Submitted URL: https://reurl.cc/
Effective URL: https://reurl.cc/main/en
Submission: On April 01 via api from AU — Scanned from AU

Summary

This website contacted 45 IPs in 6 countries across 32 domains to perform 258 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 304750.
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 35.185.130.121 15169 (GOOGLE)
6 104.16.87.20 13335 (CLOUDFLAR...)
2 34.149.98.30 15169 (GOOGLE)
9 142.250.4.156 15169 (GOOGLE)
20 203.75.214.136 3462 (HINET Dat...)
1 172.217.194.97 15169 (GOOGLE)
1 1 138.199.46.68 60068 (CDN77 ^_^)
1 104.17.24.14 13335 (CLOUDFLAR...)
30 13.227.254.48 16509 (AMAZON-02)
11 142.251.10.147 15169 (GOOGLE)
37 157.240.235.1 32934 (FACEBOOK)
9 74.125.200.94 15169 (GOOGLE)
1 35.244.196.223 15169 (GOOGLE)
5 74.125.24.138 15169 (GOOGLE)
6 157.240.13.35 32934 (FACEBOOK)
6 74.125.200.156 15169 (GOOGLE)
6 52.194.43.130 16509 (AMAZON-02)
1 34.95.67.231 ()
1 4 35.201.76.93 396982 (GOOGLE-CL...)
4 18.155.68.87 16509 (AMAZON-02)
1 104.16.252.4 13335 (CLOUDFLAR...)
1 172.67.150.31 13335 (CLOUDFLAR...)
1 192.0.78.135 2635 (AUTOMATTIC)
1 172.67.178.125 13335 (CLOUDFLAR...)
1 34.149.120.3 15169 (GOOGLE)
1 34.102.176.152 396982 (GOOGLE-CL...)
1 35.185.136.122 396982 (GOOGLE-CL...)
1 192.0.77.2 2635 (AUTOMATTIC)
3 74.125.130.154 15169 (GOOGLE)
5 172.217.194.157 15169 (GOOGLE)
2 157.240.8.23 32934 (FACEBOOK)
4 54.178.144.59 16509 (AMAZON-02)
4 103.132.192.30 138552 (RTBHOUSE-...)
6 12 34.96.119.68 396982 (GOOGLE-CL...)
6 6 172.104.45.159 63949 (AKAMAI-AP...)
1 74.125.130.94 15169 (GOOGLE)
5 142.251.12.94 15169 (GOOGLE)
2 2 142.251.12.157 15169 (GOOGLE)
2 35.227.249.156 15169 (GOOGLE)
2 182.161.73.129 55569 (CRITEO-AS...)
2 210.59.219.181 3462 (HINET Dat...)
4 182.161.73.145 ()
6 172.217.194.155 ()
2 74.125.130.132 ()
11 74.125.68.132 ()
1 142.251.12.132 ()
2 172.253.118.95 ()
258 45
Apex Domain
Subdomains
Transfer
51 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 136332
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 196998
fcm.holmesmind.com
c.holmesmind.com — Cisco Umbrella Rank: 103184
adcdn.holmesmind.com — Cisco Umbrella Rank: 147657
ad.holmesmind.com — Cisco Umbrella Rank: 99288
m.holmesmind.com — Cisco Umbrella Rank: 278361
243 KB
36 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 760
scontent-syd2-1.xx.fbcdn.net — Cisco Umbrella Rank: 42202
external-syd2-1.xx.fbcdn.net Failed
590 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 111
4715d7a5ce1e943f7da2ef0322d21961.safeframe.googlesyndication.com
c31505d756ab380a71150d2421f18107.safeframe.googlesyndication.com
tpc.googlesyndication.com
366 KB
20 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 79559
17c52f98-3b68-4d0a-89a5-c08001f24eed.t.ssp.hinet.net
608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net
23 KB
18 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 44243
gocm.c.appier.net — Cisco Umbrella Rank: 2331
3 KB
15 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 100
cm.g.doubleclick.net — Cisco Umbrella Rank: 228
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201
353 KB
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
617 KB
14 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 90
83 KB
10 reurl.cc
reurl.cc — Cisco Umbrella Rank: 304750
storage.reurl.cc
39 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
52 KB
6 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
127 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
4 criteo.com
bidder.criteo.com
1 KB
4 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 19777
681 B
4 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 111070
www.google.com.au — Cisco Umbrella Rank: 22017
1 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
91 KB
2 googleapis.com
fonts.googleapis.com
2 KB
2 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 74829
4 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 670
80 KB
2 re-news.tw
storage.re-news.tw
re-news.tw
32 KB
1 ampproject.org
cdn.ampproject.org
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 980
462 B
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3491
622 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5346
195 KB
1 rayskyinvest.com
www.rayskyinvest.com
41 KB
1 racingcharger.tw
img.racingcharger.tw
96 KB
1 creditcards.com.tw
creditcards.com.tw
76 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
80 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 915285
97 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
5 KB
1 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 11957
726 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
81 KB
258 32
Domain Requested by
34 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
30 cdn.holmesmind.com reurl.cc
cdn.holmesmind.com
ad.holmesmind.com
17 t.ssp.hinet.net reurl.cc
cdn.holmesmind.com
t.ssp.hinet.net
12 ad2.apx.appier.net 6 redirects reurl.cc
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
reurl.cc
tpc.googlesyndication.com
11 www.google.com reurl.cc
www.gstatic.com
www.google.com
tpc.googlesyndication.com
10 securepubads.g.doubleclick.net reurl.cc
securepubads.g.doubleclick.net
9 www.gstatic.com www.google.com
www.gstatic.com
9 pagead2.googlesyndication.com reurl.cc
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 reurl.cc 1 redirects reurl.cc
6 gocm.c.appier.net 6 redirects
6 cm-dev-poc.holmesmind.com cdn.holmesmind.com
6 www.facebook.com reurl.cc
static.xx.fbcdn.net
6 cdn.jsdelivr.net reurl.cc
5 fonts.gstatic.com www.google.com
reurl.cc
fonts.googleapis.com
5 www.google-analytics.com reurl.cc
www.googletagmanager.com
www.google-analytics.com
4 bidder.criteo.com static.criteo.net
4 prebid-asia.creativecdn.com cdn.holmesmind.com
4 ad.holmesmind.com cdn.holmesmind.com
4 adcdn.holmesmind.com cdn.holmesmind.com
4 c.holmesmind.com 1 redirects cdn.holmesmind.com
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 connect.facebook.net reurl.cc
connect.facebook.net
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
2 prebid.scupio.com cdn.holmesmind.com
2 static.criteo.net cdn.holmesmind.com
2 m.holmesmind.com cdn.holmesmind.com
2 cm.g.doubleclick.net 2 redirects
2 scontent-syd2-1.xx.fbcdn.net www.facebook.com
reurl.cc
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 storage.reurl.cc reurl.cc
1 cdn.ampproject.org securepubads.g.doubleclick.net
1 c31505d756ab380a71150d2421f18107.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 4715d7a5ce1e943f7da2ef0322d21961.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.google.com.au reurl.cc
1 17c52f98-3b68-4d0a-89a5-c08001f24eed.t.ssp.hinet.net reurl.cc
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 i0.wp.com reurl.cc
1 re-news.tw reurl.cc
1 static.wixstatic.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 img.racingcharger.tw reurl.cc
1 creditcards.com.tw reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 fcm.holmesmind.com cdn.holmesmind.com
1 storage.re-news.tw reurl.cc
1 cdnjs.cloudflare.com reurl.cc
1 cdn.rawgit.com 1 redirects
1 www.googletagmanager.com reurl.cc
0 external-syd2-1.xx.fbcdn.net Failed reurl.cc
258 54

This site contains links to these domains. Also see Links.

Domain
imgus.cc
youtils.cc
aiieyes.com
re-news.tw
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3
2023-03-23 -
2023-06-21
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh
storage.reurl.cc
GTS CA 1D4
2023-02-27 -
2023-05-28
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.t.ssp.hinet.net
2022-04-14 -
2023-04-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2
2022-05-19 -
2023-06-20
a year crt.sh
www.google.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-08 -
2023-04-08
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
storage.re-news.tw
GTS CA 1D4
2023-02-12 -
2023-05-13
3 months crt.sh
*.prnasia.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-08 -
2023-12-08
a year crt.sh
*.gbyhn.com.tw
GTS CA 1P5
2023-03-29 -
2023-06-27
3 months crt.sh
tls.automattic.com
R3
2023-03-24 -
2023-06-22
3 months crt.sh
*.rayskyinvest.com
R3
2023-03-09 -
2023-06-07
3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-05 -
2023-09-01
6 months crt.sh
re-news.tw
R3
2023-03-01 -
2023-05-30
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
*.google.com.au
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.google.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2023-03-29 -
2024-04-28
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-24 -
2023-06-18
3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA
2022-09-26 -
2023-10-27
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-09 -
2023-06-03
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-13 -
2023-06-05
3 months crt.sh

This page contains 31 frames:

Primary Page: https://reurl.cc/main/en
Frame ID: 25AC7C6036E9E2AFB49803C267B5C933
Requests: 54 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 2E2AA9AB723EBAFB565695FDD7A73CAD
Requests: 49 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 656BC34450179E6E1F57EC87A2E4148E
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 238A92A62ED442FEBC30849E832120CE
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: FB39719C7205A47CC493F8C66905F2A2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html
Frame ID: 8734974F231C1BB9BADBC64C57FDAB29
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 052CF4E3157F9A3302FB616339304B9A
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 517324D8AD9D7341458BFEE62EC96C89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9999486404371312&output=html&adk=1812271804&adf=3025194257&lmt=1680325961&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680325960992&bpp=3&bdt=1324&idt=551&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6961527917306&frm=20&pv=2&ga_vid=466576723.1680325961&ga_sid=1680325962&ga_hid=1140901553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073378&oid=2&pvsid=663630694246745&tmod=1065103896&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=576
Frame ID: 05E6B443CD304C060DF6DDCA91071767
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=5iuneqe903lq
Frame ID: DD827A17CC739A109BFF203916156B3B
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Frame ID: E5336EB9B1F959A7383739BC7A6C77E8
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: CC299431BA699FB1AD7694682B205B91
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 99A199026C90AAE8236B4509E3F809CB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Frame ID: EF77E8B6FDABEE80679CADB6264AD385
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: AEA843B546DBD70A92B4CDB5E00D85B8
Requests: 17 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Frame ID: 881CCAF562B1847DD44E0B6325C85E70
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 4687E198814F533B2542EDCDC798CB34
Requests: 17 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: 677F9A0D49C44AFA24EED87344ED804E
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 54A7DDAB971BBA0EDC70C3EAEA3A3449
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: D1D55190B772867FE1DCF94EB5528C59
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: DB9F1C95EB140E7399DA86A8ABD56F86
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C6C9BD496053319C15921043B3389D4A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: BE37139C50D8127DB636F15C320723F2
Requests: 8 HTTP requests in this frame

Frame: https://4715d7a5ce1e943f7da2ef0322d21961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: 441AF26858533E578C1C0664DE35B3AF
Requests: 1 HTTP requests in this frame

Frame: https://c31505d756ab380a71150d2421f18107.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: 6271DD90AE00E5FC1D4C791B1A20D829
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012303151529000/amp4ads-v0.mjs
Frame ID: 2E4CBBF00E0F69C59D6A0153E3F2613E
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 757D1960FDB1606FC62A18F506CFAA20
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E85D279DB59087313461DB0958A78D84
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 912C97E25918D00BE42C921947637091
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29C7D697C682ECD46EAD077D35EB5920
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012303151529000/amp4ads-v0.mjs
Frame ID: 0D3BF0E072ED19A5AAEF4BC9087E5D3F
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

URL Shortener - reurl

Page URL History Show full URLs

  1. https://reurl.cc/ HTTP 302
    https://reurl.cc/main/en Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
  • /npm/sweetalert2@([\d.]+)
  • sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

258
Requests

87 %
HTTPS

0 %
IPv6

32
Domains

54
Subdomains

45
IPs

6
Countries

4018 kB
Transfer

8831 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://reurl.cc/ HTTP 302
    https://reurl.cc/main/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js HTTP 301
  • https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
Request Chain 36
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 98
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
Request Chain 99
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=-ph_mpKZADaGwwK8S70nZA
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEH5XCMJEuOrKXHRWEGnjqm8&google_cver=1
Request Chain 153
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEPbGHN1-hmRtW74qIdKXrqY&google_cver=1
Request Chain 186
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
Request Chain 188
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
Request Chain 193
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
Request Chain 194
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA

258 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request en
reurl.cc/main/
Redirect Chain
  • https://reurl.cc/
  • https://reurl.cc/main/en
14 KB
5 KB
Document
General
Full URL
https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a794fbaadb2023fbd4b9627c15e5dd46cbfd88d6b889afa79bfac018c1af9d7b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 05:12:39 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding

Redirect headers

content-length
31
content-type
text/html; charset=utf-8
date
Sat, 01 Apr 2023 05:12:39 GMT
location
/main/en
server
nginx/1.18.0 (Ubuntu)
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/
152 KB
25 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
802933
x-jsd-version
4.3.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230028-FRA, cache-yyz4557-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46ALNH2Rk8ruOcqNVLD4hurMul%2BMI%2BvWy6%2B%2F3uBspBxui6pS%2BRzsuPGqpBybZo76DXuSBAyy8NcuMqpoL6iiL0ZXvSjm8fCv0ESOij4qhKh4WhM%2BL2LV5AIeh0UXECqavik%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7b0e56a18feda835-SYD
style.css
storage.reurl.cc/stylesheets/rwd/
2 KB
1 KB
Stylesheet
General
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:10:15 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
145
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public,max-age=28800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
918
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9999486404371312
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
d352378469bf1a7557278d791064f7dfa7d9b39e7762b0344fca2028cb8b098b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Origin
https://reurl.cc
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48339
x-xss-protection
0
server
cafe
etag
2588514286160299162
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 01 Apr 2023 05:12:40 GMT
pixel.js
reurl.cc/javascripts/
429 B
524 B
Script
General
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/main/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:39 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-1ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 31 Mar 2024 05:12:39 GMT
utag.js
t.ssp.hinet.net/
5 KB
3 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sat, 01 Apr 2023 05:22:41 GMT
js
www.googletagmanager.com/gtag/
235 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
fdbd7d1b7a9ab3237ec3d3096ddfd6e57246c21290abad11b4cd5696582074c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82154
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 01 Apr 2023 05:12:40 GMT
clipboard.min.js
cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/
Redirect Chain
  • https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js
  • https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
11 KB
4 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H3
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
286105
x-jsd-version
1.7.1
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4550-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2aa5-qeaI8MJlRinRJjDbMhGpT3WiLLY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClkhuOuvm2pyrf%2FN3%2BmUi3hU4uV7lASpfpN5DuhDTf%2F7a%2FoQtLMRqeZYzZfRm5CpfC2DQmB%2BX%2FrpM4dKdtpyClNPUYFjxFrevrz%2BuiCur3JIZRzSkS4xfZaYB7oHkYIN8nQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7b0e56aa481ba8c5-SYD

Redirect headers

date
Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
868
age
3055
x-cache
MISS, HIT
cdn-cachedat
04/01/2023 05:12:41
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
113
x-served-by
cache-fra-eddf8230071-FRA, cache-chi-kigq8000118-CHI
server
BunnyCDN-SG1-868
cdn-proxyver
1.03
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
EXPIRED
cdn-requestid
29f2c1905bc2ebff227a71d2600ebaf9
timing-allow-origin
*
cdn-requestcountrycode
AU
cdn-status
301
cdn-requestpullsuccess
True
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/
13 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7287851
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4224
last-modified
Mon, 04 May 2020 16:06:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d6a-3580"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeupUkXpOa2qOxw%2Ffx1uVvU1GMf0NZ7IqCcCnQ6MHt9f6G3jqDxFoh%2BfKg5hlztrsRXcanaMLkC%2Bmrt%2Bdufdiq7gtIdc3m2wso5UcpMQ%2BCnVo3%2FmJzlTlC7KxuqM1UK3Nyf%2Fgkav"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b0e56a448ffa974-SYD
expires
Thu, 21 Mar 2024 05:12:40 GMT
sweetalert2.all.min.js
cdn.jsdelivr.net/npm/sweetalert2@9/dist/
66 KB
18 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@9/dist/sweetalert2.all.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
9.17.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230045-FRA, cache-yyz4552-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"1080d-uB5K/9b4efMtYCfkBM9HcldmPDk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YPEZT1tsBMmKhxjFn6rsw1F8uP1xOFfiSwKPcp%2F95kiROsppUA2TsAihb0KOhJ0jGpVVjB0lJCQXY4QpeM5x8RCe24E%2F2Yw07Kmng9yZ9EZ8zuutYSKClIbGK9cGp0L4kQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7b0e56a3092fa835-SYD
FileSaver.js
reurl.cc/javascripts/
4 KB
2 KB
Script
General
Full URL
https://reurl.cc/javascripts/FileSaver.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5ad88988f5871797f8a6ae266d8cf7449aaaa85007064bf7fcc256abb80b39d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/main/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-efa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 31 Mar 2024 05:12:40 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
03e8ad03b544f04661b5c5d7608552a26d56e30968072f81ab1b58b05c5e742a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48366
x-xss-protection
0
server
cafe
etag
8805497498132641959
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 01 Apr 2023 05:12:40 GMT
aieyes_720x90_1.jpg
storage.reurl.cc/images/
24 KB
21 KB
Image
General
Full URL
https://storage.reurl.cc/images/aieyes_720x90_1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
40d0de6c923c31f8df453337e0539edfc00a4a4a02ca8fcd84282ce328a76e92

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:10:17 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 06 Feb 2023 15:10:38 GMT
age
143
vary
Accept-Encoding
content-type
image/jpeg; charset=UTF-8
cache-control
public,max-age=28800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21655
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.4.1/dist/
86 KB
31 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.4.1/dist/jquery.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3270770
x-jsd-version
3.4.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230115-FRA, cache-yyz4533-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"15851-iFI5JDUbrAtdVg/gxXgeJVbnaT0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXXzRkLzmaE%2BS7Fy6KgVIGuD3vzSJCv20F%2F%2B7n6cQeT9aqcHv0zpjq7yiIxjiqkXKXKdX%2BKkPHzF8CdGmqT2SuzgB7SvtAfKPDCTbgyX7CdrmYoyLdZM8JBaHVy8xXha%2Frc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7b0e56a258ada835-SYD
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/
59 KB
16 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3228963
x-jsd-version
4.4.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230118-FRA, cache-yyz4526-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"ea6a-s8EWxl5vBTqqtF5WGaeOwAJxpQ8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2B6P%2BzOrk5hDjEDQ5qXMYmfoH923%2Fv8MezlDLoqD3sQ9bLPjHQ7Zf%2BzWYMkRXf5nZf7MzS2gXyT%2B6nyV4vzG5UM2aeeAbP%2Bgme4Urcm6fNwEXZO9ACZ3nQIzR%2BoPq7NbZ3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7b0e56a2f925a835-SYD
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/
84 KB
32 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
433299
x-jsd-version
2.5.16
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230020-FRA, cache-yyz4542-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeLDkF7UoovqlQY%2FAeGvGdy3rfa37ZrX0FS76K5nDFZrBdE8FLwkEOPLg0Mpaw59Oae39AssA9i1fg%2B8BZM7GIaYS%2B7hZGs8BLxNEhCDLdAXan7w6X5UbfmiRDTIaxpwHZc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7b0e56a3092ca835-SYD
init.js
cdn.holmesmind.com/js/
17 KB
17 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53df1526fdc2b4f441555de54276736c9e11bca04fefa66d67a1c6185fcb24d2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
NmvnCETKmHaa44I3_nDmZEw6htrjAo1Z
date
Sat, 01 Apr 2023 05:12:36 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:30 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
5
x-amz-server-side-encryption
AES256
etag
"5f199ebe685ea58160019a49b75a72c9"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
16908
x-amz-cf-id
M5asrP2cQ_zbEpzoQYl4i0oXj_70o8uUOyG2YXLtlj-nNVEgN67G5w==
vue-qrcode.min.js
reurl.cc/javascripts/
18 KB
7 KB
Script
General
Full URL
https://reurl.cc/javascripts/vue-qrcode.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0165c15a2bedf362f02f1dd1835b5c625faa48d7c0807de80cc4dd3ca40de809

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/main/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-46e9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 31 Mar 2024 05:12:40 GMT
api.js
www.google.com/recaptcha/
852 B
879 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
GSE /
Resource Hash
ee49cb23b0d017ee581357ad7e62cd125a41509c1c0d1543d731f48c6022e66d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
559
x-xss-protection
1; mode=block
expires
Sat, 01 Apr 2023 05:12:40 GMT
main.js
reurl.cc/javascripts/
3 KB
1 KB
Script
General
Full URL
https://reurl.cc/javascripts/main.js?v=15
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f49ee6865adfa19b7a80104eeeea91a42b07dc3f9bcef001ccb142da35f4ede8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/main/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:40 GMT
content-encoding
gzip
last-modified
Sat, 01 Oct 2022 01:29:32 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"633797fc-bce"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 31 Mar 2024 05:12:40 GMT
renews.js
reurl.cc/javascripts/
412 B
493 B
Script
General
Full URL
https://reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/main/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-19c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 31 Mar 2024 05:12:40 GMT
ga2.js
reurl.cc/javascripts/
536 B
550 B
Script
General
Full URL
https://reurl.cc/javascripts/ga2.js?v=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/main/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-218"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 31 Mar 2024 05:12:40 GMT
fbevents.js
connect.facebook.net/en_US/
107 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 01 Apr 2023 05:12:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27909
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
V3ASnbMn7JtHkHELfS2czxBpGiEXCuufMW7PJ4FvwtVFvZ5Wood7ATxeNc98ryT+q6JyAssnQicu08JEAhoULA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/
407 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
db20e355eec38641464097836c909673eebdadf82ace277df50847eea9e060b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Origin
https://reurl.cc
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 09:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166464
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 00:02:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Mar 2024 09:21:29 GMT
feeds
storage.re-news.tw/
7 KB
8 KB
XHR
General
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
2f6c4eef1c3efc8673cf409110ca75fe96ad43a3d4a7fa049a41872b30186c38

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1d45-dctewKpkXFWMkvGTxu5Exy6myrQ"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7493
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 01 Apr 2023 04:31:18 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
2483
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sat, 01 Apr 2023 06:31:18 GMT
page.php
www.facebook.com/plugins/ Frame 2E2A
97 KB
27 KB
Document
General
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-sin6.facebook.com
Software
/
Resource Hash
38bf6598faa4b9c7c37f9e8005ea21f722b9517fbbe2b0689f9ca00ad309d47c
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 05:12:41 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
ghu+EK1UnsdCbVARn9eMUAMa3EeNGqtlxyJodnpLaJm1bkcDo4SbM4twmrz9sQG4MJ+BMtynrOjgBKA/OcSDtA==
x-fb-rlafr
0
x-xss-protection
0
capmapping.htm
cdn.holmesmind.com/js/ Frame 656B
7 KB
8 KB
Document
General
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
50
content-length
7381
content-type
text/html
date
Sat, 01 Apr 2023 05:11:57 GMT
etag
"7043648f76be8783efb738bc06c56fa0"
last-modified
Fri, 31 Mar 2023 15:21:45 GMT
server
AmazonS3
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
x-amz-cf-id
vc64Qp71wr0zS7dpxSFoiWVIEcmI9nk7bCnu9AACe-1d21gq3rdmyA==
x-amz-cf-pop
SIN52-C3
x-amz-server-side-encryption
AES256
x-amz-version-id
4BhfENuGUTP_rjuxb32PLd6Fa6sNMJ1C
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/
662 B
1 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
RT47g4fp1acSBH2K._w2Z6.lk4UvPqm6
date
Sat, 01 Apr 2023 05:12:40 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
6
x-amz-server-side-encryption
AES256
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
tH4uP7CO1ayRFDTF_112Wyi34ciTxXPycPhHiJR9XhzRz8aq9bsVnw==
presetfn.js
cdn.holmesmind.com/js/ Frame 238A
15 KB
16 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
qiPqCGDTpGddpaFLW1o7mHS6b8EM0L6n
date
Sat, 01 Apr 2023 05:12:40 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:28 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
12
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
FecNmo3GUU-IEJ1DTb8inYxj4HEbrpGngS81hEdvTcgF23DTAB1Vgw==
presetfn.js
cdn.holmesmind.com/js/ Frame FB39
15 KB
16 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
qiPqCGDTpGddpaFLW1o7mHS6b8EM0L6n
date
Sat, 01 Apr 2023 05:12:40 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:28 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
12
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
9Ignv4SRtKh9voH-JA0-jCxKXGUCAe5Q6U-3vCLJdqc9dzTJ7cvLvQ==
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/
350 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9999486404371312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
adfdffd27a3849c62169200dc83c9d8e535613e960adf14566f65ab109d9678b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119834
x-xss-protection
0
server
cafe
etag
5457128697396451250
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 01 Apr 2023 05:12:41 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/ Frame 8734
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9999486404371312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
7872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 03:01:29 GMT
etag
2378337311435320485
expires
Sat, 15 Apr 2023 03:01:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1675200226052423
connect.facebook.net/signals/config/
150 KB
41 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.100&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
9c9f87285251bbcc9a701bc74e755b0c48e1321efdccafd33c28896b40aa3ff3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 01 Apr 2023 05:12:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
42315
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
WuF5pZtocRF8jBNcWNzSlvyU0LvY+Zk1kNi8mGuHr3JDDdgLIetJ7EJ+sYKEW42CFPCm1xyA1oc2GMg8YWOJKA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
fp
cm-dev-poc.holmesmind.com/ Frame 052C
0
218 B
Document
General
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 05:12:41 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 5173
332 B
482 B
Document
General
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 05:12:47 GMT
referrer-policy
no-referrer
utag.js
t.ssp.hinet.net/ Frame 656B
5 KB
3 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sat, 01 Apr 2023 05:22:41 GMT
cm
c.holmesmind.com/ Frame 656B
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
508 B
Image
General
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Sat, 01 Apr 2023 05:12:41 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame 656B
0
217 B
Image
General
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
collect
www.google-analytics.com/g/
0
166 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je33t0&_p=1140901553&cid=466576723.1680325961&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680325961&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fmain%2Fen&dt=URL%20Shortener%20-%20reurl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 05:12:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 238A
536 B
632 B
Script
General
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13858
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-87.sin52.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
051141599f128f399f2cd53514ee1c28ba9d269ce1b065ba81dcc4b11a5d3b02

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:03:06 GMT
content-encoding
gzip
via
1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
575
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
JN1tDgL081tTmbfXvg4Pr8CKXRYeGMjpQ6h2gRbjz83YkXDbofm-dQ==
Preset.js
adcdn.holmesmind.com/adserver/ Frame FB39
606 B
647 B
Script
General
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13860
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-87.sin52.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e830fb2cd84ed7cc6eb54b4f7b682ddc8bf7dfe2bc02c3662631f0ee9abda2b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:03:06 GMT
content-encoding
gzip
via
1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
575
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
GLkESN1IGoY5ICQQLKt1mLFrTpJfwBce3WzZ7svU5kqev9qJOCZpOg==
Dr_Pradeep_Dr_Arika.jpg
mma.prnasia.com/media2/2045071/
96 KB
97 KB
Image
General
Full URL
https://mma.prnasia.com/media2/2045071/Dr_Pradeep_Dr_Arika.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.252.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e6308b7ee169eb29791819a3e85f47fc7517fa45afa6d031b147a0d5bae2b25e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
cf-cache-status
HIT
age
34889
x-powered-by
ASP.NET
server-timing
intid;desc=efcd6de5c39a4568
content-length
98284
cf-bgj
h2pri
last-modified
Fri, 31 Mar 2023 19:31:11 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=1
accept-ranges
bytes
cf-ray
7b0e56aaf864a820-SYD
access-control-allow-headers
Content-Type
expires
Fri, 31 Mar 2023 19:31:12 GMT
1680269913-5ee6808f8b90abcba2439ba5842c4a5c-840x525.jpg
img.gbyhn.com.tw/2023/03/
79 KB
80 KB
Image
General
Full URL
https://img.gbyhn.com.tw/2023/03/1680269913-5ee6808f8b90abcba2439ba5842c4a5c-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.150.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b13cf50d039aa8a07ee03865eb8d18b5d9a026126454714d7934ecbc444effd9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15285
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
81264
last-modified
Fri, 31 Mar 2023 13:38:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2Z2HA0K3EJauZXKcOUoNcDROmfahTQisif%2FSfOLCdau9xdJ1DaQaxtIA%2Fi1Lr7hIHYUpJA0o%2Bx%2FsDt3p6vhfrN1XToQb3gQwamre7AW0Kn0zWHJNKYdBSUPxzGtrh%2ByI%2FOE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7b0e56ab5dea5581-SYD
expires
Fri, 07 Apr 2023 13:41:25 GMT
2021-%E7%8E%89%E5%B1%B1%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2021/02/
75 KB
76 KB
Image
General
Full URL
https://creditcards.com.tw/wp-content/uploads/2021/02/2021-%E7%8E%89%E5%B1%B1%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.135 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ed4a43e0f2d9c8c6f9f81f98134586752936ce086697ae39d5ff849df237ca75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
2.syd _atomic_bur BYPASS
content-length
76986
x-nc
HIT bur 8
last-modified
Fri, 04 Feb 2022 06:55:42 GMT
server
nginx
etag
"351d22c20a1d2ac4"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:55:42 GMT
2023032913521492.jpg
img.racingcharger.tw/wp-content/uploads/
96 KB
96 KB
Image
General
Full URL
https://img.racingcharger.tw/wp-content/uploads/2023032913521492.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.178.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4db0e1f96890dfbbbfd8f552577cac8d05ad77a021d1b7a2d14da1e0ff02ee9a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 13:52:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2913
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nc92pHVldGArWMfuhPnBLDOonOUDkM7D7N%2BlRHIIXjy92Np4uyLR68xYluMRD0KT6t5I0MtL%2B3TrIUN2sI9qBQKUTeOCFfswkJmYc3lb1bu5eUJGPohF5Sm4jeNn6yyMhCy9Zb2Hqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
7b0e56ac6b7ca962-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
98176
%E3%80%902023%E5%B9%B4-3_4-%E6%9C%88%E9%99%90%E6%99%82%E6%B4%BB%E5%8B%95%E3%80%91%E6%B4%BE%E7%B6%B2%E5%90%88%E7%B4%84%E5%AF%B5%E7%B2%89%E6%B4%BB%E5%8B%95-750x375.jpg
www.rayskyinvest.com/wp-content/uploads/2023/03/
41 KB
41 KB
Image
General
Full URL
https://www.rayskyinvest.com/wp-content/uploads/2023/03/%E3%80%902023%E5%B9%B4-3_4-%E6%9C%88%E9%99%90%E6%99%82%E6%B4%BB%E5%8B%95%E3%80%91%E6%B4%BE%E7%B6%B2%E5%90%88%E7%B4%84%E5%AF%B5%E7%B2%89%E6%B4%BB%E5%8B%95-750x375.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.149.120.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
3.120.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
062846e8d28e4b414ed35cb7885ff381f020faafaa66fd379cf9191566f81827

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Sat, 01 Apr 2023 05:12:41 GMT
expires
Sat, 30 Mar 2024 15:16:22 GMT
last-modified
Wed, 22 Mar 2023 14:17:42 GMT
server
nginx
etag
"641b0e06-a41c"
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
42012
x-cdn-c
all
x-sg-cdn
1
file.png
static.wixstatic.com/media/08c74d_3d9ddf04531043dcb39d78ecb7e101c5~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/
194 KB
195 KB
Image
General
Full URL
https://static.wixstatic.com/media/08c74d_3d9ddf04531043dcb39d78ecb7e101c5~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
a66ba6dda43ebd256dfc3de9235b98ec5b0c5e1274868d3d38f333679bb2ef18

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 07:41:49 GMT
via
1.1 google
server
openresty/1.21.4.1
age
1632652
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199163
wix-tracer
2MwzD7yZ6LtbaBhyslbk5cABy1w
x-seen-by
image-manipulator-5fdcdfd696-hkqk2
renews-title1.png
re-news.tw/images/
24 KB
24 KB
Image
General
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.136.122 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
122.136.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
last-modified
Sun, 28 Nov 2021 04:19:19 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"61a30347-5fad"
content-length
24493
content-type
image/png
1672766450-7-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/01/
621 KB
622 KB
Image
General
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg?fit=2560%2C1920&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
8377e96dd5a60df39397d22401247e3e3c51f9121019c3908cef680ab52603d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc
HIT syd 1
date
Sat, 01 Apr 2023 05:12:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Jan 2023 08:56:02 GMT
server
nginx
etag
"a3380a855d512ea6"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg>; rel="canonical"
content-length
636186
expires
Wed, 08 Jan 2025 20:56:02 GMT
/
t.ssp.hinet.net/
37 B
401 B
XHR
General
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
23da6bca460f1bd205972b4ba6110fb6c31e2731b41cf59cdf756a629dd19903
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
collect
www.google-analytics.com/j/
4 B
94 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1140901553&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=2116098208&gjid=1552120203&cid=466576723.1680325961&tid=UA-102456694-1&_gid=1836387400.1680325961&_r=1&_slc=1&z=127882741
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 05:12:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
131 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1140901553&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=0&el=MTczLjI0NS4yMDkuMTQx&ev=1&_u=IADAAEABAAAAACAAI~&jid=&gjid=&cid=466576723.1680325961&tid=UA-102456694-1&_gid=1836387400.1680325961&z=2123439524
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 03:47:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5087
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
inferredevents.js
connect.facebook.net/signals/plugins/
72 KB
22 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 01 Apr 2023 05:12:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21972
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
U0Q5iZqtsk3afvQzQGa/MXAcbdZx00uOIT56g5GJWetEhzOkSXjeKgr6wrfJ/tU4FI3O9ap7zIVdPsNHxMEB4w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
t.ssp.hinet.net/ Frame 656B
37 B
408 B
XHR
General
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1428e1bc09838ba1f051526c85ed869c50c04902807843084717a21cf830132e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/
30 B
271 B
XHR
General
Full URL
https://t.ssp.hinet.net/emome2?u=17c52f98-3b68-4d0a-89a5-c08001f24eed
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
cookie.js
partner.googleadservices.com/gampad/
383 B
462 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-9999486404371312
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
7f05353baa3e2dfc0ef79f7482ac4cd6e8af100ac91d9e4f99acb7d481836d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-expand-lg%20navbar-dark%20bg-reurl%20fixed-top%20nav-no-padding&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 05:12:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 05E6
603 B
239 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9999486404371312&output=html&adk=1812271804&adf=3025194257&lmt=1680325961&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680325960992&bpp=3&bdt=1324&idt=551&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6961527917306&frm=20&pv=2&ga_vid=466576723.1680325961&ga_sid=1680325962&ga_hid=1140901553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073378&oid=2&pvsid=663630694246745&tmod=1065103896&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=576
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 05:12:41 GMT
expires
Sat, 01 Apr 2023 05:12:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/
8 B
348 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-102456694-1&cid=466576723.1680325961&jid=2116098208&gjid=1552120203&_gid=1836387400.1680325961&_u=IADAAEAAAAAAACAAI~&z=923066155
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 01 Apr 2023 05:12:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
104 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fmain%2Fen&rl=&if=false&ts=1680325961605&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1680325961604.1412548290&it=1680325961027&coo=false&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 01 Apr 2023 05:12:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
cTbBGs5I5HX.css
static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/ Frame 2E2A
20 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/cTbBGs5I5HX.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
4883c68c0f9c35d5c627c1c8e809b25d40dce3b0af37ac346c6587e8cd69920d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
N3D0ypMmq1H1d+3zpLnv1g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5049
x-fb-rlafr
0
x-fb-debug
ihQ11wiehAuVlcKyS5W0wtmiES/mrx5ZYAi4HPg4vt3C6qSaJ19DfNQ6dusjgnpYpdVAZHlyqJnD7C4IkikSRg==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 30 Mar 2024 17:34:43 GMT
k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 2E2A
2 KB
1 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q6bCky1+00PrRbx3auADnQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
833
x-fb-rlafr
0
x-fb-debug
Jm7JzfUYWxV1pstMP6Qh/CJDsMd/5B4XjfgYWqSR7JFM4LkfZ+wC9vAggBCcSIdNkmcEnDKHp/2moWs4DgHXTg==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 17 Mar 2024 22:12:36 GMT
XMHgiwdrM2B.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame 2E2A
33 KB
7 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/XMHgiwdrM2B.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
43cef17a32d6403565654fc0972e73949f5cdb2c7e51830898b0738078f89f56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
x1EIOauApyTRaW/nXejV3Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6475
x-fb-rlafr
0
x-fb-debug
orHCeP6sZ73YwI8O764tDrSmsMDhWTu1ftMDtR70qi6B/MpSAYC6p2Ugx16Ce8uzhCnMIUI3BFVDBgRhJA1suQ==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Mar 2024 17:42:14 GMT
slynO9X9Ave.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/ Frame 2E2A
18 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/slynO9X9Ave.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
a79ad475bdce90530467569d41f8319aea76030c5a4a52b30da61e2cd1d4d95a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Skj8CquJcAqvq7GvnFMiCg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4754
x-fb-rlafr
0
x-fb-debug
K9BsAZDem3194XrX9G+JMQfO5YLlCFpZQtuJ9oZsLLar1yJdL7Z/aIiK8gKHmOzfbgMI3Cgu1ldMTN9bPAI1zA==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 30 Mar 2024 17:36:08 GMT
B3eazO-7VSi.js
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 2E2A
300 KB
79 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
87bae036cec691ad5dae2492440a08fe7eb4efbea0999e1e0d04f31b09218afa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3uvMDzNNpcr1XPHhWpBWXA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
81159
x-fb-rlafr
0
x-fb-debug
uCov0fpAblUHSB+pwFFe4PYojh7f/MP0btZjkc6PkHsMIbYW4NVBw45klOSGAVjxZOPRiEptBz/HKQvhRjvVdA==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 30 Mar 2024 23:15:09 GMT
cm
t.ssp.hinet.net/
0
187 B
XHR
General
Full URL
https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=17c52f98-3b68-4d0a-89a5-c08001f24eed
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
17c52f98-3b68-4d0a-89a5-c08001f24eed.t.ssp.hinet.net/
0
79 B
Image
General
Full URL
https://17c52f98-3b68-4d0a-89a5-c08001f24eed.t.ssp.hinet.net/pixel?bd=17c52f98-3b68-4d0a-89a5-c08001f24eed&t=a546ca&referrer=%25%25%20referrer%20%25%25
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
sN8pzo7zgao.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 2E2A
38 KB
12 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/sN8pzo7zgao.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
b1276adca00b19d123d3829d7657445758c774ef42342e8184e844c691af0ef7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
A+MHdwa4tQA5oSoFTbkTkQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12398
x-fb-rlafr
0
x-fb-debug
VUI3AF555fzWdRyE3FZ5OH7WK0PqQE1+YleY5UMRNv61XA9efrwKPiL+Syr7gc2vnE6kWlETmAg/32PPhrYYfQ==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 30 Mar 2024 00:11:46 GMT
x9ob8vCc1UZ.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 2E2A
53 KB
16 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/x9ob8vCc1UZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
d422135203d1e49c401349c8dc9372dfa93398de8c8aa0b191cb202871b05ce7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
x5WYKAb4xvJQC2ZYjHeJ6w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16693
x-fb-rlafr
0
x-fb-debug
iPcOEcdvtFiPy237hRYI0mHyngn75Y7Zku2DFNiIiVH8pAfEn7Z5hoL/eOdvDOeJXzRJ7JR95P5/kud1BKbudQ==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 30 Mar 2024 00:11:46 GMT
xdbAilr6t8l.js
static.xx.fbcdn.net/rsrc.php/v3iLl54/yN/l/en_GB/ Frame 2E2A
36 KB
12 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yN/l/en_GB/xdbAilr6t8l.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
291ce914cec30326938e8ac7c3dfd589fd4b43aaabc4f3e9e0ca080451e5d8fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZXwLLV9DghbhOLccK8FomQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11637
x-fb-rlafr
0
x-fb-debug
UOxPSiBljqK4YmuNpj/LhOOnsVdErYzPmLI0/D0HVPgy0F59WdGw/eDKSd90RJwIB3SyFqVnZ2Ix8YD+XUyn8w==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 30 Mar 2024 19:33:45 GMT
ojoHf9ItJgz.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 2E2A
13 KB
5 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/ojoHf9ItJgz.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
aa110663d6600fd847987ed2d5046deea4e65e27183e20c76a12d56206c86a57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uEx2jrC6dV45WuFXvcdqqQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4628
x-fb-rlafr
0
x-fb-debug
AfsTEN00nuld6f61NVTnnQrRgAN/tY9AtkAr3+RtpcyqDabMOh5DWJX6AFk/vqHSOlFQHaZ6JD0kTwKXyM8cRg==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Mar 2024 15:52:24 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 2E2A
507 B
487 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-rlafr
0
x-fb-debug
B4BMpDzMIqTrbnP2XK7ttXJjF80CjY4H0jorCDSFviPgbzL+ab3KezlWrsY0GgRRnmiT3vaSjWCHJ0EQKqIOXg==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 21 Mar 2024 20:46:07 GMT
9sOywqpYhAg.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame 2E2A
188 KB
54 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/9sOywqpYhAg.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
36852a83c051c63be0effce8c3d1cf9d2c9af7fde62fa4e6a544848abbb7d0fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cSUPkLxW5ZD1LhGB8zSpoA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
55503
x-fb-rlafr
0
x-fb-debug
iYkqy3UOFhnkaT4EBX2UZ9DJrzFgaIvESJW38jyUVBo2rtFR5RIuoU2Pm1dBhXabyDeQwJ9v7BlAsJzpyvvDXg==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 30 Mar 2024 21:18:54 GMT
GG1Y0sYc7My.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 2E2A
5 KB
2 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
koakLGY1v5R2GWTxsSnA3g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1615
x-fb-rlafr
0
x-fb-debug
Lt6mXEMpxZRafbmAzQK6F0f5Stj1ho5H2sgwkWQG5o86EARyvBY1nzhN2SbkLnaH0GELsco1ZOZ23NGwm6Y3hQ==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 21 Mar 2024 20:41:24 GMT
hIjOy7dOACs.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 2E2A
20 KB
6 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/hIjOy7dOACs.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
cbe3f8abaa9c986c3f25d246fea53f686a6086d15cc12cb2ac5e6c1e2940e436
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
OhucS/ylDi7X8Jmr3OiEFw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5928
x-fb-rlafr
0
x-fb-debug
TfGPlJBWE2Tb2Wv1/9eJvEXW2aphZOAKqgrw3cdfoRAOWrmu8GjJ7r7ArkGsYWQZbyOtmsDRZqRy36wRdXCXNw==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 30 Mar 2024 17:34:43 GMT
UIbhq_otiob.js
static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/ Frame 2E2A
70 KB
21 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
5e137b703d3b95300c7e6e02ecd911eb480291a018794e40d0e5443dbd23e6a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3oOhtKqZMFlIo76hdsg2Fw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20902
x-fb-rlafr
0
x-fb-debug
kZmaVwcrVLQvYXMmliOo4Oj9lxEmdgGpDQEl4Zbn6Kzz/1ig3QkNGCEt37p8B8nCUnBMuPuhS+VFFDAjRnRtNg==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 27 Mar 2024 09:43:53 GMT
Wtl6tMxz2hH.js
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 2E2A
27 KB
9 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/Wtl6tMxz2hH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
d2429dfbe741449bf01449b46bbf212b18f464038995e771ca9a4bb1e0925610
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zreoT9hZjaMMYMRJ1AEzzg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8978
x-fb-rlafr
0
x-fb-debug
uqf7SrEFgquIAhzwhellHcKYugI+eIe4lKvCZRcb2Yy0uWcYqvsu7n7VA77OlmteEm41yuF1sHzI0EHEYaHo7w==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 21 Mar 2024 20:12:57 GMT
1_Vl38oy0lQ.js
static.xx.fbcdn.net/rsrc.php/v3impS4/yA/l/en_GB/ Frame 2E2A
327 KB
77 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3impS4/yA/l/en_GB/1_Vl38oy0lQ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
112a2742c1310aa69aeb3df0e402ea27ac342ce3c8db1d3850f53918af88fc5e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PLwFzLy5A7zWIWnHgsJZKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78442
x-fb-rlafr
0
x-fb-debug
mshWOjWcUIplXj6ilhmoGPh/2wxLB+9Q91NOOGVzibtJjX6ufpkP4JRL6zvEQjbykkJkVkuvrQix/XbFZVvg9Q==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 27 Mar 2024 19:46:57 GMT
dKGK0McILid.js
static.xx.fbcdn.net/rsrc.php/v3i30-4/yR/l/en_GB/ Frame 2E2A
408 KB
96 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i30-4/yR/l/en_GB/dKGK0McILid.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
20b9f77fb50c9a36b849adb3ff16036ae5cf0dc972ed7861a122de20d8b08487
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FIDgkDHR2kp2eF9oVexZ8A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
98247
x-fb-rlafr
0
x-fb-debug
kIO+y4N9aqHPohMGeQ7F+BEy334WaPj+vNzfTZfyOIFr1HNZvtC4NaOIythKIC0DG3nPKtI5vLcEQQCkcd/DKw==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 22 Mar 2024 04:39:43 GMT
lYejkzyV906.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 2E2A
723 B
580 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/lYejkzyV906.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
ff7752702f4c4c362f1eaec396e6aac8a0aadf3def7dc0817e558c60ce20f0c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
naOE1m8tmTZ0fVAYNsTRiA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
387
x-fb-rlafr
0
x-fb-debug
b6+uJE6fAzC8G2qsZK/mHj83z3ZvTSB9dTBaQ8KDfvH56lbg7ANmpfy+L2VMC63d3uVf4RdYzDT7MjKUPGDXmg==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 23 Mar 2024 01:33:22 GMT
i2lDptKz9Lv.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 2E2A
11 KB
4 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/i2lDptKz9Lv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
a78bd4eebe3bf86745ee9faff5d5927cd9fca6f69b074e586b66fba4df1d5684
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
c5gK3vcR/7DKDWQlkSHChg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3817
x-fb-rlafr
0
x-fb-debug
l+pYEaFfju8qgbPhvXdN1cvY3ViylYFEppBq0faO6dUTvnG3CwCrISnDcumD6egfbwDM9I/PwMj7MmamKjzKPQ==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 30 Mar 2024 17:36:08 GMT
Y3wYBvmmno-.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 2E2A
27 KB
7 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/Y3wYBvmmno-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
9899b870f85d5de6a82cb2d7b70afea5248f6854ee20ccdd2aab5a34c15d2a6a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
UOpXoxg48CU6LSVbbXc53A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7110
x-fb-rlafr
0
x-fb-debug
btHgWPgl/DMDJ9eUEUhFsZCHXCQqTThfEDuI3QGpLtweCFxg/jitPAohood+yJhvCAg5DRip8Cl8g6rx6rlZGQ==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 30 Mar 2024 18:01:33 GMT
UN3_PbR-HJ4.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 2E2A
21 KB
7 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/UN3_PbR-HJ4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
2e239a7ef6b367100ceb17647f6057f4b9db339e29e8e0778151df9ca5e07e15
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3uuABC/lnX9uyekO3Kn9bg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7104
x-fb-rlafr
0
x-fb-debug
nCcjrzJHjvocVyd832UmeIpjqsf3q2btxy5/TWh1IvAqndhxshTu6840fneXzkWQoipSRwXPoNzXLQKC9Zix+A==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 27 Mar 2024 09:43:17 GMT
7TQpq0fzfu4.js
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 2E2A
2 KB
976 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
TLChQoDhUYzpJFadDZTs1A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
782
x-fb-rlafr
0
x-fb-debug
5mswcbNCZkvSCaXdzsHI8kbpilIbNYUfh8lQeq8gWl3+yjjS3/xOfAjpXhEt/5hfxnRHj+eLxs9KCQyojh4+/g==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 21 Mar 2024 20:46:06 GMT
h8ulkmpky8f.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 2E2A
55 KB
15 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lbhbphR1BNPxW6RqDJiiow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15174
x-fb-rlafr
0
x-fb-debug
hMaRyRMCUZOMb/9Dmzq7Mj8OtU582aciQInVIPHdz1bb22ROv3LS8o1/j9QrDT+qbx2zBczMtBodMwrVUwMbwQ==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 19 Mar 2024 17:02:47 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent-syd2-1.xx.fbcdn.net/v/t39.30808-6/ Frame 2E2A
16 KB
17 KB
Image
General
Full URL
https://scontent-syd2-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=dd9801&_nc_ohc=tqs3xfZM5UkAX-5FGu0&_nc_ht=scontent-syd2-1.xx&edm=ADwHzz8EAAAA&oh=00_AfB4iCg8gVCPDyt7tcmFBe_qqx4aAZ-c0_6CXpdZt7WXew&oe=642D4B85
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-haystack-needlechecksum
1290236993
date
Sat, 01 Apr 2023 05:12:43 GMT
x-fb-trip-id
1527350943
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Fri, 13 Jan 2023 04:15:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1433450679
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2910780274
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
16853
305964663_450890893727816_1742559653774706626_n.jpg
scontent-syd2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 2E2A
1 KB
1 KB
Image
General
Full URL
https://scontent-syd2-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=oqGaVj6vO6EAX_Ru9d2&_nc_ht=scontent-syd2-1.xx&edm=ADwHzz8EAAAA&oh=00_AfBRfUyYWL7ZAIcgV3VjcKi5pSPqtseAbuBddn0xWQLOOQ&oe=642C0B15
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-haystack-needlechecksum
760809244
date
Sat, 01 Apr 2023 05:12:43 GMT
x-fb-trip-id
1527350943
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2540016234
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1345
ads.js
ad.holmesmind.com/adserver/ Frame 238A
2 KB
988 B
Script
General
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13858&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=324&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.144.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-144-59.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cb71d4020387c1cb7d70bc49ae11783f47a1bf619bb60ddf93855ba73378e68f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 238A
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
wZkRmrxS7AFmMQdw8xTuiDflqCV6fwem
date
Sat, 01 Apr 2023 05:11:58 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:47 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
55
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
mopY3AAhHkeKRnj1O16wDWpeKAhadorFgIYDaWVs708zvZ3AH11M5Q==
ads.js
ad.holmesmind.com/adserver/ Frame FB39
2 KB
1002 B
Script
General
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13860&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=693&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.144.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-144-59.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
30c1a1f1fc5c307021602584a7bfe5af655580484516b0f0bac662a2974ba8b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 01 Apr 2023 05:12:42 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame FB39
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
wZkRmrxS7AFmMQdw8xTuiDflqCV6fwem
date
Sat, 01 Apr 2023 05:11:58 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:47 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
55
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
oXdjvyIrltrs3Z-ovqrd2MFDAE-FBnryC193KQSCGwJXd-odaDTQTg==
appierV2.js
cdn.holmesmind.com/js/ Frame FB39
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
PKLNBg42CeVg.VDXi3AZLFhPiGQZ2WdG
date
Sat, 01 Apr 2023 05:12:01 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:38 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
41
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
2zsbhC8aIlo9H4oni5PTlGFsifqK9YINFAM6cnUfQQIugDs_epl1_A==
anchor
www.google.com/recaptcha/api2/ Frame DD82
48 KB
27 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=5iuneqe903lq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
GSE /
Resource Hash
1380c84741adda7370ca6a12cdf5b945c5d09c3fdb22bb72de2140b1f1e69aa9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JJfouij3Q_PjE1Bn9J8Y7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
27125
content-security-policy
script-src 'report-sample' 'nonce-JJfouij3Q_PjE1Bn9J8Y7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 05:12:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
utag.js
t.ssp.hinet.net/ Frame 238A
5 KB
3 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sat, 01 Apr 2023 05:22:42 GMT
utag.js
t.ssp.hinet.net/ Frame FB39
5 KB
3 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sat, 01 Apr 2023 05:22:42 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 238A
0
170 B
XHR
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 01 Apr 2023 05:12:42 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame FB39
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
2 B
169 B
XHR
General
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:43 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sat, 01 Apr 2023 05:12:43 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame FB39
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=-ph_mpKZADaGwwK8S70nZA
2 B
139 B
XHR
General
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=-ph_mpKZADaGwwK8S70nZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:43 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sat, 01 Apr 2023 05:12:43 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=-ph_mpKZADaGwwK8S70nZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame FB39
0
171 B
XHR
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 01 Apr 2023 05:12:42 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
ga-audiences
www.google.com/ads/
42 B
283 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102456694-1&cid=466576723.1680325961&jid=2116098208&_u=IADAAEAAAAAAACAAI~&z=1963549756
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 05:12:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102456694-1&cid=466576723.1680325961&jid=2116098208&_u=IADAAEAAAAAAACAAI~&z=1963549756
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 05:12:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame DD82
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=5iuneqe903lq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 09:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 00:02:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Mar 2024 09:19:10 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame DD82
407 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=5iuneqe903lq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
db20e355eec38641464097836c909673eebdadf82ace277df50847eea9e060b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 09:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166464
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 00:02:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Mar 2024 09:21:29 GMT
/
t.ssp.hinet.net/ Frame 238A
36 B
399 B
XHR
General
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
81fe88c32c463440c159b3411c5aa3dca223647b1a59a82ad63a0548526946c0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:42 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
drawV2.js
cdn.holmesmind.com/js/ Frame FB39
10 KB
11 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13860&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=693&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
TEiUgy_6oU8A9GzAEdY745kcECYdffgo
date
Sat, 01 Apr 2023 05:11:59 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:20:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
56
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
0iuDTL7FFTqDdlbMiJZfvJndgBltftmZTfoNki-ONGgk6qgE3QEcUg==
drawV2.js
cdn.holmesmind.com/js/ Frame 238A
10 KB
11 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13858&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=324&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
TEiUgy_6oU8A9GzAEdY745kcECYdffgo
date
Sat, 01 Apr 2023 05:11:59 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:20:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
56
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
TL02UfJXljNopjh__i9gTqKRKjaPcfwXazsU5SZAwCM9c705n9o-zQ==
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 2E2A
573 B
625 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/cTbBGs5I5HX.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/cTbBGs5I5HX.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:43 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
1OhoGxQQSuEQieWAa7j+NRL1WFkJUqk3c0cpJMCDZBp7VL9EUXUoeysCqyQV8h3n1mi1JqUmLAwPd6JgsYN0FQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Mar 2024 19:40:33 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 2E2A
98 KB
23 KB
XHR
General
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5ZKdwnU14E9kbxS0oG3S0H8-0KU3mwkE5G0zE5W0HUvw4Jwp8ow46wbS1bwzwqo2Yw&__csr=&__req=1&__hs=19448.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=MODERATE&__rev=1007227415&__s=%3A%3Asqfnw0&__hsi=7216945049755256630&__comet_req=0&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-sin6.facebook.com
Software
/
Resource Hash
0bf3b8bf5d162d75b078317a20d10ab6c4b9ba1b9d5347cb367d0cc28d1ef264
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
DPKl66TqxxyAGj8filaai3
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
198387
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Apr 2023 05:12:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
XCN/m4av60CHbakzQTAbs63vmeI90XZYaqvhfdPBW40LPTjQua1lFJfVsxJMKED1KgDEUn7janCVe0D8sGONnA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame 2E2A
907 B
1 KB
XHR
General
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-sin6.facebook.com
Software
/
Resource Hash
4017c8e6cb5b33e0d5426a26acc7b6a143ab5604bfb40790b6f5f44972882110
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
DPKl66TqxxyAGj8filaai3
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
198387
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Apr 2023 05:12:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
3NhBa+ll79H7PbAqNTxhzDShfDmM3HCqaPiocBtfFRaG0sNVRhQ7vpKBsbc2LbC2CocVZIDU+0yIbk+u5Hk8mA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 2E2A
907 B
646 B
XHR
General
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-sin6.facebook.com
Software
/
Resource Hash
c2cf5c25d11c6ec293d0208f89d3a9ae98afdbaece2d151c8db460f81f6d1629
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
DPKl66TqxxyAGj8filaai3
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
198387
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 01 Apr 2023 05:12:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
4XS9JM3a3M9/qY+0enIv/VdybuMshtuiosv/pTpFmz9XIfEvgHxE3TZixbNUKv6FB0fomDmwgVaQ6ImA07cHQg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 2E2A
12 KB
12 KB
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/XMHgiwdrM2B.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/XMHgiwdrM2B.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:43 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
x-fb-rlafr
0
x-fb-debug
inETg14PYdddgBQs1cfgqTs7HtKbbW3LrAiYtdiUuJddvWq7ALyMdizCczjJev57Mxs3ApM/d2OTV/9Pph6PoA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 30 Mar 2024 22:19:32 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 2E2A
1 KB
1 KB
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/cTbBGs5I5HX.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/cTbBGs5I5HX.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:43 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
x-fb-rlafr
0
x-fb-debug
dajoDPLY2iyt85mnJmrx60L16il5cv/ZflcqvKK9BbAWLS0mHd4p8P+FtKJbMyQL1bKDWt0FsmcrywT7sh71SQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 18 Mar 2024 00:30:39 GMT
dswQVshrjuE.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame 2E2A
343 KB
75 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/dswQVshrjuE.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
cf658e5812fe693304264a1b126dc3e36f9ee7f849afbf560508074166c4c5d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5HlEAsuzMIHfgLYDxtxKvg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
76386
x-fb-rlafr
0
x-fb-debug
beJWfyFvCDVi00lT9RT+Me6JCrjFWR/QCfEko+gqbGgzaTdSNKMfeA6psLWvRd6YKCatzbuNF3MWgv912tkDvA==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 27 Mar 2024 21:28:30 GMT
BqEjD1dj1pL.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 2E2A
840 B
571 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uknKQ5sJ+8vBWLiIBWWBIg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
356
x-fb-rlafr
0
x-fb-debug
eaIW1qO3PRnbZePjGIWeHmY7/7Xtw3zbQDX9wWGidCK1XF0d6xuVaHunpY42fnQsiVuRxxs1+MF6oG6/eAibrw==
x-fb-trip-id
548340344
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 21 Mar 2024 18:16:42 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame DD82
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 01:17:30 GMT
x-content-type-options
nosniff
age
100513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 07 Apr 2023 01:17:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD82
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=5iuneqe903lq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:08 GMT
x-content-type-options
nosniff
age
326495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:08 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD82
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=5iuneqe903lq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:57 GMT
x-content-type-options
nosniff
age
326446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:57 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame DD82
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=NZrMWHVy58-S9gVvad9HVGxk
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=5iuneqe903lq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
GSE /
Resource Hash
f5a955b844dcf924eada41dc4914ff2ed7b5d503380f45b216f6b7ca43aa2e85
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=5iuneqe903lq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 01 Apr 2023 05:12:43 GMT
bframe
www.google.com/recaptcha/api2/ Frame E533
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
GSE /
Resource Hash
19edd78ac137bab5143b6fce3d57467c5905674e29ae53e2d74b920e93cdfdef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K_ACMN7LISh9MDnW1cMCAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1122
content-security-policy
script-src 'report-sample' 'nonce-K_ACMN7LISh9MDnW1cMCAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 05:12:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 2E2A
198 B
254 B
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:43 GMT
x-content-type-options
nosniff
content-md5
gixzAcHA/hBBjzjO9Ez8tQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
198
x-fb-rlafr
0
x-fb-debug
mLn5tvcgPDeJmZ6WhoJu+QAs5PUQBOx+HJ8kceOa8IMVEUB0Ysh8b0t7DYBPVdYDpPl4XrDt/+4PCz/TYI6BDw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Mon, 18 Mar 2024 01:09:02 GMT
init.js
cdn.holmesmind.com/js/ Frame CC29
17 KB
17 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53df1526fdc2b4f441555de54276736c9e11bca04fefa66d67a1c6185fcb24d2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
NmvnCETKmHaa44I3_nDmZEw6htrjAo1Z
date
Sat, 01 Apr 2023 05:12:36 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:30 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
8
x-amz-server-side-encryption
AES256
etag
"5f199ebe685ea58160019a49b75a72c9"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
16908
x-amz-cf-id
pa2cV5Be43My4YPDjnhiUKwCRo9trBoNsHDchHl0xIurmomiYnd4fg==
init.js
cdn.holmesmind.com/js/ Frame 99A1
17 KB
17 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53df1526fdc2b4f441555de54276736c9e11bca04fefa66d67a1c6185fcb24d2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
NmvnCETKmHaa44I3_nDmZEw6htrjAo1Z
date
Sat, 01 Apr 2023 05:12:36 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:30 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
8
x-amz-server-side-encryption
AES256
etag
"5f199ebe685ea58160019a49b75a72c9"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
16908
x-amz-cf-id
GNPUj7c-hcC0sonatMdEzAulHVteabGhdS329X3P3192F6NBo6xK4g==
styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame E533
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 09:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 00:02:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Mar 2024 09:19:10 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame E533
407 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
db20e355eec38641464097836c909673eebdadf82ace277df50847eea9e060b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 09:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
330674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166464
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 00:02:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Mar 2024 09:21:29 GMT
/
www.facebook.com/login/ Frame 2E2A
0
0

/
www.facebook.com/login/ Frame 2E2A
0
0
Document
General
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-sin6.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 01 Apr 2023 05:12:44 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
hivtLKnHJiQ50AiowAbmUGKryndPV5YXyF2ORy6bxtbX4xbOysq9lTbcTIRzl/eBInlasCHkDHQr9gKlThxH1g==
x-frame-options
DENY
x-xss-protection
0
truncated
/ Frame 2E2A
2 KB
0
Stylesheet
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
UislPCXOWc0.css
static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/ Frame 2E2A
19 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/UislPCXOWc0.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
1f75b6ee6e9bd2f4f0e4c5221d955dede1229eae2c137ad283fccc4918cc5bac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HlDm5uW9RcrMa0LFO+oNyQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4558
x-fb-rlafr
0
x-fb-debug
ZjA5PRG1HmwsVIUVTeIUmN/rDR7iHnn2JhwuoIluf/73bCSfaW6Tiw0fUKbWvXbZj/gmVcX1sRhKyujN6L2ryg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=0
expires
Thu, 28 Mar 2024 19:25:59 GMT
zTAcZgbV8nB.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 2E2A
61 KB
16 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/zTAcZgbV8nB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
cc0d49dfd20b6ece5010cdd54bdefad3fe2df62828dc6c579cbaf5a4e63a9fe0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NST0JUomaRRhKDzRtqfVoQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16144
x-fb-rlafr
0
x-fb-debug
jta3s8MFwP0FsA6DkAq965KgaVeR6EZNpskYhV7LvarlJHyLLhcbkOMJX64ckzL5v5aOR9xdWq1RTugQxkdwMw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 28 Mar 2024 19:30:21 GMT
SV0HgmB8RsT.js
static.xx.fbcdn.net/rsrc.php/v3ibcU4/y4/l/en_GB/ Frame 2E2A
31 KB
9 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ibcU4/y4/l/en_GB/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
fc9595ee8439c5d2990126d60c5587c1120741b96a168e278e6d47defccea5fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4KqTzccePH9IygV28VQtgA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9053
x-fb-rlafr
0
x-fb-debug
FjHQE+rA/eWulryW/cz0m4gb0+YFJ+DKb8NEuVkS7rkEkTFonIAZ9oPn6XRueavFElJc7GggpaOjTkuifxvCFA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 21 Mar 2024 19:22:30 GMT
V8jK12UmQ6C.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 2E2A
3 KB
1 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/V8jK12UmQ6C.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
b2030569339b862f00a936d97af228b1bc2500d7f7162abc23be7d8acc710482
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
G94KxmId/Gs6bmpfm04/RQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1248
x-fb-rlafr
0
x-fb-debug
3WqP3lfb93zuO9cZ4XN5jTyISy0UfZ8C+y0yDRd5pA+o/hNLnBFG1/XWBGcJAGnV/CblduTQPAP2aTOEvUsF8w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 28 Mar 2024 18:53:46 GMT
ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 2E2A
25 KB
10 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CEYVgZg04j7erS0ub7sNsg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10390
x-fb-rlafr
0
x-fb-debug
AL4mOcSvrCMDE1sYcL1NwgalO1H5NBDndWDKChpfD4Kyu3urxib0gz5rtHDoAt56nYVFP3en6FCUkDW03FP4Pw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 28 Mar 2024 17:23:31 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame EF77
7 KB
8 KB
Document
General
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
53
content-length
7381
content-type
text/html
date
Sat, 01 Apr 2023 05:11:57 GMT
etag
"7043648f76be8783efb738bc06c56fa0"
last-modified
Fri, 31 Mar 2023 15:21:45 GMT
server
AmazonS3
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
x-amz-cf-id
XPUviUpKT45hHI8NhBwnLZCZV3KNZYrL-PzYgRSxztA-TUUKZ_nkNw==
x-amz-cf-pop
SIN52-C3
x-amz-server-side-encryption
AES256
x-amz-version-id
4BhfENuGUTP_rjuxb32PLd6Fa6sNMJ1C
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame CC29
662 B
1 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
RT47g4fp1acSBH2K._w2Z6.lk4UvPqm6
date
Sat, 01 Apr 2023 05:12:40 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
9
x-amz-server-side-encryption
AES256
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
Or1lC3TAWSMWUCR9OTn50R3gM9RyOcgqgTIU9mWpksL2i2UyPY9tqw==
presetfn.js
cdn.holmesmind.com/js/ Frame AEA8
15 KB
16 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
qiPqCGDTpGddpaFLW1o7mHS6b8EM0L6n
date
Sat, 01 Apr 2023 05:12:40 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:28 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
15
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
jeaPGC_5aGt_-w7jeUvVHmGRHSmWfvD3EV9MWOu-iyH4n-j5ViK1Mw==
capmapping.htm
cdn.holmesmind.com/js/ Frame 881C
7 KB
8 KB
Document
General
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
53
content-length
7381
content-type
text/html
date
Sat, 01 Apr 2023 05:11:57 GMT
etag
"7043648f76be8783efb738bc06c56fa0"
last-modified
Fri, 31 Mar 2023 15:21:45 GMT
server
AmazonS3
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
x-amz-cf-id
hmbY6lOAlodE3ql0otsMLxWlu4usclp6PBPTxovWZs_CAtY0XVPn3g==
x-amz-cf-pop
SIN52-C3
x-amz-server-side-encryption
AES256
x-amz-version-id
4BhfENuGUTP_rjuxb32PLd6Fa6sNMJ1C
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 99A1
662 B
1 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
RT47g4fp1acSBH2K._w2Z6.lk4UvPqm6
date
Sat, 01 Apr 2023 05:12:40 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
9
x-amz-server-side-encryption
AES256
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
E7ZIzPP7RfXAmRyJbebM9wLPGE_8m64_bXZFWh4HcN9Lf6shwLinjQ==
presetfn.js
cdn.holmesmind.com/js/ Frame 4687
15 KB
16 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
qiPqCGDTpGddpaFLW1o7mHS6b8EM0L6n
date
Sat, 01 Apr 2023 05:12:40 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:28 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
15
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
DmbljbY44q4VZ_01tNJI48PChF-3y3bSOetiadBX6crLucHyKIRJpQ==
reload
www.google.com/recaptcha/api2/ Frame E533
41 KB
25 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
GSE /
Resource Hash
de0f76c32a759f08ed51bd8d1d9a13a3df2174d3a6e3e2cb8959978c12e8fbdc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 01 Apr 2023 05:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25562
x-xss-protection
1; mode=block
expires
Sat, 01 Apr 2023 05:12:44 GMT
fp
cm-dev-poc.holmesmind.com/ Frame 677F
0
217 B
Document
General
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 05:12:44 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 54A7
0
0

utag.js
t.ssp.hinet.net/ Frame EF77
5 KB
3 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:44 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sat, 01 Apr 2023 05:22:44 GMT
fp
cm-dev-poc.holmesmind.com/ Frame EF77
0
217 B
Image
General
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:44 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame EF77
0
15 B
Image
General
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame EF77
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEH5XCMJEuOrKXHRWEGnjqm8&google_cver=1
0
166 B
Image
General
Full URL
https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEH5XCMJEuOrKXHRWEGnjqm8&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
x-guploader-uploadid
ADPycdvyv0OJfOGtzYI1_uJX_hTGbpD7Uf-l-lLtssrkB_tjQae5EqLArakbhRzLIYU2TtrvMAIYa0j7TbCjis8u_EpOXhmqxMq7
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Sat, 01 Apr 2023 06:12:45 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 05:12:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEH5XCMJEuOrKXHRWEGnjqm8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame AEA8
1 KB
754 B
Script
General
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13861
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-87.sin52.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:03:08 GMT
content-encoding
gzip
via
1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
576
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
XjTQ18jFQFnTyaS6xlwlTIYI0WPXbWZ6YxKjovIkyAbP6E25PW-j7w==
fp
cm-dev-poc.holmesmind.com/ Frame 881C
0
217 B
Image
General
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:44 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 881C
0
15 B
Image
General
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame D1D5
0
217 B
Document
General
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 05:12:44 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame DB9F
0
0

utag.js
t.ssp.hinet.net/ Frame 881C
5 KB
3 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:44 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sat, 01 Apr 2023 05:22:44 GMT
google
m.holmesmind.com/ml/ Frame 881C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEPbGHN1-hmRtW74qIdKXrqY&google_cver=1
0
478 B
Image
General
Full URL
https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEPbGHN1-hmRtW74qIdKXrqY&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:44 GMT
x-guploader-uploadid
ADPycdu1iDJbV6EZhcRFAv1OJ0cKglmCzTDfsb8OWbAVx_7aUXInrsVSYE6NqtsUgvYobUumKy70Fkd4f8_3_6B0E8ADgSk1cvEx
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Sat, 01 Apr 2023 06:12:44 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Apr 2023 05:12:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEPbGHN1-hmRtW74qIdKXrqY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 4687
1 KB
735 B
Script
General
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13859
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-87.sin52.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
973c1c3635e44bf3bfe4fe4d5acbd83f571d5dbcb80046d161e1ca19963282dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:06:27 GMT
content-encoding
gzip
via
1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
377
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
5Up-e1qqmKvWIZ68jTBq1scSdW8l91OhHaizYHwnFoXLt8b1py4AxA==
305964663_450890893727816_1742559653774706626_n.jpg
scontent-syd2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 2E2A
0
0

14069597498329024862
external-syd2-1.xx.fbcdn.net/emg1/v/t13/ Frame 2E2A
0
0

18029814871319172731
external-syd2-1.xx.fbcdn.net/emg1/v/t13/ Frame 2E2A
0
0

287068195877952849
external-syd2-1.xx.fbcdn.net/emg1/v/t13/ Frame 2E2A
0
0

16052937817076775126
external-syd2-1.xx.fbcdn.net/emg1/v/t13/ Frame 2E2A
0
0

329368516_23853272234120247_7641927853592911745_n.jpg
scontent-syd2-1.xx.fbcdn.net/v/t45.1600-4/ Frame 2E2A
0
0

ads.js
ad.holmesmind.com/adserver/ Frame AEA8
2 KB
1 KB
Script
General
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13861&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=229&o=1&fc=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&d=1&b=2&ts=1&ii=2&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.144.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-144-59.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7ef0b9c1b9c093c44236e49464706283a2e23346ea87edb2fa28e6ef2012137e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 01 Apr 2023 05:12:44 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame AEA8
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
wZkRmrxS7AFmMQdw8xTuiDflqCV6fwem
date
Sat, 01 Apr 2023 05:11:58 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:47 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
58
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
CZ6jT-zkn6AjnesEZdqIpuoUWFQ7Fg0Z4KY2UElbIAKbOoWRywtsXg==
publishertag.js
static.criteo.net/js/ld/ Frame AEA8
121 KB
40 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-1e357"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 02 Apr 2023 05:12:44 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame AEA8
2 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
zH92yqyQP3KTRxmSaYv8d2bGTxlSuzA4
date
Sat, 01 Apr 2023 05:12:11 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:20:47 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
37
x-amz-server-side-encryption
AES256
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
L1NRMV61V4JEdpSNrY2MWOonWZihbcchGdlLWkO-QXiITbpoT3Ml_w==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame AEA8
4 KB
5 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
ALN8MvSay3AX.v5cAQSvQaRj89Lr5LNQ
date
Sat, 01 Apr 2023 05:11:58 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:42 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
55
x-amz-server-side-encryption
AES256
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
lRlMvVGvX7IMX_7_bpLmpwHB_7vlbQXRY1v8krrPWJnPCO7HUwe74Q==
appierV2.js
cdn.holmesmind.com/js/ Frame AEA8
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
PKLNBg42CeVg.VDXi3AZLFhPiGQZ2WdG
date
Sat, 01 Apr 2023 05:12:01 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:38 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
44
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
RbyhE_LRSgZEw-7M9ATfEwgsub2Mt5O1ayEwMuiWbTVvsg_jpK5ZpA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame AEA8
6 KB
7 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
9F8R2klc4rFPN_PdXlX_ozo26SvPPGR3
date
Sat, 01 Apr 2023 05:11:58 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:21 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
57
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
xTVozAWaopNnogi_ifhxiVuX_BGV59pzzy6eQ85q70spNs1e6HboKg==
ads.js
ad.holmesmind.com/adserver/ Frame 4687
2 KB
1 KB
Script
General
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13859&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=464&o=1&fc=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&d=1&b=2&ts=1&ii=2&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.144.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-144-59.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
827f7bf182a3494943ece65a35c8267677935e0e35dabe002974ef5c7730873c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 01 Apr 2023 05:12:44 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 4687
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
wZkRmrxS7AFmMQdw8xTuiDflqCV6fwem
date
Sat, 01 Apr 2023 05:11:58 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:47 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
58
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
1diW5nKdTYqn8fOwxfhhFZ5-ngtpQBLd5FesBUrath_lnmaQeA8uBg==
publishertag.js
static.criteo.net/js/ld/ Frame 4687
121 KB
40 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-1e357"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 02 Apr 2023 05:12:44 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 4687
2 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
zH92yqyQP3KTRxmSaYv8d2bGTxlSuzA4
date
Sat, 01 Apr 2023 05:12:11 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:20:47 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
37
x-amz-server-side-encryption
AES256
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
RcvkE2r4hBdkiDwCiXSVG48yqeZfNEoWDHX9pYQkVzArX5Z83WzWIg==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 4687
4 KB
5 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
ALN8MvSay3AX.v5cAQSvQaRj89Lr5LNQ
date
Sat, 01 Apr 2023 05:11:58 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:42 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
55
x-amz-server-side-encryption
AES256
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
vFOMIfNJcmF_izbvzeW7SaNZrEsB3DTB0I1JrX03Q5mmuvhbb12o5w==
appierV2.js
cdn.holmesmind.com/js/ Frame 4687
3 KB
3 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
PKLNBg42CeVg.VDXi3AZLFhPiGQZ2WdG
date
Sat, 01 Apr 2023 05:12:01 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:38 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
44
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
3y6p19rCFd453h9Mx1H9MYe9lGRLod-uP4sR7DyKRczl0KtSeJeMNA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 4687
6 KB
7 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
9F8R2klc4rFPN_PdXlX_ozo26SvPPGR3
date
Sat, 01 Apr 2023 05:11:58 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:21:21 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
57
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
VqB2AiOldA-aGUgqOf0FrOD9IUwYr42S5xO2MsVieEGBBP7-a2kJfA==
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame E533
600 B
624 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 21:06:59 GMT
x-content-type-options
nosniff
age
201945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 05 Apr 2023 21:06:59 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame E533
530 B
554 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 06:17:05 GMT
x-content-type-options
nosniff
age
168939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 06 Apr 2023 06:17:05 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame E533
665 B
689 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:54:14 GMT
x-content-type-options
nosniff
age
29910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 07 Apr 2023 20:54:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E533
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:08 GMT
x-content-type-options
nosniff
age
326496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:08 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E533
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:41:06 GMT
x-content-type-options
nosniff
age
325898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:41:06 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E533
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 10:31:57 GMT
x-content-type-options
nosniff
age
326447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 10:31:57 GMT
payload
www.google.com/recaptcha/api2/ Frame E533
27 KB
27 KB
Image
General
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AKH6MRGcSGccjqJJ6qJ7xT1nmMezZ0CMRc6fnn6RwItYZPdp_P1kbiKzaya3ysvbUt3ESNzPzU73KPHDlQnR6qkHkVXmdFLegqOuDfPM-7AasyMR8KHL3KsqhsUw05LWmLWZvTy5nKDqZ6Qa9gmSX2ur85owVg-1LTt88RZorXBbII_dBZkuuzZ5bszpY0XA_bOTlZZy8EchyN8qCT9MBsx0dr99nXXHVA&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
GSE /
Resource Hash
b081359c6ae16e5b951869b78fd34165c020a807caaf12df15736decb8773b36
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:44 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27683
x-xss-protection
1; mode=block
expires
Sat, 01 Apr 2023 05:12:44 GMT
/
t.ssp.hinet.net/ Frame EF77
36 B
406 B
XHR
General
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
81fe88c32c463440c159b3411c5aa3dca223647b1a59a82ad63a0548526946c0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:44 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 881C
36 B
406 B
XHR
General
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
81fe88c32c463440c159b3411c5aa3dca223647b1a59a82ad63a0548526946c0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:44 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
utag.js
t.ssp.hinet.net/ Frame AEA8
5 KB
3 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:44 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sat, 01 Apr 2023 05:22:44 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame AEA8
0
170 B
XHR
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 01 Apr 2023 05:12:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame AEA8
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
2 B
20 B
XHR
General
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sat, 01 Apr 2023 05:12:44 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame AEA8
2 KB
2 KB
XHR
General
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9592678084873443
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a63192a898c467f93de06f79c64eabd79b4b26fe8b8f7bb14dfee19d0a5a8f3f

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 01 Apr 2023 05:12:44 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1472
bid
ad2.apx.appier.net/v1/prebid/ Frame AEA8
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
2 B
20 B
XHR
General
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sat, 01 Apr 2023 05:12:44 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
utag.js
t.ssp.hinet.net/ Frame 4687
5 KB
3 KB
Script
General
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:44 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sat, 01 Apr 2023 05:22:44 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 4687
0
170 B
XHR
General
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sat, 01 Apr 2023 05:12:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
drawV2.js
cdn.holmesmind.com/js/ Frame AEA8
10 KB
11 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13861&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=229&o=1&fc=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&d=1&b=2&ts=1&ii=2&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
TEiUgy_6oU8A9GzAEdY745kcECYdffgo
date
Sat, 01 Apr 2023 05:11:59 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:20:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
58
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
yrI_0EP1_th3e50fXeAaodvpD-E6QNRgSLsTYke0dmS8nmh3KONd3A==
prebid.aspx
prebid.scupio.com/recweb/ Frame 4687
2 KB
2 KB
XHR
General
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.20285828769943315
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b4210e08bd690da4fc764928b6750d37bd6110f3aaee764058a960a44760ad60

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 01 Apr 2023 05:13:12 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1469
bid
ad2.apx.appier.net/v1/prebid/ Frame 4687
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
2 B
20 B
XHR
General
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sat, 01 Apr 2023 05:12:44 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 4687
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
2 B
20 B
XHR
General
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sat, 01 Apr 2023 05:12:44 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
drawV2.js
cdn.holmesmind.com/js/ Frame 4687
10 KB
11 KB
Script
General
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13859&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=464&o=1&fc=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&d=1&b=2&ts=1&ii=2&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-48.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
TEiUgy_6oU8A9GzAEdY745kcECYdffgo
date
Sat, 01 Apr 2023 05:11:59 GMT
via
1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified
Fri, 31 Mar 2023 15:20:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
58
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
j1qosLIhPH66iRnhG_-vU96WwV-vHLH_2DlaOoQWsLWokXp6iZZu2Q==
cm
t.ssp.hinet.net/ Frame EF77
0
194 B
XHR
General
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&mp=608209f0-4c1f-4fe7-9267-79c1c21f8079
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net/ Frame EF77
0
79 B
Image
General
Full URL
https://608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net/pixel?bd=608209f0-4c1f-4fe7-9267-79c1c21f8079&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
pixel
608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net/ Frame 881C
0
79 B
Image
General
Full URL
https://608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net/pixel?bd=608209f0-4c1f-4fe7-9267-79c1c21f8079&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 881C
0
194 B
XHR
General
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&mp=608209f0-4c1f-4fe7-9267-79c1c21f8079
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 4687
142 B
404 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=68103749924
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
e4a19c48cde63c5e0f603328e87fc67b2289b9157120b26fcf52fccf1793ab2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 01 Apr 2023 05:12:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
141
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C6C9
76 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
41b93f51026119be7600223167a1d83b512e40ff2a76e5005e9a25f9b38f2d07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27205
x-xss-protection
0
server
sffe
etag
"1528 / 733 of 1000 / last-modified: 1680300463"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Apr 2023 05:12:45 GMT
cdb
bidder.criteo.com/ Frame AEA8
142 B
404 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=13528245064
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
66ae2c43f2d4b20be42141922a5a9d1ab80c2303a35f56b81eadf5af64f2c94a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
142
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BE37
76 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
28262860c6d2ac87b966e50a39e624aee4b80527e4de39aa81e617b57fe0aa46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27206
x-xss-protection
0
server
sffe
etag
"1528 / 490 of 1000 / last-modified: 1680300336"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Apr 2023 05:12:45 GMT
pubads_impl_2023033001.js
securepubads.g.doubleclick.net/gpt/ Frame C6C9
397 KB
134 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
5274d8f4dbd155adc7ab1035ca15e55b18cc4ff946ac3134c8fb0aea6f81262d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 10:55:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136582
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 08:35:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 29 Mar 2024 10:55:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame C6C9
142 B
113 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
57c887edbe15917d7b202e67eca64ec45cc5bbd2c3e3e048293bb7b2c8c7353b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88
x-xss-protection
0
expires
Sat, 01 Apr 2023 05:12:46 GMT
events
bidder.criteo.com/csm/ Frame 4687
0
209 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame AEA8
0
209 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 01 Apr 2023 05:12:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pubads_impl_2023032801.js
securepubads.g.doubleclick.net/gpt/ Frame BE37
397 KB
134 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
95cebae126b596b85b7633805c98d6be3b0ccc8558b8a0c0cdcd3a0fef0c6917
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 14:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
312737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136767
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 08:36:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Mar 2024 14:20:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame BE37
142 B
113 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
57c887edbe15917d7b202e67eca64ec45cc5bbd2c3e3e048293bb7b2c8c7353b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88
x-xss-protection
0
expires
Sat, 01 Apr 2023 05:12:46 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je33t0&_p=1140901553&cid=466576723.1680325961&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1680325961&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fmain%2Fen&dt=URL%20Shortener%20-%20reurl&en=scroll&epn.percent_scrolled=90&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 05:12:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com.au/adsid/ Frame C6C9
107 B
165 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C6C9
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C6C9
55 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2083120833534823&correlator=962228985069247&eid=31073289%2C31073537&output=ldjh&gdfp_req=1&vrg=2023033001&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13861&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=4072839793&sfv=1-0-40&sc=1&cookie=ID%3D4bf9823df80ec08b-225f9a72e7dc0071%3AT%3D1680325961%3ART%3D1680325961%3AS%3DALNI_MZbMDM2kYz8_iYoORk-iGGzJe8z3Q&gpic=UID%3D00000a3af167662b%3AT%3D1680325961%3ART%3D1680325961%3AS%3DALNI_MbMKwgxJrvNgTu46ddPY8Qitl5lCA&abxe=1&dt=1680325966313&lmt=1680325966&dlt=1680325965385&idt=841&adxs=935&adys=973&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=dlmw5s5578js&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=4&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ref=https%3A%2F%2Freurl.cc%2Fmain%2Fen&top=https%3A%2F%2Freurl.cc%2Fmain%2Fen&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=466576723.1680325961&ga_sid=1680325966&ga_hid=1711516538&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8808e8c9dd41367071faeb8cc8ec77c25df64c76f9397bcda49d75bea39d9ef9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12881
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C6C9
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023033001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
25e87120f92b394d95c7890efffe9951c0f3afefd6144d2d65f98561d288c6ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11232
x-xss-protection
0
container.html
4715d7a5ce1e943f7da2ef0322d21961.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 441A
6 KB
3 KB
Document
General
Full URL
https://4715d7a5ce1e943f7da2ef0322d21961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 05:12:46 GMT
expires
Sun, 31 Mar 2024 05:12:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame BE37
107 B
165 B
Script
General
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BE37
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BE37
56 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=167766935307239&correlator=318063667565056&eid=31072028%2C31072879%2C31073459%2C44785729&output=ldjh&gdfp_req=1&vrg=2023032801&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13859&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=4136938775&sfv=1-0-40&sc=1&cookie=ID%3D4bf9823df80ec08b-225f9a72e7dc0071%3AT%3D1680325961%3ART%3D1680325961%3AS%3DALNI_MZbMDM2kYz8_iYoORk-iGGzJe8z3Q&gpic=UID%3D00000a3af167662b%3AT%3D1680325961%3ART%3D1680325961%3AS%3DALNI_MbMKwgxJrvNgTu46ddPY8Qitl5lCA&abxe=1&dt=1680325966395&lmt=1680325966&dlt=1680325965445&idt=921&adxs=365&adys=973&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=sxn3qfyont3w&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=4&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ref=https%3A%2F%2Freurl.cc%2Fmain%2Fen&top=https%3A%2F%2Freurl.cc%2Fmain%2Fen&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=466576723.1680325961&ga_sid=1680325966&ga_hid=452716224&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
455adbe6cc44d26a290239ed14278ad2de68c2773725e5796f37e84aa9d12301
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13264
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BE37
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023032801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
507766029743850514f4dca1fca869a989d78a2d5b4b529f6ac27e540d6c9d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11194
x-xss-protection
0
container.html
c31505d756ab380a71150d2421f18107.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6271
6 KB
3 KB
Document
General
Full URL
https://c31505d756ab380a71150d2421f18107.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 05:12:46 GMT
expires
Sun, 31 Mar 2024 05:12:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C6C9
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Apr 2023 05:12:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BE37
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 01 Apr 2023 05:12:47 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012303151529000/ Frame 2E4C
74 KB
0
Script
General
Full URL
https://cdn.ampproject.org/rtv/012303151529000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 27 Mar 2023 17:09:18 GMT
age
389009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61771
x-xss-protection
0
server
sffe
etag
"ec0c62706e34eb3f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Mar 2024 17:09:18 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 2E4C
0
0

amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 2E4C
0
0

amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 2E4C
0
0

amp-form-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 2E4C
0
0

css
fonts.googleapis.com/ Frame 2E4C
6 KB
742 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 01 Apr 2023 05:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 04:28:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 01 Apr 2023 05:12:47 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2E4C
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 04:27:43 GMT
x-content-type-options
nosniff
server
cafe
age
2704
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Sun, 02 Apr 2023 04:27:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2E4C
344 B
587 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 05:48:35 GMT
x-content-type-options
nosniff
server
cafe
age
84252
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sat, 01 Apr 2023 05:48:35 GMT
l
www.google.com/ads/measurement/ Frame 2E4C
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpZRaIKQ1p2q6aHCty54LVyMaQzIAs_hDEPHfbberbfUFBaEwXAYGv_nqNReVkFhiAVSapCFQVJIOgRIg0CqaI-6IXvQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 2E4C
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CgjmtTr0nZLn3G-SUmsMP1_mz0ASL_KDob9Ou-om6EZaLtuKdORABINLMgRpgpYCAgJABoAHZxLXOAsgBCakCuUWLu4Jupj7gAgCoAwHIAwqqBN8BT9ADW5JF3V5O8nM4oUlO9lwRfJZ4rX7unSYCC_SGG6hwJBpjTW2bsRRq04IjzLZY_ZIljkmuGWhVbxzGgj8_4K73oiNk0OG-hljQmKHS55N5qzZNUJH85CraigJ5MaQVJ4LKEfmssqCmUGv6fNFXtHLqgvpslaHG1rsz11GKxGmI7E09_YqPiUoxDtopp3jlQxmv8MvHoCGwFux332qiTuPmrr9MWJQ_b3Jujv7MFH_0kQeg67kh_BYx6LKspmlnzffbY9xZSx_La9BSlI1GYfKd_Zb5NayVxA243AIbKMAE7Lbc46kE4AQBoAYugAePu8qxAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEObREtIIDwiAYRABGB0yAooCOgKAQIAKA8gLAbgT5APYEwOIFAbQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=NOPasLrllp4&uach_m=[UACH]&cid=CAQSOwDUE5ymj8vHlN5N36JRbra2-gOYRbpTJclKocRI_mT-8f-soVpS8qFzA5zRcEH0um1yPuMgn09_XKRGGAE&template_id=484
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

2076313506083323656
tpc.googlesyndication.com/simgad/45170812819367333/ Frame 2E4C
50 KB
50 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/45170812819367333/2076313506083323656
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
585342b8b59bca46bc11cc2326c1c705774fcbfb6f7f559fbc3c380dd1c0c155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 04:20:15 GMT
x-content-type-options
nosniff
age
175952
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51441
x-xss-protection
0
last-modified
Thu, 23 Mar 2023 06:42:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Mar 2024 04:20:15 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/10693318534524495940/ Frame 2E4C
5 KB
5 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10693318534524495940/14763004658117789537?w=100&h=100
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
741ff11da7ecc7af5f555ef8eb13bb520f9a3069ac1b4f45347770cd39f0ed7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 07:10:56 GMT
x-content-type-options
nosniff
age
252111
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4806
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 04:18:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Mar 2024 07:10:56 GMT
truncated
/ Frame 2E4C
220 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e20ca598957caa203fcfe3739b93ff3c000bcacd662eb20c120c24bc52abeaa2

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2E4C
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
899ee5affa25e4ac40a35355a1ad8098b1f52a1023c37752bb0cfd18f51222ee

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 757D
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
355334
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Mar 2023 02:30:33 GMT
expires
Wed, 27 Mar 2024 02:30:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E85D
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
GSE /
Resource Hash
d685304b9378321ae50ae48e05f5a9e6c24bc29e9d410bef18b581aa07159391
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BFi1x8JniXALNoN4TMEDkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-BFi1x8JniXALNoN4TMEDkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 05:12:47 GMT
expires
Sat, 01 Apr 2023 05:12:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 912C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
355334
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Mar 2023 02:30:33 GMT
expires
Wed, 27 Mar 2024 02:30:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 29C7
783 B
538 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
GSE /
Resource Hash
364575d8b287caeedb0bd9784c09be7197546e19536803bffa3d53cc47b2d03f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6jrjjjP3X6_KykV029KRIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
516
content-security-policy
script-src 'report-sample' 'nonce-6jrjjjP3X6_KykV029KRIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 01 Apr 2023 05:12:47 GMT
expires
Sat, 01 Apr 2023 05:12:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012303151529000/ Frame 0D3B
0
0

amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 0D3B
0
0

amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 0D3B
0
0

amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 0D3B
0
0

amp-form-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 0D3B
0
0

css
fonts.googleapis.com/ Frame 0D3B
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 01 Apr 2023 05:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 04:19:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 01 Apr 2023 05:12:47 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0D3B
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 04:27:43 GMT
x-content-type-options
nosniff
server
cafe
age
2704
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Sun, 02 Apr 2023 04:27:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0D3B
344 B
402 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 05:48:35 GMT
x-content-type-options
nosniff
server
cafe
age
84252
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sat, 01 Apr 2023 05:48:35 GMT
l
www.google.com/ads/measurement/ Frame 0D3B
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyGGz2cbmX446ArfvG2xN0s_IRJiGwltJNcZiOieTXHRYGT36Bx5etn4Zanvie63Oa02wTQeiDST8MVFiXQzNPKuCNGw
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 0D3B
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChLbNTr0nZM6BIYjOmsMPj_eTuA-L_KDob9Ou-om6EZaLtuKdORABINLMgRpgpYCAgJABoAHZxLXOAsgBCakCuUWLu4Jupj7gAgCoAwHIAwqqBN8BT9CXeIkooGxU5C2FLHlPh4USsiYoDf8i0di88YsbMB-BGmNM81mDEVHsvPWgrb9hxsrD2ttuRv4QMGTyYOBsOhTCQR6pbxl6ywIvTVuG9FULRHpHK1MMOb3zXZiYF0N0wj_qjRzQcuyY88x0sClOdQMG7cUuvV1HAOtvVRZtD4_pOx4EoniTkk-1EohV6a56abMTGfYagmohqJbpfFaeyCLTAvmpxei2bHeAhiMWKgfX94R3CiBPx0sU8mmWZYHkrKi-evVY1F3-xGSD6vwFWBAhsYw_d-SVBJaMLftzDcAE7Lbc46kE4AQBoAYugAePu8qxAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIPJEtIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTA4gUBtAVAZgWAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=SR2VDygHW9w&uach_m=[UACH]&cid=CAQSOwDUE5ymgWbtCZmvp7yoiVVHG6UgfMpHAIMKabPdoO6HJi9bbSMSY0ceCzyiOEFRhTqp4c0XmzQJ71DrGAE&template_id=5000
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

14763004658117789537
tpc.googlesyndication.com/simgad/45170812819367333/ Frame 0D3B
26 KB
26 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/45170812819367333/14763004658117789537?w=400&h=209
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
706bc00dab6e0c9be8775266f9ed7cc2e60b239f757eb80039f052ca34acc7d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 05:12:47 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26201
x-xss-protection
0
last-modified
Thu, 23 Mar 2023 06:42:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 31 Mar 2024 05:12:47 GMT
truncated
/ Frame 0D3B
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0D3B
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adaac4596a1bdebf9f7b1d43eceef666c69f9f2c99306639e63949fb2ad487cf

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame E85D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023033001&jk=2083120833534823&rc=05AJrWKeW7aL_SE2MW-ZUMNmDBiEZa5DIrifDwyuDQqU8PiNNJ9JrKf9GbYAFQk45lAdp0BsCDtA_oaLRddk44DjrVwmqz1bmz_qEO1z9B-YUrxkizfdGZX_gezzBaij5dgNNmUe1Zpl51Jy5e1CGcTY5NbjHrkNNa37wrVwC6epgthfLOjaojjcKmWA
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 29C7
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023032801&jk=167766935307239&rc=05AJrWKeW7aL_SE2MW-ZUMNmDBiEZa5DIrifDwyuDQqU8PiNNJ9JrKf9GbYAFQk45lAdp0BsCDtA_oaLRddk44DjrVwmqz1bmz_qEO1z9B-YUrxkizfdGZX_gezzBaij5dgNNmUe1Zpl51Jy5e1CGcTY5NbjHrkNNa37wrVwC6epgthfLOjaojjcKmWA
Requested by
Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js
pagead2.googlesyndication.com/bg/ Frame 757D
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
149237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14139
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 13:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Mar 2024 11:45:30 GMT
hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js
pagead2.googlesyndication.com/bg/ Frame 912C
0
0

KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D3B
0
0

KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D3B
0
0

KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E4C
0
0

KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E4C
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
scontent-syd2-1.xx.fbcdn.net
URL
https://scontent-syd2-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=oqGaVj6vO6EAX_Ru9d2&_nc_ht=scontent-syd2-1.xx&oh=00_AfDPbNNTQK1gCDKn9MTSE9qjEq3vzWnEao_SSFvVMKNJ-w&oe=642C0B15
Domain
external-syd2-1.xx.fbcdn.net
URL
https://external-syd2-1.xx.fbcdn.net/emg1/v/t13/14069597498329024862?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2019%2F12%2F%E6%97%85%E9%81%8A%E6%8A%98%E6%89%A3-KLOOK-kkday-%E6%8E%A8%E8%96%A6%E5%84%AA%E6%83%A0%E4%BF%A1%E7%94%A8%E5%8D%A1.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbEEhY0y3XmIT9SxUvZqOBvrXwc_C4-5KCL84ze_Yo9tbw&oe=64296FE6&_nc_sid=698a6b
Domain
external-syd2-1.xx.fbcdn.net
URL
https://external-syd2-1.xx.fbcdn.net/emg1/v/t13/18029814871319172731?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2021%2F02%2F2021-%E6%98%9F%E5%B1%95%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbHA4sQv3aVnwPwSJUabAD4AfuZ4gpntel2jsL3h6K30Tw&oe=64294DDD&_nc_sid=698a6b
Domain
external-syd2-1.xx.fbcdn.net
URL
https://external-syd2-1.xx.fbcdn.net/emg1/v/t13/287068195877952849?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F01%2F2023-JCB-%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E6%8E%A8%E8%96%A6.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbGSsVkHrlSeYgsrpd-Wur6JezNlOoLYN3PmgDKVIZy7GQ&oe=6429745E&_nc_sid=698a6b
Domain
external-syd2-1.xx.fbcdn.net
URL
https://external-syd2-1.xx.fbcdn.net/emg1/v/t13/16052937817076775126?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F02%2F%E5%AF%8C%E9%82%A6-Costco-%E8%81%AF%E5%90%8D%E5%8D%A1%E4%BB%8B%E7%B4%B9.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbHrWwF_22XEQAK3oU-zGOvfrCgbCZ7zP6yirhIiNY5vmw&oe=6429352D&_nc_sid=698a6b
Domain
scontent-syd2-1.xx.fbcdn.net
URL
https://scontent-syd2-1.xx.fbcdn.net/v/t45.1600-4/329368516_23853272234120247_7641927853592911745_n.jpg?stp=c0.36.1200.628a_cp0_dst-jpg_q75_s350x350_spS444&_nc_cat=100&ccb=1-7&_nc_sid=67cdda&_nc_ohc=ub-7wQPo6XYAX89NHal&_nc_ht=scontent-syd2-1.xx&oh=00_AfA1lvF1F5yt4YvECR-tshsmrukaSVMKge2QLGhmpEn8tg&oe=642D095C
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012303151529000/v0/amp-ad-exit-0.1.mjs
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012303151529000/v0/amp-analytics-0.1.mjs
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012303151529000/v0/amp-fit-text-0.1.mjs
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012303151529000/v0/amp-form-0.1.mjs
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012303151529000/amp4ads-v0.mjs
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012303151529000/v0/amp-ad-exit-0.1.mjs
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012303151529000/v0/amp-analytics-0.1.mjs
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012303151529000/v0/amp-fit-text-0.1.mjs
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012303151529000/v0/amp-form-0.1.mjs
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 boolean| credentialless function| fbq function| _fbq string| partnerId function| hiball object| __hitagCmdQueue function| gtag object| dataLayer object| adsbygoogle function| $ function| jQuery object| bootstrap function| Vue object| VueQrcode function| axios function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| saveAs function| saveTextAs object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| app object| renews function| getRenewsFeeds string| labelToken string| category string| GoogleAnalyticsObject function| ga number| edmpvct number| edmpcct function| c_tag_mk number| cftkn function| chktkn function| getCookie function| getVideoCardInfo function| getFingerprintRawData function| getPValue function| getFingerprint object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| ElandTracker function| stfpjs function| cookie_mapping object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| hitag object| gaplugins object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| closure_lm_480871 object| criteo_syncframe_state

29 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJrWKeWoIbvCVJooemxl1eXl3xcnd0nlevz3XJhptISK1Dw-e5OHCEEHaQxv2_F0m2c0HRGjy3-D8XOAtuqumWA
reurl.cc/ Name: clientIdV2
Value: cffba54ebbd5e8cf93ab7eac0b26c866a832a7923ff820209705212d533c5d8dc343276d827940e610de7767242e06e59953ffef00d0dd2f64fb826ac1c15c26d74dc1c239677a5d8a754271
reurl.cc/ Name: clientId
Value: cffba54ebbd5e8cf93ab7eac0b26c866a832a7923ff820209705212d533c5d8dc343276d827940e610de7767242e06e59953ffef00d0dd2f64fb826ac1c15c26d74dc1c239677a5d8a754271
reurl.cc/ Name: lang
Value: en
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1680325961.1.0.1680325961.0.0.0
.reurl.cc/ Name: _ga
Value: GA1.2.466576723.1680325961
.reurl.cc/ Name: _gid
Value: GA1.2.1836387400.1680325961
.reurl.cc/ Name: _gat
Value: 1
.prnasia.com/ Name: __cf_bm
Value: MvsfkKuHAFEZCakCP60xdZBwk3l2M7jk.xQlVpQRTF4-1680325961-0-ASExkUwgzy5pwnIArK2g/GKUVmDw0EKBc5ajG0Ap9RYzXtQ14/wKflENDVv1SyOBZpP//R5fplpeVK7ePUYEg/E=
.reurl.cc/ Name: _ht_em
Value: 1
.reurl.cc/ Name: _fbp
Value: fb.1.1680325961604.1412548290
.reurl.cc/ Name: _ht_a546ca
Value: 1
.hinet.net/ Name: uuid
Value: 608209f0-4c1f-4fe7-9267-79c1c21f8079
.reurl.cc/ Name: __gads
Value: ID=4bf9823df80ec08b-225f9a72e7dc0071:T=1680325961:RT=1680325961:S=ALNI_MZbMDM2kYz8_iYoORk-iGGzJe8z3Q
.reurl.cc/ Name: __gpi
Value: UID=00000a3af167662b:T=1680325961:RT=1680325961:S=ALNI_MbMKwgxJrvNgTu46ddPY8Qitl5lCA
reurl.cc/ Name: CFFPCKUUID
Value: 5284-sdAgAdjE34l87tjqGD0WfowoCXUd9gsh
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR
.reurl.cc/ Name: FPUUID
Value: 7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
.holmesmind.com/ Name: P
Value: 936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe
.holmesmind.com/ Name: Vision
Value: 20230401-23:59,20230401-16,20230401-16,20230401-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.reurl.cc/ Name: _ht_hi
Value: 1
.reurl.cc/ Name: __htid
Value: 608209f0-4c1f-4fe7-9267-79c1c21f8079
.c.appier.net/ Name: _auid
Value: W-Rnlq8aBvWIUYPQS70nZA
.doubleclick.net/ Name: IDE
Value: AHWqTUlRL1yMD4ajgWmDOB0gNReEgOHmIRdYlorqPoaq1fdXWeIDOoeH_wwcLrejZWk
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==

2 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://fcm.holmesmind.com/cm.php
Message:
Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

17c52f98-3b68-4d0a-89a5-c08001f24eed.t.ssp.hinet.net
4715d7a5ce1e943f7da2ef0322d21961.safeframe.googlesyndication.com
608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net
ad.holmesmind.com
ad2.apx.appier.net
adcdn.holmesmind.com
adservice.google.com
adservice.google.com.au
bidder.criteo.com
c.holmesmind.com
c31505d756ab380a71150d2421f18107.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.holmesmind.com
cdn.jsdelivr.net
cdn.rawgit.com
cdnjs.cloudflare.com
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
connect.facebook.net
creditcards.com.tw
external-syd2-1.xx.fbcdn.net
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
i0.wp.com
img.gbyhn.com.tw
img.racingcharger.tw
m.holmesmind.com
mma.prnasia.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-asia.creativecdn.com
prebid.scupio.com
re-news.tw
reurl.cc
scontent-syd2-1.xx.fbcdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
t.ssp.hinet.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.gstatic.com
www.rayskyinvest.com
cdn.ampproject.org
external-syd2-1.xx.fbcdn.net
fcm.holmesmind.com
fonts.gstatic.com
pagead2.googlesyndication.com
scontent-syd2-1.xx.fbcdn.net
www.facebook.com
103.132.192.30
104.16.252.4
104.16.87.20
104.17.24.14
13.227.254.48
138.199.46.68
142.250.4.156
142.251.10.147
142.251.12.132
142.251.12.157
142.251.12.94
157.240.13.35
157.240.235.1
157.240.8.23
172.104.45.159
172.217.194.155
172.217.194.157
172.217.194.97
172.253.118.95
172.67.150.31
172.67.178.125
18.155.68.87
182.161.73.129
182.161.73.145
192.0.77.2
192.0.78.135
203.75.214.136
210.59.219.181
34.102.176.152
34.149.120.3
34.149.98.30
34.95.67.231
34.96.119.68
35.185.130.121
35.185.136.122
35.201.76.93
35.227.249.156
35.244.196.223
52.194.43.130
54.178.144.59
74.125.130.132
74.125.130.154
74.125.130.94
74.125.200.156
74.125.200.94
74.125.24.138
74.125.68.132
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0165c15a2bedf362f02f1dd1835b5c625faa48d7c0807de80cc4dd3ca40de809
03e8ad03b544f04661b5c5d7608552a26d56e30968072f81ab1b58b05c5e742a
051141599f128f399f2cd53514ee1c28ba9d269ce1b065ba81dcc4b11a5d3b02
062846e8d28e4b414ed35cb7885ff381f020faafaa66fd379cf9191566f81827
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0bf3b8bf5d162d75b078317a20d10ab6c4b9ba1b9d5347cb367d0cc28d1ef264
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
112a2742c1310aa69aeb3df0e402ea27ac342ce3c8db1d3850f53918af88fc5e
1380c84741adda7370ca6a12cdf5b945c5d09c3fdb22bb72de2140b1f1e69aa9
1428e1bc09838ba1f051526c85ed869c50c04902807843084717a21cf830132e
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2
19edd78ac137bab5143b6fce3d57467c5905674e29ae53e2d74b920e93cdfdef
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450
1f75b6ee6e9bd2f4f0e4c5221d955dede1229eae2c137ad283fccc4918cc5bac
20b9f77fb50c9a36b849adb3ff16036ae5cf0dc972ed7861a122de20d8b08487
23da6bca460f1bd205972b4ba6110fb6c31e2731b41cf59cdf756a629dd19903
25e87120f92b394d95c7890efffe9951c0f3afefd6144d2d65f98561d288c6ea
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
28262860c6d2ac87b966e50a39e624aee4b80527e4de39aa81e617b57fe0aa46
291ce914cec30326938e8ac7c3dfd589fd4b43aaabc4f3e9e0ca080451e5d8fc
2e239a7ef6b367100ceb17647f6057f4b9db339e29e8e0778151df9ca5e07e15
2f6c4eef1c3efc8673cf409110ca75fe96ad43a3d4a7fa049a41872b30186c38
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
30c1a1f1fc5c307021602584a7bfe5af655580484516b0f0bac662a2974ba8b7
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2
364575d8b287caeedb0bd9784c09be7197546e19536803bffa3d53cc47b2d03f
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36852a83c051c63be0effce8c3d1cf9d2c9af7fde62fa4e6a544848abbb7d0fd
38bf6598faa4b9c7c37f9e8005ea21f722b9517fbbe2b0689f9ca00ad309d47c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4017c8e6cb5b33e0d5426a26acc7b6a143ab5604bfb40790b6f5f44972882110
40d0de6c923c31f8df453337e0539edfc00a4a4a02ca8fcd84282ce328a76e92
41b93f51026119be7600223167a1d83b512e40ff2a76e5005e9a25f9b38f2d07
43cef17a32d6403565654fc0972e73949f5cdb2c7e51830898b0738078f89f56
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
455adbe6cc44d26a290239ed14278ad2de68c2773725e5796f37e84aa9d12301
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4883c68c0f9c35d5c627c1c8e809b25d40dce3b0af37ac346c6587e8cd69920d
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4db0e1f96890dfbbbfd8f552577cac8d05ad77a021d1b7a2d14da1e0ff02ee9a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
507766029743850514f4dca1fca869a989d78a2d5b4b529f6ac27e540d6c9d6b
5274d8f4dbd155adc7ab1035ca15e55b18cc4ff946ac3134c8fb0aea6f81262d
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53df1526fdc2b4f441555de54276736c9e11bca04fefa66d67a1c6185fcb24d2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57c887edbe15917d7b202e67eca64ec45cc5bbd2c3e3e048293bb7b2c8c7353b
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
585342b8b59bca46bc11cc2326c1c705774fcbfb6f7f559fbc3c380dd1c0c155
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5ad88988f5871797f8a6ae266d8cf7449aaaa85007064bf7fcc256abb80b39d7
5e137b703d3b95300c7e6e02ecd911eb480291a018794e40d0e5443dbd23e6a6
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66ae2c43f2d4b20be42141922a5a9d1ab80c2303a35f56b81eadf5af64f2c94a
706bc00dab6e0c9be8775266f9ed7cc2e60b239f757eb80039f052ca34acc7d6
741ff11da7ecc7af5f555ef8eb13bb520f9a3069ac1b4f45347770cd39f0ed7f
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7ef0b9c1b9c093c44236e49464706283a2e23346ea87edb2fa28e6ef2012137e
7f05353baa3e2dfc0ef79f7482ac4cd6e8af100ac91d9e4f99acb7d481836d2d
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
81fe88c32c463440c159b3411c5aa3dca223647b1a59a82ad63a0548526946c0
827f7bf182a3494943ece65a35c8267677935e0e35dabe002974ef5c7730873c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8377e96dd5a60df39397d22401247e3e3c51f9121019c3908cef680ab52603d3
87bae036cec691ad5dae2492440a08fe7eb4efbea0999e1e0d04f31b09218afa
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671
8808e8c9dd41367071faeb8cc8ec77c25df64c76f9397bcda49d75bea39d9ef9
899ee5affa25e4ac40a35355a1ad8098b1f52a1023c37752bb0cfd18f51222ee
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95cebae126b596b85b7633805c98d6be3b0ccc8558b8a0c0cdcd3a0fef0c6917
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
973c1c3635e44bf3bfe4fe4d5acbd83f571d5dbcb80046d161e1ca19963282dc
9899b870f85d5de6a82cb2d7b70afea5248f6854ee20ccdd2aab5a34c15d2a6a
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9c9f87285251bbcc9a701bc74e755b0c48e1321efdccafd33c28896b40aa3ff3
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63192a898c467f93de06f79c64eabd79b4b26fe8b8f7bb14dfee19d0a5a8f3f
a66ba6dda43ebd256dfc3de9235b98ec5b0c5e1274868d3d38f333679bb2ef18
a78bd4eebe3bf86745ee9faff5d5927cd9fca6f69b074e586b66fba4df1d5684
a794fbaadb2023fbd4b9627c15e5dd46cbfd88d6b889afa79bfac018c1af9d7b
a79ad475bdce90530467569d41f8319aea76030c5a4a52b30da61e2cd1d4d95a
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa110663d6600fd847987ed2d5046deea4e65e27183e20c76a12d56206c86a57
adaac4596a1bdebf9f7b1d43eceef666c69f9f2c99306639e63949fb2ad487cf
adfdffd27a3849c62169200dc83c9d8e535613e960adf14566f65ab109d9678b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b081359c6ae16e5b951869b78fd34165c020a807caaf12df15736decb8773b36
b1276adca00b19d123d3829d7657445758c774ef42342e8184e844c691af0ef7
b13cf50d039aa8a07ee03865eb8d18b5d9a026126454714d7934ecbc444effd9
b2030569339b862f00a936d97af228b1bc2500d7f7162abc23be7d8acc710482
b4210e08bd690da4fc764928b6750d37bd6110f3aaee764058a960a44760ad60
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c2cf5c25d11c6ec293d0208f89d3a9ae98afdbaece2d151c8db460f81f6d1629
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cb71d4020387c1cb7d70bc49ae11783f47a1bf619bb60ddf93855ba73378e68f
cbe3f8abaa9c986c3f25d246fea53f686a6086d15cc12cb2ac5e6c1e2940e436
cc0d49dfd20b6ece5010cdd54bdefad3fe2df62828dc6c579cbaf5a4e63a9fe0
cf658e5812fe693304264a1b126dc3e36f9ee7f849afbf560508074166c4c5d2
d2429dfbe741449bf01449b46bbf212b18f464038995e771ca9a4bb1e0925610
d352378469bf1a7557278d791064f7dfa7d9b39e7762b0344fca2028cb8b098b
d422135203d1e49c401349c8dc9372dfa93398de8c8aa0b191cb202871b05ce7
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d685304b9378321ae50ae48e05f5a9e6c24bc29e9d410bef18b581aa07159391
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db20e355eec38641464097836c909673eebdadf82ace277df50847eea9e060b8
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
de0f76c32a759f08ed51bd8d1d9a13a3df2174d3a6e3e2cb8959978c12e8fbdc
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e20ca598957caa203fcfe3739b93ff3c000bcacd662eb20c120c24bc52abeaa2
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a19c48cde63c5e0f603328e87fc67b2289b9157120b26fcf52fccf1793ab2e
e6308b7ee169eb29791819a3e85f47fc7517fa45afa6d031b147a0d5bae2b25e
e830fb2cd84ed7cc6eb54b4f7b682ddc8bf7dfe2bc02c3662631f0ee9abda2b7
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
ed4a43e0f2d9c8c6f9f81f98134586752936ce086697ae39d5ff849df237ca75
ee49cb23b0d017ee581357ad7e62cd125a41509c1c0d1543d731f48c6022e66d
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f49ee6865adfa19b7a80104eeeea91a42b07dc3f9bcef001ccb142da35f4ede8
f5a955b844dcf924eada41dc4914ff2ed7b5d503380f45b216f6b7ca43aa2e85
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fc9595ee8439c5d2990126d60c5587c1120741b96a168e278e6d47defccea5fa
fdbd7d1b7a9ab3237ec3d3096ddfd6e57246c21290abad11b4cd5696582074c6
ff7752702f4c4c362f1eaec396e6aac8a0aadf3def7dc0817e558c60ce20f0c5