hlOUEyB4uinFVPJlbUG7UoNHQISvXjwCQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08F9
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHf7WB_2hCicvR449O01JV8&google_cver=1&google_push=Aer7DvIlyQc3dtGfylpP3h1g4Bh7x2pA42JBHMJoyNfkIGDAPe_bancNTQojssLmiPIVR-s4nyD18i4xI7bk...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIlyQc3dtGfylpP3h1g4Bh7x2pA42JBHMJoyNfkIGDAPe_bancNTQojssLmiPIVR-s4nyD18i4xI7bk4na9r6VWH3ee-XkT

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIlyQc3dtGfylpP3h1g4Bh7x2pA42JBHMJoyNfkIGDAPe_bancNTQojssLmiPIVR-s4nyD18i4xI7bk4na9r6VWH3ee-XkT

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIlyQc3dtGfylpP3h1g4Bh7x2pA42JBHMJoyNfkIGDAPe_bancNTQojssLmiPIVR-s4nyD18i4xI7bk4na9r6VWH3ee-XkT
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08F9
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aer7DvLRqCyeb7qaXPKBib1S-JfA4wiqNcFx85mGeaKd5O9mlrjQdSb1XNo7Pf92qeMuANZo16KcMP8rds1OEe7vIJ1xxcJMDO8&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-3d7d4112-3455-48b8-b0e2-049ac9fa2a8e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAer7DvLRqCyeb7qaXPKBib1S-...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aer7DvLRqCyeb7qaXPKBib1S-JfA4wiqNcFx85mGeaKd5O9mlrjQdSb1XNo7Pf92qeMuANZo16KcMP8rds1OEe7vIJ1xxcJMDO8&google_hm=Az19QRI0VUi4sOIEmsn6Ko4

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aer7DvLRqCyeb7qaXPKBib1S-JfA4wiqNcFx85mGeaKd5O9mlrjQdSb1XNo7Pf92qeMuANZo16KcMP8rds1OEe7vIJ1xxcJMDO8&google_hm=Az19QRI0VUi4sOIEmsn6Ko4

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aer7DvLRqCyeb7qaXPKBib1S-JfA4wiqNcFx85mGeaKd5O9mlrjQdSb1XNo7Pf92qeMuANZo16KcMP8rds1OEe7vIJ1xxcJMDO8&google_hm=Az19QRI0VUi4sOIEmsn6Ko4
date: Wed, 05 Apr 2023 07:31:59 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX3d7d4112345548b8b0e2049ac9fa2a8e003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 08F9 0
12 B 16ms
15ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JW1-L3Npx5ZCzL5_89vy1vbhInx10LY0fFUKYaMxRGZdJDstBXN46FoqFcrsykvk5RDXEz

Requested by

Host: 5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com
URL: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9881 36 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 11:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14293
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 11:16:19 GMT

GET
H2 200 7701822227073594845
s0.2mdn.net/simgad/ Frame 2320 13 KB
13 KB 10ms
5ms Image
image/png 2a00:1450:4001:813::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7701822227073594845

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9f8WsxcL96egmfI53Hal8w-GdDzzbELMJ9moHAxmJrLzvSUEEsQ6f5m4EYKz2ABfcGsbIuXHyUolqCsVgCxtftGMbPA&cry=1&dbm_d=AKAmf-DXrxz-ZnCm7pZhAY9-zt33kavpNMqF5aufkmI8h82aljBgsVDz-E-zof6c0k74BZx0hogyepH_7nj3kjlfQ1Ffjr8ibq0vALVXZCM5G945tTTtts2byM8ieLe0XoufywPza_kZ1_yZ7TH5dlTFUvgxdRRcoyD2-Vu2Q2MiR7Iw4QX11nTOazNdEg6La3EegSztE2bB22ntJUTadBwmCYZ8u0qVqiRL_VPMLUdEvXXVO412lmmrc2hlN0hCZoSVtCpPXNLq4QP-nKa1uPgJ34p-qOaRIFLqLlKF1K40vM-4Rs48UP2swP9WKoMX7bcHs_1FoilaQVqC5y57gPzqPcDz1938Ii0nv0S9blyP-0ESBmToUU9sI4sHvtoAS4292Qp0CgPPqYIIxoG_AfsOUm-Rj1fxlP7Dg2aabm84DBwempOyqmBkKjy56G4t5g4Iy-jXkUGxbH7cJQwRf22w6gb1Tg1A5KSNln4BxdNmDIpUEX-UJIUBpMeoESu-6aud3plkVzvhxDW5mhKrXpRckpWkFisfAdGBiX3uBkvRiw-E5iCs8cmu9PlGhqhEH51S0HcBTzyf8lwIwBTcgP0tPUNoXeqqKInYCocVRdSDYOmaj2CHuZTCIMj0OdBzYTgaqFnwWub8f0RyWu8QUTvvIRovr1uCFQGnCn-H6f6SLGND1BNhqqaRplVBtQvAwfKpH7DknxDFNHJR8HFCLhrld7ABxF78e1pT8X4oEZ1xrEIo9Oo3NINTYA8DpKkMfjK-u1RPAKDQDsMNXd3Q4frOf7P_rvCmAj0jN2rC4CZXqhZrVx_1zzvPyV2EVUjXDZ1VdfCqVWZltD4AjfIB4m2VR1bfmphfK8DGYQnWKf7BOS73XmahL7LolIl2vSXKR90GSCMQyxvpKcjOud6uJtznxNq0BpIDPKYnZ2MPwUIQaWwDgPmu4GIpc1OjJlMZb0LLKDfbDxliuzNcqua9oy27iyNdmTae9o16v_oTcRN241qmwhIUQdlFFJyJOp06CjfD27D7qvrPBvKm0WqCMZgOD21dwEGZDzSSyEyyjD8pSgsUazmQuo7HdWjU7OMj4fG6c19vfODxXkvM0RwPUV3S9OrpnoFBGaMa9hwH0C5A4gDClCx0SSg2uvnVY0CenDpa_vvmr4NcgICMakhHXVVHFK9pfIk4D1OdNqGAbSYAfFsvfX1H_CanOyKmshxtEoWsJRwoobWpkJlB4RVK1M8yDId-lHiCZO0gRnpfFgRgqaLw_i67cGbLPzBoRHdLu5gAgcSxAPneM0NM1V2f3F83VoMrGh1aQUotLyG72gYD9mPbo4tm6Ghn9As3XeIgUu1rjZW_Kf9DDBx7HsF0jXPOHDszmhyd30lvMbm-Bt7ET05TyTDvM4zTB3ctmsJ7BbiSapKdEE0vPRnvv8LB3d8jLZ7uh_ouiui0G9kJA29c9EzFvmG02Gqrgaj60Y5irQYntvLcScUhymzmP2J4ZuHnOs9prTs0lpNW8-OZNmnZoLPNGxlt9J9hXpDjGi8wcPgT20R3zK9Em_iziYSrRcInkr3TsKTZLfwJ8HGokBAMLt5ZqeRlokeuXByOFudiKtqrSI5eD4mQ-MBwBOVZfz2FpolkulUuCL5hl06f50SGS-NjyhvULOIOIe-Kek9YpqUe6OTSyrvHWiEYleG4XhyRMxC9pRjFxwLdtuj61llWhgJGJuHONemxdh-uOHBMr6hasGKVF-1gq1NfKfTyVYGcC6uR5LWNHkLBFXxoGIHuRzrMNFMHyuQPkNAetAtmi_LolmSeDC0enV9yGfmSTZ1RuVSAHDlU1aL20vAw962AuNorCbq1-kt7x0BeYpYkTxnxCpuFnJsXRusX994t4_R_x9l-arVDoos4SOMbTGuKKzodROI55PjSFYq3ZGzK_aI9-L3tzBV_feHvnJtyiZ4GGzsmNwcOuf1RH60OjTfC80KeOt_6IolC9qdTFduFSQXfExyRjwf1Ktdgw98gmvMFK6BEXJHlywCiqwFeUhoSsyayKCD83KNaoIqkQvMCjMZniGgOUUeJ7AlNXpAeQf-HleyLh0vcrBvgabOS6KvanpNHptFh2xXyuKIx5xvzaHjsaMusHngLrY22KkiNxl0uWr6Fu2XwyJxc0WFuWGEbok2n_J51_eIimkjaF6QUajCObG-CegsYdFKgoY7VAuOPWg-nPhSUwhfiSS6lij90WV0WY-fR8PGeS_hHRGVnPOoiz_g9vk1ZkFLeOcBxc0G1CIMcoL1wwJT-v-mAmZATsWFlP8hJOZwYpRpo21Oz48pkGPwbD1tdN7wp_FxJ8axHdXEMKA6VmMoklV2iLQ1efcWVEdrOHcAZL0WmcbvgeAf6qY9Bzfw7bFYwP48CWx0czA69VymYg5cMB8DZtueZVNJkhFuD0XazwW35sUKP0YqTru9gNSandV064HRS1EX_hGwg20hY9VD-1LLBooMFUjVz7Fh6n_SXFlx9MYn3DKqTtr4wgtaJ7az7sOaJ5ARgzg2_2IBHqIw3kwTcpEDClNarhYaN2I7CNr7mxBEoApqHSaKCj5e30wZfhg7GoYmuBmGSU-OabdyjIruURyeQiRA4lztENTbw32bksmy_lvUUCONR3gwedNH_Mzr9XgV66YTmAS4Pw6eVBDKoxTsOJVwxA5_fxLMTDbf6-4odcM7D9dSUTC_8pTlQZjqivlR27I74cgAoMPSEHpgx14olEoTLsFKPe0YG2YIL_nGWL44sNQUKfsbL9yp5AnW0ZFqZl20FonHwfyhNNO9lRZAlVmEZVJVlD-gwfwLe62n3Ca0qabaEH0Z5dlBVBJlSHjIy5EwEfZNgQfbUzRlOluIasQlGNpFfuk5okfBGq9FUwS801t3dkEtoFoV_SQOCWLjU_DE-J2pY5-x7Aifs3GLNmfnkiajPnrkLWt5vUiiCry1YU5Az6csuKw69QlU9V1D7TOIhcas5b_QkxiuL8-Il5nJqYOu64YBpSfB1W2xJdCXw16ZDGGl__4jxu1XGbD2mP672vAPmboZXVykH-tllPSBLd_BokK7Rv3S58x4DAe0UcATUWLQfT3JEVyPJG-Gpem54XWTrzayRpdnoYigbO0DHXICCv_xcWK_fiziFwU5WW_O5Zzrb&cid=CAQSPADUE5ym-Vv4bSeI-AIQIFaeF_ecvEos-HC5cIh7fgVrXRNLAgvVGP7FL_84l6-OgoQNBz4_eqdw94D-6BgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Freurl.cc&ds=l&xdt=1&iif=1&cor=9129461177390334000&adk=3285021343&idt=204&cac=0&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9dbef35ab8a437e0f70ee218f392594fdeea97afac65f192e888e5bcdb242c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 23:03:45 GMT
x-content-type-options: nosniff
age: 289694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12801
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 07:06:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 31 Mar 2024 23:03:45 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230330/r20110914/ Frame 2320 28 KB
11 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230330/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:48:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11009
x-xss-protection: 0
server: cafe
etag: 12368014760096651300
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:48:53 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230330/r20110914/elements/html/ Frame 2320 11 KB
4 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230330/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:49:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:49:24 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2320 0
0 57ms
55ms Fetch
image/gif 142.250.181.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsurQEpGYnfRnbQB2COjl_cAkMhyAQ05SIHRX3OLREG_5ZfxDq3dLZ7LPwfFfd0pplqgYw_Fkr6R8SflZAS-9p37h7om03ZNgqsnpCohBQQJ0_OrlQ3vPLlw2nX8m7_-1B-6HOOcvvzRtaUry1H5kossAoGPF7Ke3Qjw2vVDPhN0uwUiTciBXkGZxvjQhWYVHAJmwXn5EYaTSxusrsmTHc93kuziYwOaObfLuRltx7rRjzGDFODd7sc1slQZOF7QKe0ZY_ROngNiHbG78Am-tSje-A4IXMwUFKQGFJm4GOjAfr1821kg-ZiRbZLT6dTdLqdrhCZ_HMcJff62g3kh1RH_TP5pSAvg1N_izoD6t3gLXGJyEDjDLF1LMdLeRVodn9Wb8QyVFIE32gQ_4An3Up3_Jj87QkZtoGOgt6f-2_W2x0HTsBdyN70uhiVelimmLjwc5Mo944sGHe9w2qz5MdvaI69-PVER9YWrb_u9jOutF6uI9ibOtURrFGTbCP4d0q9j2xMCIpkXJdgrSlUePSiiwA4a2lPtKmhdLci46PUWuDJ1NHhUu8QJap6qncq2tCn2wpkkch3-jQ9MT_Kv7UkVnvCeoFJRNk3lkeslziwvHQFa2l2UAnXda6UH9JEWnMM7gbLWmrjK4VVhbECrZ3sntkIw5AvkRY3Ha1qzFm4lmvv_4pRELeG3cuWOwNwT_kuCUb9x3dBW1OvMpNEk9yJOmqGnBibu2SlmEQBcohgAba-XTvj2GMF4fqv3-4B7R2KBLqsGWkSMJxn-IiT612UBvYYbZGS5NGZuHgaVAJ482VgD_4L5hRnxPvN28bYrdWRZmAlAvSBNN4l7YdYZprz_ftovFiPPBHWGaZUn0R75RvpiHF-2tslzS-wS1WYTy8vMFb6cl1X6Fe7crWhR4bn9VB5JkEst3otSukNWeajWOiOau5tHYg9GlPFGeDzcpHYZVj4fdUQcSFWM3OGmeCbF9q-p-9zTHOXPKlKviyPOMOJLDA8nE5XuusyPAHq3rTT9YcnHrDe_iTF_mP-EeqGOXtEZKI_y_2n5SKbGELOFj_H8TXExlP4acfGdmfyAO5vAjIktiFK-NTdn0OPQaPcmQom_U09M5cIvoVqpJ-cuv3HMpI3ZksyYuwfinI9PfVU4uwXFGoyuWkC8YXmdjn-LrSDKGBV3DIzfLfD8DXE&sai=AMfl-YQ9m1uPRvxil3JwR3M-8tXPZQTjfucwAB5TfUJ_t6A5qaz7D6B425QavNgls4thBnpDIRQ0r04UT7FQ2LrodYQDNTepoxr0BGbeXUxp2vUFSp5VU8b8FCG5Royko1GVn4w8psv9g4uMZqn-nTGwNUw-wdmPENuG_yMZS83JD4z1-OULFd785JMysmsqELx965rJjbKv1lkkjYM2o8VpgfzGVXNk8-L7P_T1Y-GiFZn8PavEl8cH6kW2GB8j8-xulk15CdU&sig=Cg0ArKJSzH4JzJmc49OvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230330.08915&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Apr 2023 07:31:59 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 05 Apr 2023 07:31:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2320 41 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 11:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Apr 2024 11:02:19 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2320 0
0 48ms
44ms Fetch
image/gif 142.250.181.226

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsurQEpGYnfRnbQB2COjl_cAkMhyAQ05SIHRX3OLREG_5ZfxDq3dLZ7LPwfFfd0pplqgYw_Fkr6R8SflZAS-9p37h7om03ZNgqsnpCohBQQJ0_OrlQ3vPLlw2nX8m7_-1B-6HOOcvvzRtaUry1H5kossAoGPF7Ke3Qjw2vVDPhN0uwUiTciBXkGZxvjQhWYVHAJmwXn5EYaTSxusrsmTHc93kuziYwOaObfLuRltx7rRjzGDFODd7sc1slQZOF7QKe0ZY_ROngNiHbG78Am-tSje-A4IXMwUFKQGFJm4GOjAfr1821kg-ZiRbZLT6dTdLqdrhCZ_HMcJff62g3kh1RH_TP5pSAvg1N_izoD6t3gLXGJyEDjDLF1LMdLeRVodn9Wb8QyVFIE32gQ_4An3Up3_Jj87QkZtoGOgt6f-2_W2x0HTsBdyN70uhiVelimmLjwc5Mo944sGHe9w2qz5MdvaI69-PVER9YWrb_u9jOutF6uI9ibOtURrFGTbCP4d0q9j2xMCIpkXJdgrSlUePSiiwA4a2lPtKmhdLci46PUWuDJ1NHhUu8QJap6qncq2tCn2wpkkch3-jQ9MT_Kv7UkVnvCeoFJRNk3lkeslziwvHQFa2l2UAnXda6UH9JEWnMM7gbLWmrjK4VVhbECrZ3sntkIw5AvkRY3Ha1qzFm4lmvv_4pRELeG3cuWOwNwT_kuCUb9x3dBW1OvMpNEk9yJOmqGnBibu2SlmEQBcohgAba-XTvj2GMF4fqv3-4B7R2KBLqsGWkSMJxn-IiT612UBvYYbZGS5NGZuHgaVAJ482VgD_4L5hRnxPvN28bYrdWRZmAlAvSBNN4l7YdYZprz_ftovFiPPBHWGaZUn0R75RvpiHF-2tslzS-wS1WYTy8vMFb6cl1X6Fe7crWhR4bn9VB5JkEst3otSukNWeajWOiOau5tHYg9GlPFGeDzcpHYZVj4fdUQcSFWM3OGmeCbF9q-p-9zTHOXPKlKviyPOMOJLDA8nE5XuusyPAHq3rTT9YcnHrDe_iTF_mP-EeqGOXtEZKI_y_2n5SKbGELOFj_H8TXExlP4acfGdmfyAO5vAjIktiFK-NTdn0OPQaPcmQom_U09M5cIvoVqpJ-cuv3HMpI3ZksyYuwfinI9PfVU4uwXFGoyuWkC8YXmdjn-LrSDKGBV3DIzfLfD8DXE&sai=AMfl-YQ9m1uPRvxil3JwR3M-8tXPZQTjfucwAB5TfUJ_t6A5qaz7D6B425QavNgls4thBnpDIRQ0r04UT7FQ2LrodYQDNTepoxr0BGbeXUxp2vUFSp5VU8b8FCG5Royko1GVn4w8psv9g4uMZqn-nTGwNUw-wdmPENuG_yMZS83JD4z1-OULFd785JMysmsqELx965rJjbKv1lkkjYM2o8VpgfzGVXNk8-L7P_T1Y-GiFZn8PavEl8cH6kW2GB8j8-xulk15CdU&sig=Cg0ArKJSzH4JzJmc49OvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=21&vt=11&dtpt=19&dett=2&cstd=0&cisv=r20230330.08915&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 05 Apr 2023 07:31:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F5AF 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
URL: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 09:37:27 GMT
etag: 48472445140208031
expires: Wed, 05 Apr 2023 09:37:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2320 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69250360309188fa8edcfa7f60a013f312013d0a38b59b333cb36c1387e3ace4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5A8D 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 510872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 09:37:27 GMT
expires: Fri, 29 Mar 2024 09:37:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F5AF
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKghzr6HQ-Ubf2A-NNt6rBg&google_cver=1&google_push=Aer7DvKNsTqeiC8jN-ADlchjL9pahl6A0vzoKedVQ-OdGFXc6k7JF0KrkoVohLX4a7wvky_nhaQh8GUEA31ubYgn8c2ptOHVaJFvvA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE5MzY4ODAzNzc1NzU4NTIyNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKghzr6HQ-Ubf2A-NNt6rBg&google_cver=1

43 B
398 B

44ms
14ms

Image
image/gif

46.228.164.11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKghzr6HQ-Ubf2A-NNt6rBg&google_cver=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Server: 46.228.164.11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:32:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKghzr6HQ-Ubf2A-NNt6rBg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F5AF 35 B
465 B 32ms
9ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHGy_HSq1DPU9irKfkr0NtY&google_cver=1&google_push=Aer7DvJB3t6ZWKk4MiQwQKczpBNy0ZinlyqABYqsqw6dEEwWoSr3pV4Gj7EZD69qkwsx_Uj-1IiXr0W_0WicFLFK6B1AxEw_0hTn

Requested by

Host: d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
URL: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET img
sync.mathtag.com/sync/ Frame F5AF 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5AF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJX66Zm37SUm2O7pn_JHKo4&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJX66Zm37SUm2O7pn_JHKo4&google_hm=ZC0j70GsDFZdmeu4QnucIQAAFHUAAAAB&google_nid=index&google_push=Aer7DvK6YwsiV-Mrd6mRhJuRJm2RSrerJOlIW...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJX66Zm37SUm2O7pn_JHKo4&google_hm=ZC0j70GsDFZdmeu4QnucIQAAFHUAAAAB&google_nid=index&google_push=Aer7DvK6YwsiV-Mrd6mRhJuRJm2RSrerJOlIWWhAabXRPzmX5d0DetRBOD_X0C1WKaLkiVmaUqMdJLMsufQDInf_tTvEPr1jqgMSuA

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 07:31:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJX66Zm37SUm2O7pn_JHKo4&google_hm=ZC0j70GsDFZdmeu4QnucIQAAFHUAAAAB&google_nid=index&google_push=Aer7DvK6YwsiV-Mrd6mRhJuRJm2RSrerJOlIWWhAabXRPzmX5d0DetRBOD_X0C1WKaLkiVmaUqMdJLMsufQDInf_tTvEPr1jqgMSuA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame F5AF 0
75 B 127ms
20ms Image
text/plain 185.86.138.153

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEO2mUZVEG1xwn6RHRM0TkK8&google_cver=1&google_push=Aer7DvI7qtKaNLjK7zutNNgqlNdSbvJNppf0hcGpWjy-nNFMxe7kQP7656nbsugZV-ZNhHEV_eB-6Ds4UNgL7FyifTTp-AWz-aY6Gw
Requested by: Host: d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
URL: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.153 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:58 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5AF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMvGrNOIPoZ9FgNZc5tR2ak&google_cver=1&google_push=Aer7DvKXxSxpHlR0qKTBxM5tHXQ9cD1UWVV-Dng1PCXYDdjuzBgQ2fprLwGl6KEXiRlxWOyB-O...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMvGrNOIPoZ9FgNZc5tR2ak&google_cver=1&google_push=Aer7DvKXxSxpHlR0qKTBxM5tHXQ9cD1UWVV-Dng1PCXYDdjuzBgQ2fprLwGl6KEXiRlxWOyB-O...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS11QUROb2RaRTJ1RUR2eXBnS0pSdUN5b0xibFBsRklva35B&google_push=Aer7DvKXxSxpHlR0qKTBxM5tHXQ9cD1UWVV-Dng1PCXYDdjuzBgQ2fprL...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS11QUROb2RaRTJ1RUR2eXBnS0pSdUN5b0xibFBsRklva35B&google_push=Aer7DvKXxSxpHlR0qKTBxM5tHXQ9cD1UWVV-Dng1PCXYDdjuzBgQ2fprLwGl6KEXiRlxWOyB-OLKzitmqTNqCSPLwdaFawD-6m6MOmA

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS11QUROb2RaRTJ1RUR2eXBnS0pSdUN5b0xibFBsRklva35B&google_push=Aer7DvKXxSxpHlR0qKTBxM5tHXQ9cD1UWVV-Dng1PCXYDdjuzBgQ2fprLwGl6KEXiRlxWOyB-OLKzitmqTNqCSPLwdaFawD-6m6MOmA
date: Wed, 05 Apr 2023 07:31:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame F5AF
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHf7WB_2hCicvR449O01JV8&google_cver=1&google_push=Aer7DvIIsY6cz1JspPtWhEYwNI_SrssAYNf5cjBrFLqCuX-ZJy6qIfMH6-p9szEumz6NsuHvNa0qlTztSpF...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvIIsY6cz1JspPtWhEYwNI_SrssAYNf5cjBrFLqCuX-ZJy6qIfMH6-p9szEumz6NsuHvNa0qlTztSpFXLR6PwKDHC3rFJ4uidTk
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

7ms
7ms

Image
text/plain

51.89.9.253

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

51.89.9.253 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F5AF 0
12 B 16ms
14ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LS17YBE2curvVaVsoph1sn_pAjXaifV_3SLCIjFwbr9SspKgRmDzrh1IWTJvfcj3iOCdleRoI

Requested by

Host: d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
URL: https://d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 07:31:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A8D 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 11:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 159340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14293
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 11:16:19 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9881 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bd2hK7yMtZJWlH8S1-gb-4JLICgAAAAA4AeAEAg&bg=!GBulG0_NAAbEgrg45II7ADkAdvg8WpZu0_0q0Puxlt-usBbGlSOJZ59lzNdffx8D-TKf_2RTys5qPxDRyF-08xpdq1wGnTAQowwCAAAArlIAAAACaAEHmQM2iArZgL1cmKWWgM1IevGnJypmrx6qoo5-A9wsqOrD8FNoxCa9IlB2bh0LZsQDQdKjwnfbAXr_R5KvM3yFntv3p6BtQMIE-Cm7MSSVARreaWM8BJ5XgnaIEjI8RimUGHrMr-28xTL6nVy5pS1rR4oNnJ7j_EHxyejMRRvJxG70dSKypRxpisxGcy_FVB7aqvDMyuSdLmFZtMfsCdbOlSIX6R77Dn98vxXzqBcaXZFFbfBn5714-PchR-D98OtPnSO6mPt59xSV5K--MDlzmODXpvnU-2iqAo0Py5Z6RPF-ajhnCCW9XhimPlLae7bz9r_ad1chaGTEHc4cQYrJewahCHqAQcQ5q7z7LzsolKMCFFR0dERR2zABW6fJevrbbKGXZFFzgFNBXN1Zc0NeA2NUC_gNMxkkoGyj1uzpZfPYdey_KKpGpyS-DWu2FhcCJAylRdB7Za8zXpoUocA74HxfbTv8IwZc2NGapYfn8GcOIH5EsAv8gOuXGybWXmKPMPN8YO8dw8z5ky1mBn5xWDhiHMLlODcCFZ5atxsmkXyU4EzEkN9Nrw56_UVwQle9uiJzZm4gB-DN-2FXFP33Jo7K4azKUHgTuvr40-j3EnogaFWQ_zFLrubZ_AtMCfRR88O7wbcdM1gaNPo5fFnJVbe_IM_77VbJSKPM5K2JNJy62cN5DS0qTXJBmjDpqk-Xrd5tKIHfbhxuGQWcQNP-7Z4GEVMOwqIeuWFPeyQ52d93YarrBgG5YX4L1Xhyry982hSmKrFnd4uOKDSIa9wVfSYQhsVZeg7tcDNV3bzfpNcCTQgGq1FT3O9QYagfDUMYM7brsuScZk34GELOQJ9iVoy56SvZtNG8nIGiduFj0TwzjEIQsvASXpjk6l0QZ-mQ6rIEAlbYe5x4YcNMVqcnQjtols3SfFApPAmGP_YC1W5JO4ugBBk0qgumfgce2RzYo30sIwDDguMFGHBxkcuasvFPOimdDDZNE8OY9H4sYhMbgkt-a_--dfdGnuO2B30PdjlwXSaRltrsWtCHSasbdTgfe1yalONt0lIub4WeivXZJtImhGQLr3VHCriqx1viT0bSupBUFTlB

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A2B1 0
0 43ms
42ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202303300101&jk=2678979676560860&bg=!UlGlUQXNAAbEgrg45II7ADkAdvg8Wu_73T4CwOafi4eJVUE1SSv7Xn1ccqsgRjbbB02BSxlQYcdf5oFhJ1X7KAo1EGPe94UIEvECAAABE1IAAAADaAEHCgBrhM_pibhSetGPkpxBQgjGSX3qIxP2OeAiFtrJXFYKY6mklJU2p6TM4HMpTaLESEih18387xx8n1dJMdaBMrS7gDxG8QeBjNJN5aCmPqgeGpON6aq8KzwXHDZHeAKCiGzt5zGIos6bRQHuHEWZAtuufkIyRjD4p3rvM8rLUbLKQEa3nS9iHhGcN3m3DIOTjEsqoe0JftuBOIDL7qcQp1PSlk9lDbhclDPt6c6jGp6d0lpCkYl0Y7rCNJYMR8pdbrNjXhSeMPW9VKShauDDWNYJ84Mac5Kb3gO-l9xiYmfk6BAEfcf-VSNWUIluqIwnmR29eEiB9lafsT6qP5ZpOlQoSGn28lDojHdNmVG1IZEqi8aNG1ACjOQyNyd5q23bhZ3xHQMxJHhsvoTUv1v41WfkbbIBMEINqr4nljp2ERxhtr9nMW2draERrnJ2IthgqdXcZ4_JFQOY6jfWQckp5THdsOlXIY0w_e7RMXoMemwg-pY8e40mYP1JKf-ytQ6Xo_Y-1dLxzFuQIZvfPagBE1Kw7IY_aGSzR2CLHOzcOcQ24NkvfO-FiB-ygGm4j4ITvx_b8S75l5YR4jq4y5ra7_PQLAFDdhaZKR68bnguqUICnuKjUX23XgbMDe1uzKA9Il80N3ZUbF9CC4zF2EPcO8cWVngJxp1XdY1lZ8KB9vFM1ZY-Rs2sYHvShlo7LfauwPr1JSjWKtTFLk1xM4geo29o4v5Qi6WCcAvlxGzEIYq3ysm8Xgm_FZzsJRrtgMs0ml2gWL4wwZrQmeKzaftMLGxarsyrYJF8sVenOtVPuIqtX_U3z3nGQjiqg8BERnQQPYo3aq16rwTJzrE5kXpl7p7l-B8992dtIEcWNgYzmgk2hmvn1JzBDH_4kDjSx4GV0r4D8Zx7fSjBz1IhKa_rppKS5QcV4moTJ4VHQbgKWACebHPjLCf-3oxAu6nV1ALjymc-kjEgVqwrWvh0olBuI0HYPNkMDQbJuFEYFGLuqfUdzNYVZF1-2QP8dECda9pkCHI_f-7gDqlL2hanlWNj01BVaSvci23LY8CL7OrPVuOzVpxNn9dQ1vDuPt29pEqdWdRddNRhEKf5Cd1zvlPhRnvKz_7wh24-8kT7Qg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A8D 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BN0_p7yMtZM_cJ9S9x_AP-8OIUAAAAAA4AeAEAg&bg=!EBOlE0fNAAbEgrg45II7ADkAdvg8Wk0ltwu4tzassjYKz6G8-GPs7Ffi5p3ODPr-b-ZBKvaTdj4fbmLP_CT7HrDaS0fjKrFj9QMCAAAAV1IAAAACaAEHCgANaLqvxGUlp-X1eaM1CpkDPsZcqSc-QxBm7xE_4NMJ0vHQGp-b9u_cNH6YpBfocVCJ56AiCsOa35Q5STwvn7PkYue40q6H7DsU-Az_slRav3Si4CyvB_OoUTDVmnpWlw6rQ3by6un5dsSreSdWtR-4u4R6sQMlPEdCtSeC85qbse5DGFL54B1-Q9GvjflCvq6nqWDDy4cQ0bCXlovaesM-nDewGAEmH5SpthPwJa0tvsDF0quZeLFRWS1hXyZaEYQ1KpyjXXlsZCkGRjUypEt7_YpRMFuzlYNTiIFXtirxfPJXnCmKMYfkeDEDvyv_qRBFiIgzdAbDB_ZI6aVJcI-IXcf5rc_FEBuUcaTEWUb964XVTllt3in7F6K9UeSD_eMHmNPEmP36fi2MRNuTqerXVwhm1o4w7qJGvTiIkB-EbQsMLJKZmt9JkJV_Dyp8GFwH_H5k2wEI71hWcHc6h0myEWDQ4SnlVhSNh2tQXRn0iiHmddytZTksaYh5PJ41gI-mekB0MzA1ToZYXeYsOLTuyk0wnmuPwplksbpaPQlETbdLDJe2sdEnHnvKYZ-tlXap_VkC-gayDbXnk1_6Oa3qkLAbUrkudQ063PeCDVokjgt6tMhCIdaAHj84cnQUQ68VmInZdswp7qnT5jTbgpGy0HtT-SFCC49MdeZh_68zsf8HgNE262NaflLokiOmypVxAf5pVAiHTYhmI6TwgHTls76tKR-WAQllbsBeFulbxThCNkbDEF-gJgBq5pTl3WRN0fQgqTiNrWFf67L-uCf6VKjCANBVY344j0mX1n6JnPMVhGTKCHRcwd3qH6hsB9jaVMAVvo_fqxdz7z7MtmJXHgwpQmeJvW6AyawOUFyblLAjDqIJ8HuqKwDSEthdocXLrfY-hjEeLVZiVIOq0HD0p64euJC1XzW3JRITSKTddZkRlZ-DWVYYe47McqMBEaf-22vulzNrvIRUEmdFLkenl_TQBLnhE4ibMEdNj_8MQFcILpU5zjwFYDWbBU6X7aAsRlNdNGzH87xXTZ2q2TBokVYsQYVe0Nalz_IwS3QElhMrKoaMOtzoBuAiI-rgq2dOSI6MUVg7U3YPX4aDVWyDy9BaYcGCS6ULd5fpYfia

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:31:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CA6E 0
0 44ms
43ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202303300101&jk=2862631850982870&bg=!xsWlxZHNAAbEgrg45II7ADkAdvg8Wm55AKKH25nM0drSrOJggi4_SK9tAKJvWG2yKkP1DDgPca-iYtfNJvlXa6IUNMhacepGOAoCAAAAeFIAAAADaAEHmQLZG2Js4ihNwcZid-GIxaRH9Q1kllF4VF8tnqMLkoAiFyWHVNAkyAYuENbawa7gaPgQEdgbaE9TDXMtN4QerEJSDTaZqOpw1f1izbS97xxMbiK1wIeSd1HUIJ27M-RjWgOkzUbL3DMtGp9mC4_QsgppR6sr6In4FW9hJN1Byqf7bttKXlMKoG8exxsfmHcV3aXgtifaqgidzi_TJ2a8qDa57F0pSd_5Kh905camSG3pfd7-ws3ROQ-QNZg7GNe9-0vv_P7gcsHSpfH4nW3unQsV6YX7VGe0gcTPEoe-k2TR6kL4Rqmak1sZyPBpdLrv74zLhDYABzfXyELaxBVethVjfkEMdExSz6dEFPDutQGrmdeUK9y_ETrvqg1r47zgbglyRfGTw4vKzXU-OsVcpxpsYVPLxMyQ-O2omJ2SW4qTi881WiQCbIT4QYM1fcB6BFOaSL_uVLvK9dNzuAeLwCfPYDTE9LrFdFRdPRH2QShTCDl7iO3l52AVoRvfQ7xph6wyzPhIjT4a1rRhRCMojgsI9ZdDNKLy7wHOf9B7bpx_zq0RkS1ADzu3PtanxcVWXwwcQ1HxrvnLEVj9cioDgemcT-WNzc5XoRO0qFuYKlN23oCEpns7GwTOXS2U3V1jZs5Rbb-WgsD08FOAWx77IlhepNmSt4NY1caIwI0X4VFJd8W6kR7jdkOkU7Z0KK37ws-86FjbQnetafayWUrkgk5W-Kggynq-cMGP8QyPNEIYKRQZSTY3piZTMPjiLx7ImY2c6h3CNEcfOlyeJDNBR0k7DayeInplMeX3z2Mhwnk9UvZDfcpf1X9Ld_lfBRk3McFezOuHGlg4eFSEhc7KQEOR6d6VC9aejssSYHwMbR748Lfc-95RGSIUkecAHGmfk8HoMl24JX1GswPW8YhQUBQ0Lbm9etH0OQFMOo4Bx8Mq5TVsPkpYVMc_A-VY1oMfT4rtB_jOBp_DYxZB
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C9C8 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-WLtntn-vvSMPF_ZBwHlO97zxIRjdMlZ-GL62yuBxrFnGTTCtVnfLLuMKDfg9o4ExEd0VUWss_Nn8sWReq-RECB6LwLPhCw9OE8c5CvlcbixzBRLFS5vvSOPIZ8utW6j4FL6kzA&sai=AMfl-YQIw075i5IyPv4qL-zul0PxcDTOERsCAVCggezA-Q_Hufv4oN1pbI6KpEECrtlRz2N1WgwEgOZXqgp2iozqRixXehXxwv-wrRKFs3WZUpM2gJZ9HYoWPua5n1XF&sig=Cg0ArKJSzKiYAPnjKLZjEAE&cid=CAQSPADUE5ymxub7nrsqe6rrH45xHakJl_55B5QfG1EVf2bh_Nmvi_xwUlNw7UaHWDKQQBtA3TJMHCZLUTgkCRgB&id=lidar2&mcvt=1000&p=973,935,1223,1235&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230403&bin=7&avms=nio&bs=0,0&mc=0.91&if=1&vu=1&app=0&itpl=20&adk=4072839793&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680679919318&rpt=303&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:32:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C9C8 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8174960948555&version=m202301230201&ct=76&x=1&cor=14982880467506176000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 07:32:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 2320 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Domain: scontent-frt3-2.xx.fbcdn.net
URL: https://scontent-frt3-2.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=GUpn1lBKHGIAX8w2mr3&_nc_ht=scontent-frt3-2.xx&oh=00_AfAavHZeMMqusNvGkp3cfckmEOWgGogoC-D1q2mjsGuYgg&oe=6431F9D5

Domain: external-fra5-1.xx.fbcdn.net
URL: https://external-fra5-1.xx.fbcdn.net/emg1/v/t13/7931410051516434586?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F01%2F%E6%95%B8%E4%BD%8D%E5%B8%B3%E6%88%B6%E6%8E%A8%E8%96%A6%E6%AF%94%E8%BC%83%EF%BC%8C%E4%BA%AB%E9%AB%98%E5%88%A9%E6%B4%BB%E5%84%B2%E9%AB%98%E5%9B%9E%E9%A5%8B.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbE7kdhVyKhZptnFqRniqips0qGH3DcheinAbivZzuYjSw&oe=642ED7D3&_nc_sid=698a6b

Domain: external-fra5-1.xx.fbcdn.net
URL: https://external-fra5-1.xx.fbcdn.net/emg1/v/t13/14069597498329024862?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2019%2F12%2F%E6%97%85%E9%81%8A%E6%8A%98%E6%89%A3-KLOOK-kkday-%E6%8E%A8%E8%96%A6%E5%84%AA%E6%83%A0%E4%BF%A1%E7%94%A8%E5%8D%A1.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbFQmtolbGVhZujusfp5-e4dxw8TnC1OeaHFaFzr2oTOaw&oe=642EB5E6&_nc_sid=698a6b

Domain: external-fra5-1.xx.fbcdn.net
URL: https://external-fra5-1.xx.fbcdn.net/emg1/v/t13/18029814871319172731?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2021%2F02%2F2021-%E6%98%9F%E5%B1%95%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbFwPfrhYElYKdHkNcffQ0US-SwNrN020Jd5eZlyaW3RPw&oe=642E93DD&_nc_sid=698a6b

Domain: external-fra5-1.xx.fbcdn.net
URL: https://external-fra5-1.xx.fbcdn.net/emg1/v/t13/287068195877952849?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F01%2F2023-JCB-%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E6%8E%A8%E8%96%A6.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbEPwUVoYcTtxZ1PZsm3Uu74_LyljD_SQSpIentFRAN3ww&oe=642EBA5E&_nc_sid=698a6b

Domain: external-fra5-1.xx.fbcdn.net
URL: https://external-fra5-1.xx.fbcdn.net/emg1/v/t13/16052937817076775126?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F02%2F%E5%AF%8C%E9%82%A6-Costco-%E8%81%AF%E5%90%8D%E5%8D%A1%E4%BB%8B%E7%B4%B9.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbHf9bOxXpknrZ8-VqPKC23nSMqa_qqx8WFOAOca8faB8Q&oe=642E7B2D&_nc_sid=698a6b

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/re1hPxQECWj.png

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/MKQzjVd1bVq.png

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Domain: sync.mathtag.com
URL: https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJ99addxJAAj1QzyoPMi6XE&google_cver=1&google_push=Aer7DvIsDrIuwXIWLPEsNKq6R3NysGpEoNjVVUEAC6VzmJwlnqRTJc58T3OyVVHOEolvAABvTjeZqdJBUN__9dbJxsw8kEXaC3qJTQ

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2StLwAcTOrhKdw6zHgp7w_CGERILAzUzZxxNP0ZT7Xz5i4tBKm1X8dSWcZT3dg7r-6xJnfgnEb-EYIxawuVqfAF1Vex1jFH2H8m0d6liNb9v7azlBdfsIdDuPu_QpQdRGxi1iig&sai=AMfl-YSKlVBq19MpgQNtIe5QNgo84sGgjLaynpfn8CIPB0e7aC5kLP3cLJ6L46N0UgJT12rM9WDIV6Zo5BZY_ZXJpOV9rznRnJNnrcmplj875Z3dKAdeV3TQpaZ-X7f4&sig=Cg0ArKJSzC9gp_SQw47aEAE&cid=CAQSPADUE5ym-Vv4bSeI-AIQIFaeF_ecvEos-HC5cIh7fgVrXRNLAgvVGP7FL_84l6-OgoQNBz4_eqdw94D-6BgB&id=lidar2&mcvt=1000&p=973,365,1223,665&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230403&bin=7&avms=nio&bs=0,0&mc=0.91&if=1&vu=1&app=0&itpl=20&adk=4136938775&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680679919333&rpt=428&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 15:10:31	Name: _GRECAPTCHA Value: 09AHugmmd6k5P-NQnouJei-322YvoxorTVYkzY1ibo3Vs2Yrbw8dlKavnDh3nCPp7pGnWGQ9HauSQh0s5mD7vhDX4
reurl.cc/	1970-01-20 19:36:55	Name: clientIdV2 Value: cffba54ebbd5e8cf93ab7eac0b219933f369afc36bf827259f57212d073d5d8d984e7236827842b3418d2960267003b59a53ffef00d0dd2f64fb826ac1c15c26d74dc1c239647d598a714971
reurl.cc/	1970-01-20 19:36:55	Name: clientId Value: cffba54ebbd5e8cf93ab7eac0b219933f369afc36bf827259f57212d073d5d8d984e7236827842b3418d2960267003b59a53ffef00d0dd2f64fb826ac1c15c26d74dc1c239647d598a714971
reurl.cc/	1970-01-20 19:36:55	Name: lang Value: tw
.reurl.cc/	1970-01-20 20:27:19	Name: _ga_N394QBRGC0 Value: GS1.1.1680679913.1.0.1680679913.0.0.0
.reurl.cc/	1970-01-20 20:27:19	Name: _ga Value: GA1.2.400798822.1680679913
.reurl.cc/	1970-01-20 10:52:46	Name: _gid Value: GA1.2.866425897.1680679914
.reurl.cc/	1970-01-20 10:51:19	Name: _gat Value: 1
.reurl.cc/	1970-01-20 20:12:55	Name: __gads Value: ID=8e44ecffb396e6a8-22ab1c067fdd003c:T=1680679913:RT=1680679913:S=ALNI_MZJUk-IBrDsXVNGQT5GzGjIv1CWag
.reurl.cc/	1970-01-20 20:12:55	Name: __gpi Value: UID=00000bd0c0ed12c2:T=1680679913:RT=1680679913:S=ALNI_MaOnsQf_PCZHTKcscxw3C05bbXbXQ
.reurl.cc/	1970-01-20 13:00:55	Name: _fbp Value: fb.1.1680679913645.809449101
.prnasia.com/	1970-01-20 10:51:21	Name: __cf_bm Value: N4hWpLbH7rdPOgjvSkBid8ei7HfTvF4gIxas88MHCYU-1680679914-0-Adpr5xCEY8K9z7/AWA8ZA6buIEQFdx3ZVxkNpgv/7+8d77OoFoWc41BfdTbMhl9Frv7bIxd+mh0x4QRmkXeFTY4=
.hinet.net/	1970-01-20 20:27:19	Name: uuid Value: 7e184910-e6d2-42d5-af0f-b286aa42108b
.reurl.cc/	1970-01-20 19:36:55	Name: __htid Value: 7e184910-e6d2-42d5-af0f-b286aa42108b
.reurl.cc/	1970-01-20 10:51:23	Name: _ht_em Value: 1
.reurl.cc/	1970-01-20 10:52:46	Name: _ht_a546ca Value: 1
.holmesmind.com/	1970-01-20 20:27:19	Name: P Value: 778703-OTzCXacBja87gspU8EFLEVrwJulfzGUO
.holmesmind.com/	1970-01-20 11:12:27	Name: Vision Value: 20230405-23:59,20230405-18,20230405-18,20230405-23:59
.holmesmind.com/	1970-01-20 11:12:27	Name: C Value: null
.holmesmind.com/	1970-01-20 13:16:17	Name: RK Value: null
reurl.cc/	1970-01-20 11:34:31	Name: CFFPCKUUID Value: 4961-QkSCRuKDSJ4MsGvFAi4i8BDG26MdeU49
.reurl.cc/	1970-01-20 11:34:31	Name: CFFPCKUUIDMAIN Value: 5137-5c6D4c5HKpa9BPIPmYghQwk3ZLHc39Op
.reurl.cc/	1970-01-20 11:34:31	Name: FPUUID Value: 5137-89e2f01c2477a11d3ebc28b658ba255223cc0b5ebd0a1faba657f0d36cd2915e
.reurl.cc/	1970-01-20 10:52:46	Name: _ht_hi Value: 1
.c.appier.net/	1970-01-20 19:38:22	Name: _auid Value: mY4trBDFDMKbaeAS7CMtZA
.doubleclick.net/	1970-01-20 20:12:55	Name: IDE Value: AHWqTUklIKhFHt1vvEr5crmsfsULyDo_y043JsQ6DyMDSYLr84lzsXv28zrW22iQEBc
.holmesmind.com/	1970-01-20 11:12:27	Name: R Value: null
.holmesmind.com/	1970-01-20 13:16:17	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-20 20:27:19	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.reurl.cc/	1970-01-20 10:52:46	Name: _ht_50ef57 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://anymind360.com/js/9479/ats.js Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://fcm.holmesmind.com/cm.php Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5cf544648701594965fef94fc7af3961.safeframe.googlesyndication.com
7e184910-e6d2-42d5-af0f-b286aa42108b.t.ssp.hinet.net
ad.holmesmind.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
adservice.google.com
adservice.google.de
anymind360.com
bidder.criteo.com
c.holmesmind.com
cdn.holmesmind.com
cdn.jsdelivr.net
cdn.rawgit.com
cdnjs.cloudflare.com
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
creditcards.com.tw
d5p.de17a.com
d881b7cc12b5b2a947657af9889f5d89.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
external-fra5-1.xx.fbcdn.net
fcm.holmesmind.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i0.wp.com
ib.adnxs.com
image6.pubmatic.com
img.gbyhn.com.tw
img.racingcharger.tw
m.holmesmind.com
match.adsrvr.org
mma.prnasia.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
prebid-asia.creativecdn.com
prebid.scupio.com
r.turn.com
re-news.tw
region1.google-analytics.com
reurl.cc
s.ad.smaato.net
s0.2mdn.net
scontent-fra3-1.xx.fbcdn.net
scontent-frt3-2.xx.fbcdn.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.ssp.hinet.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
external-fra5-1.xx.fbcdn.net
fcm.holmesmind.com
pagead2.googlesyndication.com
scontent-frt3-2.xx.fbcdn.net
static.xx.fbcdn.net
sync.mathtag.com
www.facebook.com
103.132.192.30
142.250.181.226
142.250.185.98
15.197.193.217
151.101.1.55
172.105.203.31
185.64.189.115
185.80.39.216
185.86.138.153
185.89.210.101
192.0.77.2
192.0.78.135
2.23.197.36
2001:4860:4802:32::36
203.75.214.136
210.59.219.181
213.155.156.181
213.19.147.45
2400:52e0:1a00::845:1
2600:9000:211e:4c00:1b:5138:8a40:93a1
2600:9000:2250:1000:3:1794:2540:93a1
2600:9000:2396:2600:0:e06c:e940:93a1
2606:4700::6810:5714
2606:4700::6810:fc04
2606:4700::6811:190e
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:803::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2006
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c08::9a
2a02:2638:3::3
2a02:2638:3::7
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
3.114.128.184
3.71.149.231
34.102.176.152
34.149.36.179
34.149.98.30
34.95.67.231
34.96.119.68
35.185.130.121
35.185.136.122
35.201.76.93
35.227.249.156
35.244.159.8
35.244.196.223
46.228.164.11
51.89.9.253
54.65.46.111
69.173.144.165
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0165c15a2bedf362f02f1dd1835b5c625faa48d7c0807de80cc4dd3ca40de809
0265a3323ee1813e0fa34a3da6b7711be8c3aafd86975c42e5d46cf77be45fef
02fb03a90ba8e768848eccdace513b8d3a36a2c29b5497a2b43662b09dd59eed
051141599f128f399f2cd53514ee1c28ba9d269ce1b065ba81dcc4b11a5d3b02
062846e8d28e4b414ed35cb7885ff381f020faafaa66fd379cf9191566f81827
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0983e9853697bf4429ffafa69435006bac11a895b7823be4fd6caae32d677e76
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14976c8ca12c8bd4c33d6aba0d8ff811c0fe350abaa4d94d72f241ff22fca3bf
14ef3b43995188b93e674bcc38243868e3515e285e5c6df129f1d84e50358752
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2
1a11175b9e2a9c453a98d1036263cc1281b5605897e06bb011cc750e7bad3a73
1a150009598468073b136fa532fa59205d7a18b79c20e777e534e46165193dbf
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450
1f75b6ee6e9bd2f4f0e4c5221d955dede1229eae2c137ad283fccc4918cc5bac
1fd76c6002ab7e166ca87ee7accc673356d1ab6398d641ce792cd20e04b4f2f1
2778e8f426015e29c9a33c392e596ee8aa4caec40d5e22ec40b408ee0b0ef4df
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
2e239a7ef6b367100ceb17647f6057f4b9db339e29e8e0778151df9ca5e07e15
2e741e3e6d08ba44b9f033e6105b520106de2300fa686ebd673d91290badd53e
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
362de89bbfb9611beef7c2c3ccdb317cc4af2bfa53228e816469c45a40547de3
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
395834ce888977fab5c27173baad78496ebbce8540bd07a4c781ef3a54c52271
3a99644ac3b98f4a7d4a9e1eb1894af7ffe5883cad0ca2ec71fa9c3bd291b26c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7d82b880e3757f72346f0922dffe9a481eeb222373b682e507ce17d208fa7c
3eb5dcd02d1ad69cb16154916a015071b1aa561fa96adc10eddcdac8329cbe17
43cef17a32d6403565654fc0972e73949f5cdb2c7e51830898b0738078f89f56
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
465c56187a03836cf6d6259aba8013a71c7aaf6a041d27d7d917cd4089d2fa6d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
472fdef60a9c14dae3f16bc488545ba8ba1c728ced1bdc253362ffcb386d8d20
479448e7725806b27b5a3ed384da98482c1da3465d1979bdb81c69adaa4ddb4c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a4fa50b79e19d74fe9b591e9db8dc8677dcee7f8d88678b31c5e205dbd86295
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
527c9d0004f0f6289d266e922af91ada1b9f29baaa5c5b7a7bb82e90d647a4fa
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53df1526fdc2b4f441555de54276736c9e11bca04fefa66d67a1c6185fcb24d2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57c887edbe15917d7b202e67eca64ec45cc5bbd2c3e3e048293bb7b2c8c7353b
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59ca1db7627a43046fe89e16e5b27c19b5e5a06e8bebf9167fe53732e2d41cea
5a449f86065b1da3e0a491a2f28a1a5c3d1bdea4489719b15dbc285e86ea2452
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5ad88988f5871797f8a6ae266d8cf7449aaaa85007064bf7fcc256abb80b39d7
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
5eeebeac1fee158e91552b54fd08b8d3db120dbe80ed09075135fa760415a3ba
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4
638ccc49b336e2a78cfc6494f039ecc1a87e93bf500909d44ea7d9ed7ad08bb3
6704266b2bfce04a8783cfcc06e1d2263474815e1763acca8551fa8fe3cfcc10
6855a94cf8a240cdc15f85e4b931d3c41abae30065ffb8425d5ec039d97a75bb
69250360309188fa8edcfa7f60a013f312013d0a38b59b333cb36c1387e3ace4
6ae217f7992ca44c6420e240cb46727f6a189ac102eef6b6d94d52e28fab6139
6b6fa5681244521cbfc6805dd31d6089a34ba51f94e6d9d30c8e412d21484453
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
727456104982ee9656af33c88ff09b800de852444c31e78f295638b31925bea9
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5
75f1fbf75f7545d4cba1d526e4b6f28310e21b56163fdf39a361bac232ca3ec1
77f6ce97ecb9856cc270cfeb0a077095667f4f47fe26630994e82bfad3619a26
7b2bfc37e0b68001b27c4ffa74191320a3a2ca08ac1ca6539a680e13848b673e
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
81a83ad8c65b893ec909609444e653b7e0be9395ccf59016e03284e0d1a13844
828fcedb9def4ac9f1481a4df43378a24d01d2080ca976c14eef797906bbdbbb
82a384f2d6e44c37988383d6a50c45f6e5f54fffe963cc8a4081ba438e93c3a4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
8bb6ace1e4ccd1e39830827276afbd4e65b57815b2039e89772accc3e6450054
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a
91226d544fb70382cf764a6a42a38f9231a983b6e200c8461f216d4bdadd8860
92f417353244bcbcbe333268dc2c44e69066c723dffe204bcda3bbe5048fded3
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
961e7fc98e9ef9afdf6f8b408627056f3402c1866499668ed6c99beb58c3aa35
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
973c1c3635e44bf3bfe4fe4d5acbd83f571d5dbcb80046d161e1ca19963282dc
991fe33155584583fa75319093a543a4f074e91a7db90ab8b6fbb2f39aa1023d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c5adcb9b89d01887d9c89f5f6b6ce9463732a74b4e39e84eed3ead802009a49
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9c9f87285251bbcc9a701bc74e755b0c48e1321efdccafd33c28896b40aa3ff3
9ce3677863b62f41e2055b944580d48783f79b1dbdfe76948d5fe22e75ad0caf
9cea8bf1b593007a1a8b4ae46c4781cbaa12670e8fccd253d787125eea07b2b0
9dbef35ab8a437e0f70ee218f392594fdeea97afac65f192e888e5bcdb242c8c
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a61cb8086f55d84a3ff8b152c11c8a21df98355e6e4e6bd89807fa32f6060ba0
a66ba6dda43ebd256dfc3de9235b98ec5b0c5e1274868d3d38f333679bb2ef18
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
a91751f1f02d78175e9cd38947d12745be0260d4e39ae65b4cb8565428d8f760
a921249405e6a7a59db559662834239567b64a6356f88aff8c02a4949ff0080c
ace598cef1d9acffd2c90a3b1ef06d74eeb14e8aab559ea69af6d6d7af5ad199
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1276adca00b19d123d3829d7657445758c774ef42342e8184e844c691af0ef7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2030569339b862f00a936d97af228b1bc2500d7f7162abc23be7d8acc710482
b356b30f869c97834461915d72eccd69f2461568c372bacc3a36bf2ed803b0fb
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
b93562203caabcae655710b1c3675ea904561c704ba66b73356ca7d38c2ddca0
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c0eb71eb9e59fcfd95ac487432f156896c46c9e1e1c2e7d09c053e5d76acad09
c257462dff7f2814faed1219b90b0f9aea60e2f6c0694c514a1a65891c28913e
c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff
c4f98c649b23ea92015a5d93f2499a91585972463231bbed65eaa432716086f9
c6105837ad333d7fc10554e0345322cf3048c5bf3434c049542ed22726a55ee3
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cc0d49dfd20b6ece5010cdd54bdefad3fe2df62828dc6c579cbaf5a4e63a9fe0
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2429dfbe741449bf01449b46bbf212b18f464038995e771ca9a4bb1e0925610
d422135203d1e49c401349c8dc9372dfa93398de8c8aa0b191cb202871b05ce7
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
de1fd422a1243bd2d255755467fc11f395000fbf42bcdc988ffa266437560094
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
dfd5831029e8ce345c31145770e98fd8fed9b4d4fa0d2ad70adc77c5942b70ab
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e28a14804045f708324e50a61eafd1e6de85b8e0e2a2106c546f60388657ce08
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e714c5185d63b672a0cf9ad0cf88a0c1a64b12b32351946bd1d5bc76f28fd084
e830fb2cd84ed7cc6eb54b4f7b682ddc8bf7dfe2bc02c3662631f0ee9abda2b7
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
ea729704c1d680074fde37c8dc5ea5ded171cfe5ead33a7c59e4509ad64b726b
eb32dfcb968c26d30aa8af0a6c66b004c617d2f4832449013c80752eaab0b366
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f2fe3fc8b47fadd0bdc08f66cbf28173f433d5879c1714432a5f041b169635
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f49ee6865adfa19b7a80104eeeea91a42b07dc3f9bcef001ccb142da35f4ede8
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

309 Requests

88 %HTTPS

48 %IPv6

50 Domains

76 Subdomains

59 IPs

8 Countries

4464 kBTransfer

9774 kBSize

30 Cookies

23 Outgoing links

Page URL History

Redirected requests

309 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

309
Requests

88 %
HTTPS

48 %
IPv6

50
Domains

76
Subdomains

59
IPs

8
Countries

4464 kB
Transfer

9774 kB
Size

30
Cookies

309 HTTP transactions
3 data transactions