reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://reurl.cc/
Effective URL:
https://reurl.cc/main/en
Submission: On April 01 via api (April 1st 2023, 5:12:47 am UTC) from AU — Scanned from AU

Summary HTTP 258 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 32 domains to perform 258 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 304750.
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	35.185.130.121 35.185.130.121	15169 (GOOGLE) (GOOGLE)
6	104.16.87.20 104.16.87.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.149.98.30 34.149.98.30	15169 (GOOGLE) (GOOGLE)
9	142.250.4.156 142.250.4.156	15169 (GOOGLE) (GOOGLE)
20	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	172.217.194.97 172.217.194.97	15169 (GOOGLE) (GOOGLE)
1 1	138.199.46.68 138.199.46.68	60068 (CDN77 ^_^) (CDN77 ^_^)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	13.227.254.48 13.227.254.48	16509 (AMAZON-02) (AMAZON-02)
11	142.251.10.147 142.251.10.147	15169 (GOOGLE) (GOOGLE)
37	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
9	74.125.200.94 74.125.200.94	15169 (GOOGLE) (GOOGLE)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
5	74.125.24.138 74.125.24.138	15169 (GOOGLE) (GOOGLE)
6	157.240.13.35 157.240.13.35	32934 (FACEBOOK) (FACEBOOK)
6	74.125.200.156 74.125.200.156	15169 (GOOGLE) (GOOGLE)
6	52.194.43.130 52.194.43.130	16509 (AMAZON-02) (AMAZON-02)
1	34.95.67.231 34.95.67.231	() ()
1 4	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	18.155.68.87 18.155.68.87	16509 (AMAZON-02) (AMAZON-02)
1	104.16.252.4 104.16.252.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.150.31 172.67.150.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.78.135 192.0.78.135	2635 (AUTOMATTIC) (AUTOMATTIC)
1	172.67.178.125 172.67.178.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.149.120.3 34.149.120.3	15169 (GOOGLE) (GOOGLE)
1	34.102.176.152 34.102.176.152	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.185.136.122 35.185.136.122	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
3	74.125.130.154 74.125.130.154	15169 (GOOGLE) (GOOGLE)
5	172.217.194.157 172.217.194.157	15169 (GOOGLE) (GOOGLE)
2	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
4	54.178.144.59 54.178.144.59	16509 (AMAZON-02) (AMAZON-02)
4	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
6 12	34.96.119.68 34.96.119.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 6	172.104.45.159 172.104.45.159	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1	74.125.130.94 74.125.130.94	15169 (GOOGLE) (GOOGLE)
5	142.251.12.94 142.251.12.94	15169 (GOOGLE) (GOOGLE)
2 2	142.251.12.157 142.251.12.157	15169 (GOOGLE) (GOOGLE)
2	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
2	182.161.73.129 182.161.73.129	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
4	182.161.73.145 182.161.73.145	() ()
6	172.217.194.155 172.217.194.155	() ()
2	74.125.130.132 74.125.130.132	() ()
11	74.125.68.132 74.125.68.132	() ()
1	142.251.12.132 142.251.12.132	() ()
2	172.253.118.95 172.253.118.95	() ()
258	45

8 35.185.130.121 (Taipei, Taiwan) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com

storage.reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
17c52f98-3b68-4d0a-89a5-c08001f24eed.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.97 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.46.68 (Singapore) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-46-68.bunnyinfra.net

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 13.227.254.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-48.sin52.r.cloudfront.net

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.10.147 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.24.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f138.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 157.240.13.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.194.43.130 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.67.231 (None, )

ASN- ()

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.76.93 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.155.68.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-87.sin52.r.cloudfront.net

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.252.4 (None, )

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.150.31 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.135 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.178.125 (United States)

ASN13335 (CLOUDFLARENET, US)

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.120.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.120.149.34.bc.googleusercontent.com

www.rayskyinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.185.136.122 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 122.136.185.35.bc.googleusercontent.com

re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.130.154 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f154.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

scontent-syd2-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.178.144.59 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-144-59.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.96.119.68 (Kansas City, United States) 6 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.104.45.159 (Singapore) 6 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1625-159.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.130.94 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.157 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.181 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 182.161.73.145 (None, )

ASN- ()

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.194.155 (None, )

ASN- ()

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.130.132 (None, )

ASN- ()

4715d7a5ce1e943f7da2ef0322d21961.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c31505d756ab380a71150d2421f18107.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 74.125.68.132 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.132 (None, )

ASN- ()

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.118.95 (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	holmesmind.com 1 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 136332 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 196998 fcm.holmesmind.com c.holmesmind.com — Cisco Umbrella Rank: 103184 adcdn.holmesmind.com — Cisco Umbrella Rank: 147657 ad.holmesmind.com — Cisco Umbrella Rank: 99288 m.holmesmind.com — Cisco Umbrella Rank: 278361	243 KB
36	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 760 scontent-syd2-1.xx.fbcdn.net — Cisco Umbrella Rank: 42202 external-syd2-1.xx.fbcdn.net Failed	590 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 4715d7a5ce1e943f7da2ef0322d21961.safeframe.googlesyndication.com c31505d756ab380a71150d2421f18107.safeframe.googlesyndication.com tpc.googlesyndication.com	366 KB
20	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 79559 17c52f98-3b68-4d0a-89a5-c08001f24eed.t.ssp.hinet.net 608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net	23 KB
18	appier.net 12 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 44243 gocm.c.appier.net — Cisco Umbrella Rank: 2331	3 KB
15	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 cm.g.doubleclick.net — Cisco Umbrella Rank: 228 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201	353 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	617 KB
14	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 90	83 KB
10	reurl.cc 1 redirects reurl.cc — Cisco Umbrella Rank: 304750 storage.reurl.cc	39 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	52 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	127 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
4	criteo.com bidder.criteo.com	1 KB
4	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 19777	681 B
4	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 111070 www.google.com.au — Cisco Umbrella Rank: 22017	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	91 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	scupio.com prebid.scupio.com — Cisco Umbrella Rank: 74829	4 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 670	80 KB
2	re-news.tw storage.re-news.tw re-news.tw	32 KB
1	ampproject.org cdn.ampproject.org
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	462 B
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3491	622 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5346	195 KB
1	rayskyinvest.com www.rayskyinvest.com	41 KB
1	racingcharger.tw img.racingcharger.tw	96 KB
1	creditcards.com.tw creditcards.com.tw	76 KB
1	gbyhn.com.tw img.gbyhn.com.tw	80 KB
1	prnasia.com mma.prnasia.com — Cisco Umbrella Rank: 915285	97 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	5 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 11957	726 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	81 KB
258	32

	Domain	Requested by
34	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
30	cdn.holmesmind.com	reurl.cc cdn.holmesmind.com ad.holmesmind.com
17	t.ssp.hinet.net	reurl.cc cdn.holmesmind.com t.ssp.hinet.net
12	ad2.apx.appier.net	6 redirects reurl.cc
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net reurl.cc tpc.googlesyndication.com
11	www.google.com	reurl.cc www.gstatic.com www.google.com tpc.googlesyndication.com
10	securepubads.g.doubleclick.net	reurl.cc securepubads.g.doubleclick.net
9	www.gstatic.com	www.google.com www.gstatic.com
9	pagead2.googlesyndication.com	reurl.cc pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
8	reurl.cc	1 redirects reurl.cc
6	gocm.c.appier.net	6 redirects
6	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
6	www.facebook.com	reurl.cc static.xx.fbcdn.net
6	cdn.jsdelivr.net	reurl.cc
5	fonts.gstatic.com	www.google.com reurl.cc fonts.googleapis.com
5	www.google-analytics.com	reurl.cc www.googletagmanager.com www.google-analytics.com
4	bidder.criteo.com	static.criteo.net
4	prebid-asia.creativecdn.com	cdn.holmesmind.com
4	ad.holmesmind.com	cdn.holmesmind.com
4	adcdn.holmesmind.com	cdn.holmesmind.com
4	c.holmesmind.com	1 redirects cdn.holmesmind.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.com.au	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	connect.facebook.net	reurl.cc connect.facebook.net
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
2	prebid.scupio.com	cdn.holmesmind.com
2	static.criteo.net	cdn.holmesmind.com
2	m.holmesmind.com	cdn.holmesmind.com
2	cm.g.doubleclick.net	2 redirects
2	scontent-syd2-1.xx.fbcdn.net	www.facebook.com reurl.cc
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	storage.reurl.cc	reurl.cc
1	cdn.ampproject.org	securepubads.g.doubleclick.net
1	c31505d756ab380a71150d2421f18107.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	4715d7a5ce1e943f7da2ef0322d21961.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.com.au	reurl.cc
1	17c52f98-3b68-4d0a-89a5-c08001f24eed.t.ssp.hinet.net	reurl.cc
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	i0.wp.com	reurl.cc
1	re-news.tw	reurl.cc
1	static.wixstatic.com	reurl.cc
1	www.rayskyinvest.com	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	creditcards.com.tw	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	mma.prnasia.com	reurl.cc
1	fcm.holmesmind.com	cdn.holmesmind.com
1	storage.re-news.tw	reurl.cc
1	cdnjs.cloudflare.com	reurl.cc
1	cdn.rawgit.com	1 redirects
1	www.googletagmanager.com	reurl.cc
0	external-syd2-1.xx.fbcdn.net Failed	reurl.cc
258	54

This site contains links to these domains. Also see Links.

Domain
imgus.cc
youtils.cc
aiieyes.com
re-news.tw
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
storage.reurl.cc GTS CA 1D4	`2023-02-27` - `2023-05-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.t.ssp.hinet.net	`2022-04-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.prnasia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-12-08`	a year	crt.sh
*.gbyhn.com.tw GTS CA 1P5	`2023-03-29` - `2023-06-27`	3 months	crt.sh
tls.automattic.com R3	`2023-03-24` - `2023-06-22`	3 months	crt.sh
*.rayskyinvest.com R3	`2023-03-09` - `2023-06-07`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-05` - `2023-09-01`	6 months	crt.sh
re-news.tw R3	`2023-03-01` - `2023-05-30`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.google.com.au GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh

This page contains 31 frames:

Primary Page: https://reurl.cc/main/en
Frame ID: 25AC7C6036E9E2AFB49803C267B5C933
Requests: 54 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 2E2AA9AB723EBAFB565695FDD7A73CAD
Requests: 49 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 656BC34450179E6E1F57EC87A2E4148E
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 238A92A62ED442FEBC30849E832120CE
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: FB39719C7205A47CC493F8C66905F2A2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html
Frame ID: 8734974F231C1BB9BADBC64C57FDAB29
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 052CF4E3157F9A3302FB616339304B9A
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 517324D8AD9D7341458BFEE62EC96C89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9999486404371312&output=html&adk=1812271804&adf=3025194257&lmt=1680325961&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680325960992&bpp=3&bdt=1324&idt=551&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6961527917306&frm=20&pv=2&ga_vid=466576723.1680325961&ga_sid=1680325962&ga_hid=1140901553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073378&oid=2&pvsid=663630694246745&tmod=1065103896&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=576
Frame ID: 05E6B443CD304C060DF6DDCA91071767
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=5iuneqe903lq
Frame ID: DD827A17CC739A109BFF203916156B3B
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Frame ID: E5336EB9B1F959A7383739BC7A6C77E8
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: CC299431BA699FB1AD7694682B205B91
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 99A199026C90AAE8236B4509E3F809CB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Frame ID: EF77E8B6FDABEE80679CADB6264AD385
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: AEA843B546DBD70A92B4CDB5E00D85B8
Requests: 17 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Frame ID: 881CCAF562B1847DD44E0B6325C85E70
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 4687E198814F533B2542EDCDC798CB34
Requests: 17 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: 677F9A0D49C44AFA24EED87344ED804E
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 54A7DDAB971BBA0EDC70C3EAEA3A3449
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: D1D55190B772867FE1DCF94EB5528C59
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: DB9F1C95EB140E7399DA86A8ABD56F86
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C6C9BD496053319C15921043B3389D4A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: BE37139C50D8127DB636F15C320723F2
Requests: 8 HTTP requests in this frame

Frame: https://4715d7a5ce1e943f7da2ef0322d21961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: 441AF26858533E578C1C0664DE35B3AF
Requests: 1 HTTP requests in this frame

Frame: https://c31505d756ab380a71150d2421f18107.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: 6271DD90AE00E5FC1D4C791B1A20D829
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012303151529000/amp4ads-v0.mjs
Frame ID: 2E4CBBF00E0F69C59D6A0153E3F2613E
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 757D1960FDB1606FC62A18F506CFAA20
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E85D279DB59087313461DB0958A78D84
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 912C97E25918D00BE42C921947637091
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29C7D697C682ECD46EAD077D35EB5920
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012303151529000/amp4ads-v0.mjs
Frame ID: 0D3BF0E072ED19A5AAEF4BC9087E5D3F
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

URL Shortener - reurl

Page URL History Show full URLs

https://reurl.cc/ HTTP 302
https://reurl.cc/main/en Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

258
Requests

87 %
HTTPS

0 %
IPv6

32
Domains

54
Subdomains

45
IPs

6
Countries

4018 kB
Transfer

8831 kB
Size

29
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://imgus.cc/
Title: Imgus

Search URL Search Domain Scan URL

URL: https://youtils.cc/yt-dlp/main/en
Title: Download youtube

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: what is utm?

Search URL Search Domain Scan URL

URL: https://aiieyes.com/?utm_source=reurl&utm_medium=cpc&utm_campaign=f202302&utm_term=testtype01

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/4058396_XG58396_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/47895

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/244790

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/37886

Search URL Search Domain Scan URL

URL: https://re-news.tw/rayskyinvest/98387

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/64019cafb97a8a05a7412b28

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/25257

Search URL Search Domain Scan URL

URL: https://re-news.tw/renews/151

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/14027

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: Emoji

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: Geo IP

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: Big5/GB Converter

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QR Code

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: Length Converter

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: Taiwan Stock

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: Word Counter

Search URL Search Domain Scan URL

URL: https://youtils.cc/password/zh-Hants
Title: Password Generator

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: Date Calculator

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: Lunar Calendar

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://reurl.cc/ HTTP 302
https://reurl.cc/main/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js HTTP 301
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

Request Chain 36

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 98

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA

Request Chain 99

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=-ph_mpKZADaGwwK8S70nZA

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEH5XCMJEuOrKXHRWEGnjqm8&google_cver=1

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEPbGHN1-hmRtW74qIdKXrqY&google_cver=1

Request Chain 186

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA

Request Chain 188

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA

Request Chain 193

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA

Request Chain 194

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA

258 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en Show response
reurl.cc/main/
Redirect Chain

https://reurl.cc/
https://reurl.cc/main/en

14 KB
5 KB

234ms
234ms

Document
text/html

35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a794fbaadb2023fbd4b9627c15e5dd46cbfd88d6b889afa79bfac018c1af9d7b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 01 Apr 2023 05:12:39 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

Redirect headers

content-length: 31
content-type: text/html; charset=utf-8
date: Sat, 01 Apr 2023 05:12:39 GMT
location: /main/en
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
25 KB 314ms
109ms Stylesheet
text/css 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 802933
x-jsd-version: 4.3.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230028-FRA, cache-yyz4557-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46ALNH2Rk8ruOcqNVLD4hurMul%2BMI%2BvWy6%2B%2F3uBspBxui6pS%2BRzsuPGqpBybZo76DXuSBAyy8NcuMqpoL6iiL0ZXvSjm8fCv0ESOij4qhKh4WhM%2BL2LV5AIeh0UXECqavik%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b0e56a18feda835-SYD

GET
H2 200 style.css
storage.reurl.cc/stylesheets/rwd/ 2 KB
1 KB 437ms
232ms Stylesheet
text/css 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/stylesheets/rwd/style.css
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:10:15 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 145
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public,max-age=28800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 918

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 597ms
207ms Script
text/javascript 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9999486404371312

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

d352378469bf1a7557278d791064f7dfa7d9b39e7762b0344fca2028cb8b098b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Origin: https://reurl.cc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48339
x-xss-protection: 0
server: cafe
etag: 2588514286160299162
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 05:12:40 GMT

GET
H2 200 pixel.js Show response
reurl.cc/javascripts/ 429 B
524 B 229ms
229ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/main/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:39 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-1ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 31 Mar 2024 05:12:39 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 5 KB
3 KB 1068ms
297ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 01 Apr 2023 05:22:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
81 KB 591ms
202ms Script
application/javascript 172.217.194.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

fdbd7d1b7a9ab3237ec3d3096ddfd6e57246c21290abad11b4cd5696582074c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82154
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 01 Apr 2023 05:12:40 GMT

GET
H3

200

clipboard.min.js Show response
cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/
Redirect Chain

https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

11 KB
4 KB

115ms
115ms

Script
application/javascript

104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 286105
x-jsd-version: 1.7.1
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-yyz4550-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2aa5-qeaI8MJlRinRJjDbMhGpT3WiLLY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClkhuOuvm2pyrf%2FN3%2BmUi3hU4uV7lASpfpN5DuhDTf%2F7a%2FoQtLMRqeZYzZfRm5CpfC2DQmB%2BX%2FrpM4dKdtpyClNPUYFjxFrevrz%2BuiCur3JIZRzSkS4xfZaYB7oHkYIN8nQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b0e56aa481ba8c5-SYD

Redirect headers

date: Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 868
age: 3055
x-cache: MISS, HIT
cdn-cachedat: 04/01/2023 05:12:41
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 113
x-served-by: cache-fra-eddf8230071-FRA, cache-chi-kigq8000118-CHI
server: BunnyCDN-SG1-868
cdn-proxyver: 1.03
cdn-requestpullcode: 301
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers: *
cache-control: public, max-age=2592000
cdn-cache: EXPIRED
cdn-requestid: 29f2c1905bc2ebff227a71d2600ebaf9
timing-allow-origin: *
cdn-requestcountrycode: AU
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 13 KB
5 KB 308ms
105ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7287851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4224
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6a-3580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeupUkXpOa2qOxw%2Ffx1uVvU1GMf0NZ7IqCcCnQ6MHt9f6G3jqDxFoh%2BfKg5hlztrsRXcanaMLkC%2Bmrt%2Bdufdiq7gtIdc3m2wso5UcpMQ%2BCnVo3%2FmJzlTlC7KxuqM1UK3Nyf%2Fgkav"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b0e56a448ffa974-SYD
expires: Thu, 21 Mar 2024 05:12:40 GMT

GET
H2 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.net/npm/sweetalert2@9/dist/ 66 KB
18 KB 396ms
392ms Script
application/javascript 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@9/dist/sweetalert2.all.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-jsd-version: 9.17.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230045-FRA, cache-yyz4552-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"1080d-uB5K/9b4efMtYCfkBM9HcldmPDk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YPEZT1tsBMmKhxjFn6rsw1F8uP1xOFfiSwKPcp%2F95kiROsppUA2TsAihb0KOhJ0jGpVVjB0lJCQXY4QpeM5x8RCe24E%2F2Yw07Kmng9yZ9EZ8zuutYSKClIbGK9cGp0L4kQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7b0e56a3092fa835-SYD

GET
H2 200 FileSaver.js Show response
reurl.cc/javascripts/ 4 KB
2 KB 460ms
457ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/FileSaver.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5ad88988f5871797f8a6ae266d8cf7449aaaa85007064bf7fcc256abb80b39d7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/main/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:40 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-efa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 31 Mar 2024 05:12:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 593ms
205ms Script
text/javascript 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

03e8ad03b544f04661b5c5d7608552a26d56e30968072f81ab1b58b05c5e742a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48366
x-xss-protection: 0
server: cafe
etag: 8805497498132641959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 05:12:40 GMT

GET
H2 200 aieyes_720x90_1.jpg
storage.reurl.cc/images/ 24 KB
21 KB 236ms
234ms Image
image/jpeg 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.reurl.cc/images/aieyes_720x90_1.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 40d0de6c923c31f8df453337e0539edfc00a4a4a02ca8fcd84282ce328a76e92

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:10:17 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 06 Feb 2023 15:10:38 GMT
age: 143
vary: Accept-Encoding
content-type: image/jpeg; charset=UTF-8
cache-control: public,max-age=28800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21655

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.4.1/dist/ 86 KB
31 KB 108ms
107ms Script
application/javascript 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.4.1/dist/jquery.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3270770
x-jsd-version: 3.4.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230115-FRA, cache-yyz4533-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"15851-iFI5JDUbrAtdVg/gxXgeJVbnaT0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXXzRkLzmaE%2BS7Fy6KgVIGuD3vzSJCv20F%2F%2B7n6cQeT9aqcHv0zpjq7yiIxjiqkXKXKdX%2BKkPHzF8CdGmqT2SuzgB7SvtAfKPDCTbgyX7CdrmYoyLdZM8JBaHVy8xXha%2Frc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b0e56a258ada835-SYD

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/ 59 KB
16 KB 110ms
110ms Script
application/javascript 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3228963
x-jsd-version: 4.4.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230118-FRA, cache-yyz4526-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"ea6a-s8EWxl5vBTqqtF5WGaeOwAJxpQ8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2B6P%2BzOrk5hDjEDQ5qXMYmfoH923%2Fv8MezlDLoqD3sQ9bLPjHQ7Zf%2BzWYMkRXf5nZf7MzS2gXyT%2B6nyV4vzG5UM2aeeAbP%2Bgme4Urcm6fNwEXZO9ACZ3nQIzR%2BoPq7NbZ3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b0e56a2f925a835-SYD

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
32 KB 123ms
118ms Script
application/javascript 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 433299
x-jsd-version: 2.5.16
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230020-FRA, cache-yyz4542-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeLDkF7UoovqlQY%2FAeGvGdy3rfa37ZrX0FS76K5nDFZrBdE8FLwkEOPLg0Mpaw59Oae39AssA9i1fg%2B8BZM7GIaYS%2B7hZGs8BLxNEhCDLdAXan7w6X5UbfmiRDTIaxpwHZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b0e56a3092ca835-SYD

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ 17 KB
17 KB 756ms
228ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53df1526fdc2b4f441555de54276736c9e11bca04fefa66d67a1c6185fcb24d2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: NmvnCETKmHaa44I3_nDmZEw6htrjAo1Z
date: Sat, 01 Apr 2023 05:12:36 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:30 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 5
x-amz-server-side-encryption: AES256
etag: "5f199ebe685ea58160019a49b75a72c9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 16908
x-amz-cf-id: M5asrP2cQ_zbEpzoQYl4i0oXj_70o8uUOyG2YXLtlj-nNVEgN67G5w==

GET
H2 200 vue-qrcode.min.js Show response
reurl.cc/javascripts/ 18 KB
7 KB 234ms
229ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/vue-qrcode.min.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0165c15a2bedf362f02f1dd1835b5c625faa48d7c0807de80cc4dd3ca40de809

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/main/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:40 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-46e9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 31 Mar 2024 05:12:40 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
879 B 587ms
197ms Script
text/javascript 142.251.10.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f147.1e100.net

Software

GSE /

Resource Hash

ee49cb23b0d017ee581357ad7e62cd125a41509c1c0d1543d731f48c6022e66d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 559
x-xss-protection: 1; mode=block
expires: Sat, 01 Apr 2023 05:12:40 GMT

GET
H2 200 main.js Show response
reurl.cc/javascripts/ 3 KB
1 KB 235ms
231ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/main.js?v=15
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f49ee6865adfa19b7a80104eeeea91a42b07dc3f9bcef001ccb142da35f4ede8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/main/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:40 GMT
content-encoding: gzip
last-modified: Sat, 01 Oct 2022 01:29:32 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"633797fc-bce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 31 Mar 2024 05:12:40 GMT

GET
H2 200 renews.js Show response
reurl.cc/javascripts/ 412 B
493 B 236ms
232ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/main/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:40 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-19c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 31 Mar 2024 05:12:40 GMT

GET
H2 200 ga2.js Show response
reurl.cc/javascripts/ 536 B
550 B 237ms
233ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/ga2.js?v=2
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/main/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:40 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-218"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 31 Mar 2024 05:12:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 599ms
199ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 01 Apr 2023 05:12:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: V3ASnbMn7JtHkHELfS2czxBpGiEXCuufMW7PJ4FvwtVFvZ5Wood7ATxeNc98ryT+q6JyAssnQicu08JEAhoULA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ 407 KB
163 KB 582ms
193ms Script
text/javascript 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

db20e355eec38641464097836c909673eebdadf82ace277df50847eea9e060b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Origin: https://reurl.cc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 09:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166464
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 09:21:29 GMT

GET
H2 200 feeds Show response
storage.re-news.tw/ 7 KB
8 KB 447ms
240ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 2f6c4eef1c3efc8673cf409110ca75fe96ad43a3d4a7fa049a41872b30186c38

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1d45-dctewKpkXFWMkvGTxu5Exy6myrQ"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7493

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 573ms
191ms Script
text/javascript 74.125.24.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 01 Apr 2023 04:31:18 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2483
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 01 Apr 2023 06:31:18 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 2E2A 97 KB
27 KB 883ms
483ms Document
text/html 157.240.13.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-sin6.facebook.com

Software

Resource Hash

38bf6598faa4b9c7c37f9e8005ea21f722b9517fbbe2b0689f9ca00ad309d47c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 05:12:41 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: ghu+EK1UnsdCbVARn9eMUAMa3EeNGqtlxyJodnpLaJm1bkcDo4SbM4twmrz9sQG4MJ+BMtynrOjgBKA/OcSDtA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 656B 7 KB
8 KB 212ms
211ms Document
text/html 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 50
content-length: 7381
content-type: text/html
date: Sat, 01 Apr 2023 05:11:57 GMT
etag: "7043648f76be8783efb738bc06c56fa0"
last-modified: Fri, 31 Mar 2023 15:21:45 GMT
server: AmazonS3
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
x-amz-cf-id: vc64Qp71wr0zS7dpxSFoiWVIEcmI9nk7bCnu9AACe-1d21gq3rdmyA==
x-amz-cf-pop: SIN52-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: 4BhfENuGUTP_rjuxb32PLd6Fa6sNMJ1C
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ 662 B
1 KB 213ms
212ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: RT47g4fp1acSBH2K._w2Z6.lk4UvPqm6
date: Sat, 01 Apr 2023 05:12:40 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:14 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 6
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: tH4uP7CO1ayRFDTF_112Wyi34ciTxXPycPhHiJR9XhzRz8aq9bsVnw==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 238A 15 KB
16 KB 231ms
230ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: qiPqCGDTpGddpaFLW1o7mHS6b8EM0L6n
date: Sat, 01 Apr 2023 05:12:40 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:28 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 12
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: FecNmo3GUU-IEJ1DTb8inYxj4HEbrpGngS81hEdvTcgF23DTAB1Vgw==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame FB39 15 KB
16 KB 256ms
256ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: qiPqCGDTpGddpaFLW1o7mHS6b8EM0L6n
date: Sat, 01 Apr 2023 05:12:40 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:28 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 12
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: 9Ignv4SRtKh9voH-JA0-jCxKXGUCAe5Q6U-3vCLJdqc9dzTJ7cvLvQ==

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/ 350 KB
117 KB 224ms
223ms Script
text/javascript 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9999486404371312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

adfdffd27a3849c62169200dc83c9d8e535613e960adf14566f65ab109d9678b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119834
x-xss-protection: 0
server: cafe
etag: 5457128697396451250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 05:12:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/ Frame 8734 10 KB
5 KB 576ms
190ms Document
text/html 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9999486404371312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 7872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 03:01:29 GMT
etag: 2378337311435320485
expires: Sat, 15 Apr 2023 03:01:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 150 KB
41 KB 199ms
198ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

9c9f87285251bbcc9a701bc74e755b0c48e1321efdccafd33c28896b40aa3ff3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 01 Apr 2023 05:12:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 42315
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: WuF5pZtocRF8jBNcWNzSlvyU0LvY+Zk1kNi8mGuHr3JDDdgLIetJ7EJ+sYKEW42CFPCm1xyA1oc2GMg8YWOJKA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 052C 0
218 B 957ms
245ms Document
text/html 52.194.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 01 Apr 2023 05:12:41 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 502 cm.php Show response
fcm.holmesmind.com/ Frame 5173 332 B
482 B 6518ms
6302ms Document
text/html 34.95.67.231

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
content-type: text/html; charset=UTF-8
date: Sat, 01 Apr 2023 05:12:47 GMT
referrer-policy: no-referrer

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 656B 5 KB
3 KB 298ms
297ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 01 Apr 2023 05:22:41 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 656B
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
508 B

299ms
298ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Sat, 01 Apr 2023 05:12:41 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 656B 0
217 B 960ms
248ms Image
text/html 52.194.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

POST
H2 204 collect
www.google-analytics.com/g/ 0
166 B 234ms
233ms Ping
text/plain 74.125.24.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je33t0&_p=1140901553&cid=466576723.1680325961&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680325961&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fmain%2Fen&dt=URL%20Shortener%20-%20reurl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f138.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 05:12:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 238A 536 B
632 B 755ms
199ms Script
text/html 18.155.68.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13858
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-87.sin52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 051141599f128f399f2cd53514ee1c28ba9d269ce1b065ba81dcc4b11a5d3b02

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:03:06 GMT
content-encoding: gzip
via: 1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: SIN52-P1
age: 575
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: JN1tDgL081tTmbfXvg4Pr8CKXRYeGMjpQ6h2gRbjz83YkXDbofm-dQ==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame FB39 606 B
647 B 732ms
200ms Script
text/html 18.155.68.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13860
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-87.sin52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e830fb2cd84ed7cc6eb54b4f7b682ddc8bf7dfe2bc02c3662631f0ee9abda2b7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:03:06 GMT
content-encoding: gzip
via: 1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: SIN52-P1
age: 575
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: GLkESN1IGoY5ICQQLKt1mLFrTpJfwBce3WzZ7svU5kqev9qJOCZpOg==

GET
H2 200 Dr_Pradeep_Dr_Arika.jpg
mma.prnasia.com/media2/2045071/ 96 KB
97 KB 327ms
119ms Image
image/jpeg 104.16.252.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/2045071/Dr_Pradeep_Dr_Arika.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.252.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e6308b7ee169eb29791819a3e85f47fc7517fa45afa6d031b147a0d5bae2b25e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
cf-cache-status: HIT
age: 34889
x-powered-by: ASP.NET
server-timing: intid;desc=efcd6de5c39a4568
content-length: 98284
cf-bgj: h2pri
last-modified: Fri, 31 Mar 2023 19:31:11 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=1
accept-ranges: bytes
cf-ray: 7b0e56aaf864a820-SYD
access-control-allow-headers: Content-Type
expires: Fri, 31 Mar 2023 19:31:12 GMT

GET
H2 200 1680269913-5ee6808f8b90abcba2439ba5842c4a5c-840x525.jpg
img.gbyhn.com.tw/2023/03/ 79 KB
80 KB 373ms
105ms Image
image/jpeg 172.67.150.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2023/03/1680269913-5ee6808f8b90abcba2439ba5842c4a5c-840x525.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b13cf50d039aa8a07ee03865eb8d18b5d9a026126454714d7934ecbc444effd9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15285
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81264
last-modified: Fri, 31 Mar 2023 13:38:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2Z2HA0K3EJauZXKcOUoNcDROmfahTQisif%2FSfOLCdau9xdJ1DaQaxtIA%2Fi1Lr7hIHYUpJA0o%2Bx%2FsDt3p6vhfrN1XToQb3gQwamre7AW0Kn0zWHJNKYdBSUPxzGtrh%2ByI%2FOE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b0e56ab5dea5581-SYD
expires: Fri, 07 Apr 2023 13:41:25 GMT

GET
H2 200 2021-%E7%8E%89%E5%B1%B1%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2021/02/ 75 KB
76 KB 757ms
247ms Image
image/webp 192.0.78.135
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2021/02/2021-%E7%8E%89%E5%B1%B1%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.135 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ed4a43e0f2d9c8c6f9f81f98134586752936ce086697ae39d5ff849df237ca75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ac: 2.syd _atomic_bur BYPASS
content-length: 76986
x-nc: HIT bur 8
last-modified: Fri, 04 Feb 2022 06:55:42 GMT
server: nginx
etag: "351d22c20a1d2ac4"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:55:42 GMT

GET
H2 200 2023032913521492.jpg
img.racingcharger.tw/wp-content/uploads/ 96 KB
96 KB 545ms
110ms Image
image/jpeg 172.67.178.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2023032913521492.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4db0e1f96890dfbbbfd8f552577cac8d05ad77a021d1b7a2d14da1e0ff02ee9a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 13:52:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2913
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nc92pHVldGArWMfuhPnBLDOonOUDkM7D7N%2BlRHIIXjy92Np4uyLR68xYluMRD0KT6t5I0MtL%2B3TrIUN2sI9qBQKUTeOCFfswkJmYc3lb1bu5eUJGPohF5Sm4jeNn6yyMhCy9Zb2Hqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7b0e56ac6b7ca962-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98176

GET
H2 200 %E3%80%902023%E5%B9%B4-3_4-%E6%9C%88%E9%99%90%E6%99%82%E6%B4%BB%E5%8B%95%E3%80%91%E6%B4%BE%E7%B6%B2%E5%90%88%E7%B4%84%E5%AF%B5%E7%B2%89%E6%B4%BB%E5%8B%95-750x375.jpg
www.rayskyinvest.com/wp-content/uploads/2023/03/ 41 KB
41 KB 628ms
100ms Image
image/jpeg 34.149.120.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/2023/03/%E3%80%902023%E5%B9%B4-3_4-%E6%9C%88%E9%99%90%E6%99%82%E6%B4%BB%E5%8B%95%E3%80%91%E6%B4%BE%E7%B6%B2%E5%90%88%E7%B4%84%E5%AF%B5%E7%B2%89%E6%B4%BB%E5%8B%95-750x375.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.149.120.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 3.120.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 062846e8d28e4b414ed35cb7885ff381f020faafaa66fd379cf9191566f81827

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 01 Apr 2023 05:12:41 GMT
expires: Sat, 30 Mar 2024 15:16:22 GMT
last-modified: Wed, 22 Mar 2023 14:17:42 GMT
server: nginx
etag: "641b0e06-a41c"
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 42012
x-cdn-c: all
x-sg-cdn: 1

GET
H2 200 file.png
static.wixstatic.com/media/08c74d_3d9ddf04531043dcb39d78ecb7e101c5~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 194 KB
195 KB 308ms
101ms Image
image/png 34.102.176.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/08c74d_3d9ddf04531043dcb39d78ecb7e101c5~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.21.4.1 /
Resource Hash: a66ba6dda43ebd256dfc3de9235b98ec5b0c5e1274868d3d38f333679bb2ef18

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 07:41:49 GMT
via: 1.1 google
server: openresty/1.21.4.1
age: 1632652
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199163
wix-tracer: 2MwzD7yZ6LtbaBhyslbk5cABy1w
x-seen-by: image-manipulator-5fdcdfd696-hkqk2

GET
H2 200 renews-title1.png
re-news.tw/images/ 24 KB
24 KB 829ms
228ms Image
image/png 35.185.136.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re-news.tw/images/renews-title1.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.136.122 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.136.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
last-modified: Sun, 28 Nov 2021 04:19:19 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "61a30347-5fad"
content-length: 24493
content-type: image/png

GET
H2 200 1672766450-7-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/01/ 621 KB
622 KB 298ms
98ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg?fit=2560%2C1920&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

8377e96dd5a60df39397d22401247e3e3c51f9121019c3908cef680ab52603d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT syd 1
date: Sat, 01 Apr 2023 05:12:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Jan 2023 08:56:02 GMT
server: nginx
etag: "a3380a855d512ea6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg>; rel="canonical"
content-length: 636186
expires: Wed, 08 Jan 2025 20:56:02 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
401 B 299ms
299ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

23da6bca460f1bd205972b4ba6110fb6c31e2731b41cf59cdf756a629dd19903

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
94 B 191ms
190ms XHR
text/plain 74.125.24.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1140901553&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=2116098208&gjid=1552120203&cid=466576723.1680325961&tid=UA-102456694-1&_gid=1836387400.1680325961&_r=1&_slc=1&z=127882741

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 05:12:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
131 B 191ms
190ms Image
image/gif 74.125.24.138
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1140901553&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=0&el=MTczLjI0NS4yMDkuMTQx&ev=1&_u=IADAAEABAAAAACAAI~&jid=&gjid=&cid=466576723.1680325961&tid=UA-102456694-1&_gid=1836387400.1680325961&z=2123439524

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 03:47:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5087
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 197ms
197ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 01 Apr 2023 05:12:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: U0Q5iZqtsk3afvQzQGa/MXAcbdZx00uOIT56g5GJWetEhzOkSXjeKgr6wrfJ/tU4FI3O9ap7zIVdPsNHxMEB4w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 656B 37 B
408 B 300ms
300ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1428e1bc09838ba1f051526c85ed869c50c04902807843084717a21cf830132e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
271 B 299ms
299ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=17c52f98-3b68-4d0a-89a5-c08001f24eed

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
462 B 197ms
192ms Script
text/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-9999486404371312

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

7f05353baa3e2dfc0ef79f7482ac4cd6e8af100ac91d9e4f99acb7d481836d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
531 B 633ms
195ms Script
application/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 580ms
194ms Script
application/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 193ms
192ms Image
image/gif 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-expand-lg%20navbar-dark%20bg-reurl%20fixed-top%20nav-no-padding&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 05:12:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 05E6 603 B
239 B 251ms
250ms Document
text/html 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9999486404371312&output=html&adk=1812271804&adf=3025194257&lmt=1680325961&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680325960992&bpp=3&bdt=1324&idt=551&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6961527917306&frm=20&pv=2&ga_vid=466576723.1680325961&ga_sid=1680325962&ga_hid=1140901553&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31073378&oid=2&pvsid=663630694246745&tmod=1065103896&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=576

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 05:12:41 GMT
expires: Sat, 01 Apr 2023 05:12:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
348 B 576ms
192ms XHR
text/plain 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-102456694-1&cid=466576723.1680325961&jid=2116098208&gjid=1552120203&_gid=1836387400.1680325961&_u=IADAAEAAAAAAACAAI~&z=923066155

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 01 Apr 2023 05:12:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
104 B 276ms
271ms Image
text/plain 157.240.13.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fmain%2Fen&rl=&if=false&ts=1680325961605&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1680325961604.1412548290&it=1680325961027&coo=false&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 01 Apr 2023 05:12:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 cTbBGs5I5HX.css
static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/ Frame 2E2A 20 KB
5 KB 595ms
197ms Stylesheet
text/css 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/cTbBGs5I5HX.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

4883c68c0f9c35d5c627c1c8e809b25d40dce3b0af37ac346c6587e8cd69920d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: N3D0ypMmq1H1d+3zpLnv1g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5049
x-fb-rlafr: 0
x-fb-debug: ihQ11wiehAuVlcKyS5W0wtmiES/mrx5ZYAi4HPg4vt3C6qSaJ19DfNQ6dusjgnpYpdVAZHlyqJnD7C4IkikSRg==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 17:34:43 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 2E2A 2 KB
1 KB 595ms
198ms Stylesheet
text/css 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: Jm7JzfUYWxV1pstMP6Qh/CJDsMd/5B4XjfgYWqSR7JFM4LkfZ+wC9vAggBCcSIdNkmcEnDKHp/2moWs4DgHXTg==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 17 Mar 2024 22:12:36 GMT

GET
H2 200 XMHgiwdrM2B.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame 2E2A 33 KB
7 KB 631ms
234ms Stylesheet
text/css 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/XMHgiwdrM2B.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

43cef17a32d6403565654fc0972e73949f5cdb2c7e51830898b0738078f89f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: x1EIOauApyTRaW/nXejV3Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6475
x-fb-rlafr: 0
x-fb-debug: orHCeP6sZ73YwI8O764tDrSmsMDhWTu1ftMDtR70qi6B/MpSAYC6p2Ugx16Ce8uzhCnMIUI3BFVDBgRhJA1suQ==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 28 Mar 2024 17:42:14 GMT

GET
H2 200 slynO9X9Ave.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/ Frame 2E2A 18 KB
5 KB 595ms
198ms Stylesheet
text/css 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,cross/slynO9X9Ave.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

a79ad475bdce90530467569d41f8319aea76030c5a4a52b30da61e2cd1d4d95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Skj8CquJcAqvq7GvnFMiCg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4754
x-fb-rlafr: 0
x-fb-debug: K9BsAZDem3194XrX9G+JMQfO5YLlCFpZQtuJ9oZsLLar1yJdL7Z/aIiK8gKHmOzfbgMI3Cgu1ldMTN9bPAI1zA==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 17:36:08 GMT

GET
H2 200 B3eazO-7VSi.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 2E2A 300 KB
79 KB 1110ms
713ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

87bae036cec691ad5dae2492440a08fe7eb4efbea0999e1e0d04f31b09218afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3uvMDzNNpcr1XPHhWpBWXA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 81159
x-fb-rlafr: 0
x-fb-debug: uCov0fpAblUHSB+pwFFe4PYojh7f/MP0btZjkc6PkHsMIbYW4NVBw45klOSGAVjxZOPRiEptBz/HKQvhRjvVdA==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 23:15:09 GMT

GET
H2 200 cm Show response
t.ssp.hinet.net/ 0
187 B 300ms
300ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=17c52f98-3b68-4d0a-89a5-c08001f24eed

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
17c52f98-3b68-4d0a-89a5-c08001f24eed.t.ssp.hinet.net/ 0
79 B 375ms
297ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://17c52f98-3b68-4d0a-89a5-c08001f24eed.t.ssp.hinet.net/pixel?bd=17c52f98-3b68-4d0a-89a5-c08001f24eed&t=a546ca&referrer=%25%25%20referrer%20%25%25

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:41 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 sN8pzo7zgao.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 2E2A 38 KB
12 KB 431ms
235ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/sN8pzo7zgao.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

b1276adca00b19d123d3829d7657445758c774ef42342e8184e844c691af0ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: A+MHdwa4tQA5oSoFTbkTkQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12398
x-fb-rlafr: 0
x-fb-debug: VUI3AF555fzWdRyE3FZ5OH7WK0PqQE1+YleY5UMRNv61XA9efrwKPiL+Syr7gc2vnE6kWlETmAg/32PPhrYYfQ==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 00:11:46 GMT

GET
H2 200 x9ob8vCc1UZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 2E2A 53 KB
16 KB 430ms
235ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/x9ob8vCc1UZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

d422135203d1e49c401349c8dc9372dfa93398de8c8aa0b191cb202871b05ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: x5WYKAb4xvJQC2ZYjHeJ6w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16693
x-fb-rlafr: 0
x-fb-debug: iPcOEcdvtFiPy237hRYI0mHyngn75Y7Zku2DFNiIiVH8pAfEn7Z5hoL/eOdvDOeJXzRJ7JR95P5/kud1BKbudQ==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 00:11:46 GMT

GET
H2 200 xdbAilr6t8l.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yN/l/en_GB/ Frame 2E2A 36 KB
12 KB 429ms
234ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yN/l/en_GB/xdbAilr6t8l.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

291ce914cec30326938e8ac7c3dfd589fd4b43aaabc4f3e9e0ca080451e5d8fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZXwLLV9DghbhOLccK8FomQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11637
x-fb-rlafr: 0
x-fb-debug: UOxPSiBljqK4YmuNpj/LhOOnsVdErYzPmLI0/D0HVPgy0F59WdGw/eDKSd90RJwIB3SyFqVnZ2Ix8YD+XUyn8w==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 19:33:45 GMT

GET
H2 200 ojoHf9ItJgz.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 2E2A 13 KB
5 KB 430ms
235ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/ojoHf9ItJgz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

aa110663d6600fd847987ed2d5046deea4e65e27183e20c76a12d56206c86a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uEx2jrC6dV45WuFXvcdqqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4628
x-fb-rlafr: 0
x-fb-debug: AfsTEN00nuld6f61NVTnnQrRgAN/tY9AtkAr3+RtpcyqDabMOh5DWJX6AFk/vqHSOlFQHaZ6JD0kTwKXyM8cRg==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 28 Mar 2024 15:52:24 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 2E2A 507 B
487 B 909ms
714ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: B4BMpDzMIqTrbnP2XK7ttXJjF80CjY4H0jorCDSFviPgbzL+ab3KezlWrsY0GgRRnmiT3vaSjWCHJ0EQKqIOXg==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Mar 2024 20:46:07 GMT

GET
H2 200 9sOywqpYhAg.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame 2E2A 188 KB
54 KB 779ms
584ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/9sOywqpYhAg.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

36852a83c051c63be0effce8c3d1cf9d2c9af7fde62fa4e6a544848abbb7d0fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cSUPkLxW5ZD1LhGB8zSpoA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 55503
x-fb-rlafr: 0
x-fb-debug: iYkqy3UOFhnkaT4EBX2UZ9DJrzFgaIvESJW38jyUVBo2rtFR5RIuoU2Pm1dBhXabyDeQwJ9v7BlAsJzpyvvDXg==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 21:18:54 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 2E2A 5 KB
2 KB 909ms
714ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: koakLGY1v5R2GWTxsSnA3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1615
x-fb-rlafr: 0
x-fb-debug: Lt6mXEMpxZRafbmAzQK6F0f5Stj1ho5H2sgwkWQG5o86EARyvBY1nzhN2SbkLnaH0GELsco1ZOZ23NGwm6Y3hQ==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Mar 2024 20:41:24 GMT

GET
H2 200 hIjOy7dOACs.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 2E2A 20 KB
6 KB 909ms
714ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/hIjOy7dOACs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

cbe3f8abaa9c986c3f25d246fea53f686a6086d15cc12cb2ac5e6c1e2940e436

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: OhucS/ylDi7X8Jmr3OiEFw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5928
x-fb-rlafr: 0
x-fb-debug: TfGPlJBWE2Tb2Wv1/9eJvEXW2aphZOAKqgrw3cdfoRAOWrmu8GjJ7r7ArkGsYWQZbyOtmsDRZqRy36wRdXCXNw==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 17:34:43 GMT

GET
H2 200 UIbhq_otiob.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/ Frame 2E2A 70 KB
21 KB 910ms
715ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

5e137b703d3b95300c7e6e02ecd911eb480291a018794e40d0e5443dbd23e6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3oOhtKqZMFlIo76hdsg2Fw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20902
x-fb-rlafr: 0
x-fb-debug: kZmaVwcrVLQvYXMmliOo4Oj9lxEmdgGpDQEl4Zbn6Kzz/1ig3QkNGCEt37p8B8nCUnBMuPuhS+VFFDAjRnRtNg==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 27 Mar 2024 09:43:53 GMT

GET
H2 200 Wtl6tMxz2hH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 2E2A 27 KB
9 KB 909ms
715ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/Wtl6tMxz2hH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

d2429dfbe741449bf01449b46bbf212b18f464038995e771ca9a4bb1e0925610

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zreoT9hZjaMMYMRJ1AEzzg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8978
x-fb-rlafr: 0
x-fb-debug: uqf7SrEFgquIAhzwhellHcKYugI+eIe4lKvCZRcb2Yy0uWcYqvsu7n7VA77OlmteEm41yuF1sHzI0EHEYaHo7w==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Mar 2024 20:12:57 GMT

GET
H2 200 1_Vl38oy0lQ.js Show response
static.xx.fbcdn.net/rsrc.php/v3impS4/yA/l/en_GB/ Frame 2E2A 327 KB
77 KB 910ms
716ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3impS4/yA/l/en_GB/1_Vl38oy0lQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

112a2742c1310aa69aeb3df0e402ea27ac342ce3c8db1d3850f53918af88fc5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: PLwFzLy5A7zWIWnHgsJZKg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78442
x-fb-rlafr: 0
x-fb-debug: mshWOjWcUIplXj6ilhmoGPh/2wxLB+9Q91NOOGVzibtJjX6ufpkP4JRL6zvEQjbykkJkVkuvrQix/XbFZVvg9Q==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 27 Mar 2024 19:46:57 GMT

GET
H2 200 dKGK0McILid.js Show response
static.xx.fbcdn.net/rsrc.php/v3i30-4/yR/l/en_GB/ Frame 2E2A 408 KB
96 KB 912ms
718ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i30-4/yR/l/en_GB/dKGK0McILid.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

20b9f77fb50c9a36b849adb3ff16036ae5cf0dc972ed7861a122de20d8b08487

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FIDgkDHR2kp2eF9oVexZ8A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 98247
x-fb-rlafr: 0
x-fb-debug: kIO+y4N9aqHPohMGeQ7F+BEy334WaPj+vNzfTZfyOIFr1HNZvtC4NaOIythKIC0DG3nPKtI5vLcEQQCkcd/DKw==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 22 Mar 2024 04:39:43 GMT

GET
H2 200 lYejkzyV906.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 2E2A 723 B
580 B 912ms
718ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/lYejkzyV906.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

ff7752702f4c4c362f1eaec396e6aac8a0aadf3def7dc0817e558c60ce20f0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: naOE1m8tmTZ0fVAYNsTRiA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 387
x-fb-rlafr: 0
x-fb-debug: b6+uJE6fAzC8G2qsZK/mHj83z3ZvTSB9dTBaQ8KDfvH56lbg7ANmpfy+L2VMC63d3uVf4RdYzDT7MjKUPGDXmg==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 23 Mar 2024 01:33:22 GMT

GET
H2 200 i2lDptKz9Lv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 2E2A 11 KB
4 KB 909ms
715ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/i2lDptKz9Lv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

a78bd4eebe3bf86745ee9faff5d5927cd9fca6f69b074e586b66fba4df1d5684

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: c5gK3vcR/7DKDWQlkSHChg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3817
x-fb-rlafr: 0
x-fb-debug: l+pYEaFfju8qgbPhvXdN1cvY3ViylYFEppBq0faO6dUTvnG3CwCrISnDcumD6egfbwDM9I/PwMj7MmamKjzKPQ==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 17:36:08 GMT

GET
H2 200 Y3wYBvmmno-.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 2E2A 27 KB
7 KB 912ms
718ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/Y3wYBvmmno-.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

9899b870f85d5de6a82cb2d7b70afea5248f6854ee20ccdd2aab5a34c15d2a6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: UOpXoxg48CU6LSVbbXc53A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7110
x-fb-rlafr: 0
x-fb-debug: btHgWPgl/DMDJ9eUEUhFsZCHXCQqTThfEDuI3QGpLtweCFxg/jitPAohood+yJhvCAg5DRip8Cl8g6rx6rlZGQ==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 30 Mar 2024 18:01:33 GMT

GET
H2 200 UN3_PbR-HJ4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 2E2A 21 KB
7 KB 912ms
719ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/UN3_PbR-HJ4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

2e239a7ef6b367100ceb17647f6057f4b9db339e29e8e0778151df9ca5e07e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3uuABC/lnX9uyekO3Kn9bg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7104
x-fb-rlafr: 0
x-fb-debug: nCcjrzJHjvocVyd832UmeIpjqsf3q2btxy5/TWh1IvAqndhxshTu6840fneXzkWQoipSRwXPoNzXLQKC9Zix+A==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 27 Mar 2024 09:43:17 GMT

GET
H2 200 7TQpq0fzfu4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 2E2A 2 KB
976 B 912ms
719ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TLChQoDhUYzpJFadDZTs1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 782
x-fb-rlafr: 0
x-fb-debug: 5mswcbNCZkvSCaXdzsHI8kbpilIbNYUfh8lQeq8gWl3+yjjS3/xOfAjpXhEt/5hfxnRHj+eLxs9KCQyojh4+/g==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Mar 2024 20:46:06 GMT

GET
H2 200 h8ulkmpky8f.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 2E2A 55 KB
15 KB 912ms
719ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lbhbphR1BNPxW6RqDJiiow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15174
x-fb-rlafr: 0
x-fb-debug: hMaRyRMCUZOMb/9Dmzq7Mj8OtU582aciQInVIPHdz1bb22ROv3LS8o1/j9QrDT+qbx2zBczMtBodMwrVUwMbwQ==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 19 Mar 2024 17:02:47 GMT

GET
H2 200 325141786_6140032619364934_7377705774471631398_n.jpg
scontent-syd2-1.xx.fbcdn.net/v/t39.30808-6/ Frame 2E2A 16 KB
17 KB 304ms
100ms Image
image/jpeg 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-syd2-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=dd9801&_nc_ohc=tqs3xfZM5UkAX-5FGu0&_nc_ht=scontent-syd2-1.xx&edm=ADwHzz8EAAAA&oh=00_AfB4iCg8gVCPDyt7tcmFBe_qqx4aAZ-c0_6CXpdZt7WXew&oe=642D4B85
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-syd2.fbcdn.net
Software: /
Resource Hash: 0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-haystack-needlechecksum: 1290236993
date: Sat, 01 Apr 2023 05:12:43 GMT
x-fb-trip-id: 1527350943
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 13 Jan 2023 04:15:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1433450679
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2910780274
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 16853

GET
H2 200 305964663_450890893727816_1742559653774706626_n.jpg
scontent-syd2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 2E2A 1 KB
1 KB 341ms
138ms Image
image/jpeg 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-syd2-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=oqGaVj6vO6EAX_Ru9d2&_nc_ht=scontent-syd2-1.xx&edm=ADwHzz8EAAAA&oh=00_AfBRfUyYWL7ZAIcgV3VjcKi5pSPqtseAbuBddn0xWQLOOQ&oe=642C0B15
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-syd2.fbcdn.net
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-haystack-needlechecksum: 760809244
date: Sat, 01 Apr 2023 05:12:43 GMT
x-fb-trip-id: 1527350943
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2540016234
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1345

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 238A 2 KB
988 B 911ms
270ms Script
text/html 54.178.144.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13858&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=324&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.144.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-144-59.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cb71d4020387c1cb7d70bc49ae11783f47a1bf619bb60ddf93855ba73378e68f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 238A 3 KB
3 KB 203ms
202ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: wZkRmrxS7AFmMQdw8xTuiDflqCV6fwem
date: Sat, 01 Apr 2023 05:11:58 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:47 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 55
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: mopY3AAhHkeKRnj1O16wDWpeKAhadorFgIYDaWVs708zvZ3AH11M5Q==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame FB39 2 KB
1002 B 895ms
255ms Script
text/html 54.178.144.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13860&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=693&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.144.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-144-59.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 30c1a1f1fc5c307021602584a7bfe5af655580484516b0f0bac662a2974ba8b7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 01 Apr 2023 05:12:42 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame FB39 3 KB
3 KB 208ms
207ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: wZkRmrxS7AFmMQdw8xTuiDflqCV6fwem
date: Sat, 01 Apr 2023 05:11:58 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:47 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 55
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: oXdjvyIrltrs3Z-ovqrd2MFDAE-FBnryC193KQSCGwJXd-odaDTQTg==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame FB39 3 KB
3 KB 207ms
207ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: PKLNBg42CeVg.VDXi3AZLFhPiGQZ2WdG
date: Sat, 01 Apr 2023 05:12:01 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:38 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 41
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: 2zsbhC8aIlo9H4oni5PTlGFsifqK9YINFAM6cnUfQQIugDs_epl1_A==

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame DD82 48 KB
27 KB 219ms
218ms Document
text/html 142.251.10.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=5iuneqe903lq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f147.1e100.net

Software

GSE /

Resource Hash

1380c84741adda7370ca6a12cdf5b945c5d09c3fdb22bb72de2140b1f1e69aa9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JJfouij3Q_PjE1Bn9J8Y7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27125
content-security-policy: script-src 'report-sample' 'nonce-JJfouij3Q_PjE1Bn9J8Y7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 05:12:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 238A 5 KB
3 KB 297ms
297ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 01 Apr 2023 05:22:42 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame FB39 5 KB
3 KB 298ms
297ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 01 Apr 2023 05:22:42 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 238A 0
170 B 1072ms
357ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 01 Apr 2023 05:12:42 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame FB39
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA

2 B
169 B

231ms
231ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:43 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 01 Apr 2023 05:12:43 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame FB39
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=-ph_mpKZADaGwwK8S70nZA

2 B
139 B

299ms
298ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=-ph_mpKZADaGwwK8S70nZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:43 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 01 Apr 2023 05:12:43 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=-ph_mpKZADaGwwK8S70nZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame FB39 0
171 B 1070ms
356ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 01 Apr 2023 05:12:42 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
283 B 197ms
196ms Image
image/gif 142.251.10.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102456694-1&cid=466576723.1680325961&jid=2116098208&_u=IADAAEAAAAAAACAAI~&z=1963549756

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 05:12:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
408 B 580ms
196ms Image
image/gif 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102456694-1&cid=466576723.1680325961&jid=2116098208&_u=IADAAEAAAAAAACAAI~&z=1963549756

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 05:12:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame DD82 55 KB
24 KB 574ms
191ms Stylesheet
text/css 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=5iuneqe903lq

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 09:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 09:19:10 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame DD82 407 KB
163 KB 660ms
279ms Script
text/javascript 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

db20e355eec38641464097836c909673eebdadf82ace277df50847eea9e060b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 09:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166464
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 09:21:29 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 238A 36 B
399 B 299ms
299ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

81fe88c32c463440c159b3411c5aa3dca223647b1a59a82ad63a0548526946c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:42 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame FB39 10 KB
11 KB 216ms
216ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13860&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=693&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: TEiUgy_6oU8A9GzAEdY745kcECYdffgo
date: Sat, 01 Apr 2023 05:11:59 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:20:57 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 56
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: 0iuDTL7FFTqDdlbMiJZfvJndgBltftmZTfoNki-ONGgk6qgE3QEcUg==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 238A 10 KB
11 KB 224ms
223ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13858&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=324&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: TEiUgy_6oU8A9GzAEdY745kcECYdffgo
date: Sat, 01 Apr 2023 05:11:59 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:20:57 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 56
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: TL02UfJXljNopjh__i9gTqKRKjaPcfwXazsU5SZAwCM9c705n9o-zQ==

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 2E2A 573 B
625 B 197ms
196ms Image
image/png 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/cTbBGs5I5HX.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/cTbBGs5I5HX.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:43 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: 1OhoGxQQSuEQieWAa7j+NRL1WFkJUqk3c0cpJMCDZBp7VL9EUXUoeysCqyQV8h3n1mi1JqUmLAwPd6JgsYN0FQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 22 Mar 2024 19:40:33 GMT

GET
H2 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame 2E2A 98 KB
23 KB 628ms
627ms XHR
application/x-javascript 157.240.13.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5ZKdwnU14E9kbxS0oG3S0H8-0KU3mwkE5G0zE5W0HUvw4Jwp8ow46wbS1bwzwqo2Yw&__csr=&__req=1&__hs=19448.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=MODERATE&__rev=1007227415&__s=%3A%3Asqfnw0&__hsi=7216945049755256630&__comet_req=0&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-sin6.facebook.com

Software

Resource Hash

0bf3b8bf5d162d75b078317a20d10ab6c4b9ba1b9d5347cb367d0cc28d1ef264

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: DPKl66TqxxyAGj8filaai3
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 198387
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 01 Apr 2023 05:12:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: XCN/m4av60CHbakzQTAbs63vmeI90XZYaqvhfdPBW40LPTjQua1lFJfVsxJMKED1KgDEUn7janCVe0D8sGONnA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 2E2A 907 B
1 KB 420ms
419ms XHR
application/x-javascript 157.240.13.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-sin6.facebook.com

Software

Resource Hash

4017c8e6cb5b33e0d5426a26acc7b6a143ab5604bfb40790b6f5f44972882110

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: DPKl66TqxxyAGj8filaai3
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 198387
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 01 Apr 2023 05:12:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 3NhBa+ll79H7PbAqNTxhzDShfDmM3HCqaPiocBtfFRaG0sNVRhQ7vpKBsbc2LbC2CocVZIDU+0yIbk+u5Hk8mA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 2E2A 907 B
646 B 424ms
424ms XHR
application/x-javascript 157.240.13.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/UIbhq_otiob.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-sin6.facebook.com

Software

Resource Hash

c2cf5c25d11c6ec293d0208f89d3a9ae98afdbaece2d151c8db460f81f6d1629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: DPKl66TqxxyAGj8filaai3
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 198387
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 01 Apr 2023 05:12:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 4XS9JM3a3M9/qY+0enIv/VdybuMshtuiosv/pTpFmz9XIfEvgHxE3TZixbNUKv6FB0fomDmwgVaQ6ImA07cHQg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 2E2A 12 KB
12 KB 196ms
196ms Image
image/png 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/XMHgiwdrM2B.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/XMHgiwdrM2B.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:43 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
x-fb-rlafr: 0
x-fb-debug: inETg14PYdddgBQs1cfgqTs7HtKbbW3LrAiYtdiUuJddvWq7ALyMdizCczjJev57Mxs3ApM/d2OTV/9Pph6PoA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 30 Mar 2024 22:19:32 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 2E2A 1 KB
1 KB 208ms
207ms Image
image/png 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/cTbBGs5I5HX.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/cTbBGs5I5HX.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:43 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: dajoDPLY2iyt85mnJmrx60L16il5cv/ZflcqvKK9BbAWLS0mHd4p8P+FtKJbMyQL1bKDWt0FsmcrywT7sh71SQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 18 Mar 2024 00:30:39 GMT

GET
H2 200 dswQVshrjuE.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame 2E2A 343 KB
75 KB 197ms
196ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/dswQVshrjuE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

cf658e5812fe693304264a1b126dc3e36f9ee7f849afbf560508074166c4c5d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5HlEAsuzMIHfgLYDxtxKvg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76386
x-fb-rlafr: 0
x-fb-debug: beJWfyFvCDVi00lT9RT+Me6JCrjFWR/QCfEko+gqbGgzaTdSNKMfeA6psLWvRd6YKCatzbuNF3MWgv912tkDvA==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 27 Mar 2024 21:28:30 GMT

GET
H2 200 BqEjD1dj1pL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 2E2A 840 B
571 B 195ms
195ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uknKQ5sJ+8vBWLiIBWWBIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 356
x-fb-rlafr: 0
x-fb-debug: eaIW1qO3PRnbZePjGIWeHmY7/7Xtw3zbQDX9wWGidCK1XF0d6xuVaHunpY42fnQsiVuRxxs1+MF6oG6/eAibrw==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 21 Mar 2024 18:16:42 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame DD82 2 KB
2 KB 192ms
192ms Image
image/png 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 01:17:30 GMT
x-content-type-options: nosniff
age: 100513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 01:17:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD82 15 KB
16 KB 575ms
191ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 326495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD82 15 KB
15 KB 623ms
239ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:57 GMT
x-content-type-options: nosniff
age: 326446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:57 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame DD82 102 B
134 B 195ms
195ms Other
text/javascript 142.251.10.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=NZrMWHVy58-S9gVvad9HVGxk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f147.1e100.net

Software

GSE /

Resource Hash

f5a955b844dcf924eada41dc4914ff2ed7b5d503380f45b216f6b7ca43aa2e85

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=5iuneqe903lq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 01 Apr 2023 05:12:43 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame E533 7 KB
1 KB 209ms
199ms Document
text/html 142.251.10.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f147.1e100.net

Software

GSE /

Resource Hash

19edd78ac137bab5143b6fce3d57467c5905674e29ae53e2d74b920e93cdfdef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K_ACMN7LISh9MDnW1cMCAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1122
content-security-policy: script-src 'report-sample' 'nonce-K_ACMN7LISh9MDnW1cMCAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 05:12:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 2E2A 198 B
254 B 200ms
199ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:43 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: mLn5tvcgPDeJmZ6WhoJu+QAs5PUQBOx+HJ8kceOa8IMVEUB0Ysh8b0t7DYBPVdYDpPl4XrDt/+4PCz/TYI6BDw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Mon, 18 Mar 2024 01:09:02 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame CC29 17 KB
17 KB 226ms
226ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53df1526fdc2b4f441555de54276736c9e11bca04fefa66d67a1c6185fcb24d2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: NmvnCETKmHaa44I3_nDmZEw6htrjAo1Z
date: Sat, 01 Apr 2023 05:12:36 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:30 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 8
x-amz-server-side-encryption: AES256
etag: "5f199ebe685ea58160019a49b75a72c9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 16908
x-amz-cf-id: pa2cV5Be43My4YPDjnhiUKwCRo9trBoNsHDchHl0xIurmomiYnd4fg==

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 99A1 17 KB
17 KB 247ms
247ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53df1526fdc2b4f441555de54276736c9e11bca04fefa66d67a1c6185fcb24d2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: NmvnCETKmHaa44I3_nDmZEw6htrjAo1Z
date: Sat, 01 Apr 2023 05:12:36 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:30 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 8
x-amz-server-side-encryption: AES256
etag: "5f199ebe685ea58160019a49b75a72c9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 16908
x-amz-cf-id: GNPUj7c-hcC0sonatMdEzAulHVteabGhdS329X3P3192F6NBo6xK4g==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame E533 55 KB
24 KB 192ms
191ms Stylesheet
text/css 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 09:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 09:19:10 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame E533 407 KB
163 KB 202ms
202ms Script
text/javascript 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

db20e355eec38641464097836c909673eebdadf82ace277df50847eea9e060b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 09:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166464
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 09:21:29 GMT

GET /
www.facebook.com/login/ Frame 2E2A 0
0

GET
H3 200 /
www.facebook.com/login/ Frame 2E2A 0
0 478ms
478ms Document
text/html 157.240.13.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-sin6.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 01 Apr 2023 05:12:44 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: hivtLKnHJiQ50AiowAbmUGKryndPV5YXyF2ORy6bxtbX4xbOysq9lTbcTIRzl/eBInlasCHkDHQr9gKlThxH1g==
x-frame-options: DENY
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2E2A 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 UislPCXOWc0.css
static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/ Frame 2E2A 19 KB
5 KB 200ms
200ms Stylesheet
text/css 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/UislPCXOWc0.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

1f75b6ee6e9bd2f4f0e4c5221d955dede1229eae2c137ad283fccc4918cc5bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HlDm5uW9RcrMa0LFO+oNyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4558
x-fb-rlafr: 0
x-fb-debug: ZjA5PRG1HmwsVIUVTeIUmN/rDR7iHnn2JhwuoIluf/73bCSfaW6Tiw0fUKbWvXbZj/gmVcX1sRhKyujN6L2ryg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Thu, 28 Mar 2024 19:25:59 GMT

GET
H3 200 zTAcZgbV8nB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 2E2A 61 KB
16 KB 202ms
201ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/zTAcZgbV8nB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

cc0d49dfd20b6ece5010cdd54bdefad3fe2df62828dc6c579cbaf5a4e63a9fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NST0JUomaRRhKDzRtqfVoQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16144
x-fb-rlafr: 0
x-fb-debug: jta3s8MFwP0FsA6DkAq965KgaVeR6EZNpskYhV7LvarlJHyLLhcbkOMJX64ckzL5v5aOR9xdWq1RTugQxkdwMw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 19:30:21 GMT

GET
H3 200 SV0HgmB8RsT.js Show response
static.xx.fbcdn.net/rsrc.php/v3ibcU4/y4/l/en_GB/ Frame 2E2A 31 KB
9 KB 203ms
202ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ibcU4/y4/l/en_GB/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

fc9595ee8439c5d2990126d60c5587c1120741b96a168e278e6d47defccea5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4KqTzccePH9IygV28VQtgA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9053
x-fb-rlafr: 0
x-fb-debug: FjHQE+rA/eWulryW/cz0m4gb0+YFJ+DKb8NEuVkS7rkEkTFonIAZ9oPn6XRueavFElJc7GggpaOjTkuifxvCFA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 21 Mar 2024 19:22:30 GMT

GET
H3 200 V8jK12UmQ6C.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 2E2A 3 KB
1 KB 203ms
203ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/V8jK12UmQ6C.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

b2030569339b862f00a936d97af228b1bc2500d7f7162abc23be7d8acc710482

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G94KxmId/Gs6bmpfm04/RQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1248
x-fb-rlafr: 0
x-fb-debug: 3WqP3lfb93zuO9cZ4XN5jTyISy0UfZ8C+y0yDRd5pA+o/hNLnBFG1/XWBGcJAGnV/CblduTQPAP2aTOEvUsF8w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 18:53:46 GMT

GET
H3 200 ie38mp0O07P.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 2E2A 25 KB
10 KB 399ms
399ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/B3eazO-7VSi.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CEYVgZg04j7erS0ub7sNsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10390
x-fb-rlafr: 0
x-fb-debug: AL4mOcSvrCMDE1sYcL1NwgalO1H5NBDndWDKChpfD4Kyu3urxib0gz5rtHDoAt56nYVFP3en6FCUkDW03FP4Pw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Mar 2024 17:23:31 GMT

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame EF77 7 KB
8 KB 213ms
212ms Document
text/html 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 53
content-length: 7381
content-type: text/html
date: Sat, 01 Apr 2023 05:11:57 GMT
etag: "7043648f76be8783efb738bc06c56fa0"
last-modified: Fri, 31 Mar 2023 15:21:45 GMT
server: AmazonS3
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
x-amz-cf-id: XPUviUpKT45hHI8NhBwnLZCZV3KNZYrL-PzYgRSxztA-TUUKZ_nkNw==
x-amz-cf-pop: SIN52-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: 4BhfENuGUTP_rjuxb32PLd6Fa6sNMJ1C
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame CC29 662 B
1 KB 196ms
195ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: RT47g4fp1acSBH2K._w2Z6.lk4UvPqm6
date: Sat, 01 Apr 2023 05:12:40 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:14 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 9
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: Or1lC3TAWSMWUCR9OTn50R3gM9RyOcgqgTIU9mWpksL2i2UyPY9tqw==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame AEA8 15 KB
16 KB 238ms
238ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: qiPqCGDTpGddpaFLW1o7mHS6b8EM0L6n
date: Sat, 01 Apr 2023 05:12:40 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:28 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 15
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: jeaPGC_5aGt_-w7jeUvVHmGRHSmWfvD3EV9MWOu-iyH4n-j5ViK1Mw==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 881C 7 KB
8 KB 224ms
224ms Document
text/html 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 53
content-length: 7381
content-type: text/html
date: Sat, 01 Apr 2023 05:11:57 GMT
etag: "7043648f76be8783efb738bc06c56fa0"
last-modified: Fri, 31 Mar 2023 15:21:45 GMT
server: AmazonS3
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
x-amz-cf-id: hmbY6lOAlodE3ql0otsMLxWlu4usclp6PBPTxovWZs_CAtY0XVPn3g==
x-amz-cf-pop: SIN52-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: 4BhfENuGUTP_rjuxb32PLd6Fa6sNMJ1C
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 99A1 662 B
1 KB 209ms
209ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: RT47g4fp1acSBH2K._w2Z6.lk4UvPqm6
date: Sat, 01 Apr 2023 05:12:40 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:14 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 9
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: E7ZIzPP7RfXAmRyJbebM9wLPGE_8m64_bXZFWh4HcN9Lf6shwLinjQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 4687 15 KB
16 KB 250ms
249ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: qiPqCGDTpGddpaFLW1o7mHS6b8EM0L6n
date: Sat, 01 Apr 2023 05:12:40 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:28 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 15
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: DmbljbY44q4VZ_01tNJI48PChF-3y3bSOetiadBX6crLucHyKIRJpQ==

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame E533 41 KB
25 KB 278ms
277ms XHR
application/json 142.251.10.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f147.1e100.net

Software

GSE /

Resource Hash

de0f76c32a759f08ed51bd8d1d9a13a3df2174d3a6e3e2cb8959978c12e8fbdc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sat, 01 Apr 2023 05:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25562
x-xss-protection: 1; mode=block
expires: Sat, 01 Apr 2023 05:12:44 GMT

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 677F 0
217 B 254ms
251ms Document
text/html 52.194.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 01 Apr 2023 05:12:44 GMT
server: nginx/1.18.0 (Ubuntu)

GET cm.php
fcm.holmesmind.com/ Frame 54A7 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame EF77 5 KB
3 KB 300ms
297ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:44 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 01 Apr 2023 05:22:44 GMT

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame EF77 0
217 B 249ms
246ms Image
text/html 52.194.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:44 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H3 200 cm
c.holmesmind.com/ Frame EF77 0
15 B 1197ms
1195ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame EF77
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEH5XCMJEuOrKXHRWEGnjqm8&google_cver=1

0
166 B

736ms
528ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEH5XCMJEuOrKXHRWEGnjqm8&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
x-guploader-uploadid: ADPycdvyv0OJfOGtzYI1_uJX_hTGbpD7Uf-l-lLtssrkB_tjQae5EqLArakbhRzLIYU2TtrvMAIYa0j7TbCjis8u_EpOXhmqxMq7
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Sat, 01 Apr 2023 06:12:45 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 Apr 2023 05:12:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEH5XCMJEuOrKXHRWEGnjqm8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame AEA8 1 KB
754 B 201ms
200ms Script
text/html 18.155.68.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13861
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-87.sin52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:03:08 GMT
content-encoding: gzip
via: 1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: SIN52-P1
age: 576
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: XjTQ18jFQFnTyaS6xlwlTIYI0WPXbWZ6YxKjovIkyAbP6E25PW-j7w==

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 881C 0
217 B 247ms
247ms Image
text/html 52.194.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:44 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H3 200 cm
c.holmesmind.com/ Frame 881C 0
15 B 1209ms
1209ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame D1D5 0
217 B 250ms
250ms Document
text/html 52.194.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 01 Apr 2023 05:12:44 GMT
server: nginx/1.18.0 (Ubuntu)

GET cm.php
fcm.holmesmind.com/ Frame DB9F 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 881C 5 KB
3 KB 297ms
297ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:44 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 01 Apr 2023 05:22:44 GMT

GET
H2

200

google
m.holmesmind.com/ml/ Frame 881C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEPbGHN1-hmRtW74qIdKXrqY&google_cver=1

0
478 B

428ms
220ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEPbGHN1-hmRtW74qIdKXrqY&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:44 GMT
x-guploader-uploadid: ADPycdu1iDJbV6EZhcRFAv1OJ0cKglmCzTDfsb8OWbAVx_7aUXInrsVSYE6NqtsUgvYobUumKy70Fkd4f8_3_6B0E8ADgSk1cvEx
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Sat, 01 Apr 2023 06:12:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 Apr 2023 05:12:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&uu_m=undefined&google_gid=CAESEPbGHN1-hmRtW74qIdKXrqY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 4687 1 KB
735 B 202ms
201ms Script
text/html 18.155.68.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13859
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-87.sin52.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 973c1c3635e44bf3bfe4fe4d5acbd83f571d5dbcb80046d161e1ca19963282dc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:06:27 GMT
content-encoding: gzip
via: 1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: SIN52-P1
age: 377
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: 5Up-e1qqmKvWIZ68jTBq1scSdW8l91OhHaizYHwnFoXLt8b1py4AxA==

GET 305964663_450890893727816_1742559653774706626_n.jpg
scontent-syd2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 2E2A 0
0

GET 14069597498329024862
external-syd2-1.xx.fbcdn.net/emg1/v/t13/ Frame 2E2A 0
0

GET 18029814871319172731
external-syd2-1.xx.fbcdn.net/emg1/v/t13/ Frame 2E2A 0
0

GET 287068195877952849
external-syd2-1.xx.fbcdn.net/emg1/v/t13/ Frame 2E2A 0
0

GET 16052937817076775126
external-syd2-1.xx.fbcdn.net/emg1/v/t13/ Frame 2E2A 0
0

GET 329368516_23853272234120247_7641927853592911745_n.jpg
scontent-syd2-1.xx.fbcdn.net/v/t45.1600-4/ Frame 2E2A 0
0

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame AEA8 2 KB
1 KB 261ms
259ms Script
text/html 54.178.144.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13861&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=229&o=1&fc=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&d=1&b=2&ts=1&ii=2&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.144.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-144-59.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7ef0b9c1b9c093c44236e49464706283a2e23346ea87edb2fa28e6ef2012137e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 01 Apr 2023 05:12:44 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame AEA8 3 KB
3 KB 202ms
200ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: wZkRmrxS7AFmMQdw8xTuiDflqCV6fwem
date: Sat, 01 Apr 2023 05:11:58 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:47 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 58
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: CZ6jT-zkn6AjnesEZdqIpuoUWFQ7Fg0Z4KY2UElbIAKbOoWRywtsXg==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame AEA8 121 KB
40 KB 1030ms
629ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-1e357"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Apr 2023 05:12:44 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame AEA8 2 KB
3 KB 213ms
211ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: zH92yqyQP3KTRxmSaYv8d2bGTxlSuzA4
date: Sat, 01 Apr 2023 05:12:11 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:20:47 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 37
x-amz-server-side-encryption: AES256
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: L1NRMV61V4JEdpSNrY2MWOonWZihbcchGdlLWkO-QXiITbpoT3Ml_w==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame AEA8 4 KB
5 KB 213ms
211ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: ALN8MvSay3AX.v5cAQSvQaRj89Lr5LNQ
date: Sat, 01 Apr 2023 05:11:58 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 55
x-amz-server-side-encryption: AES256
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: lRlMvVGvX7IMX_7_bpLmpwHB_7vlbQXRY1v8krrPWJnPCO7HUwe74Q==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame AEA8 3 KB
3 KB 207ms
206ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: PKLNBg42CeVg.VDXi3AZLFhPiGQZ2WdG
date: Sat, 01 Apr 2023 05:12:01 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:38 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 44
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: RbyhE_LRSgZEw-7M9ATfEwgsub2Mt5O1ayEwMuiWbTVvsg_jpK5ZpA==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame AEA8 6 KB
7 KB 213ms
211ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 9F8R2klc4rFPN_PdXlX_ozo26SvPPGR3
date: Sat, 01 Apr 2023 05:11:58 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:21 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 57
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: xTVozAWaopNnogi_ifhxiVuX_BGV59pzzy6eQ85q70spNs1e6HboKg==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 4687 2 KB
1 KB 272ms
269ms Script
text/html 54.178.144.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13859&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=464&o=1&fc=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&d=1&b=2&ts=1&ii=2&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.178.144.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-144-59.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 827f7bf182a3494943ece65a35c8267677935e0e35dabe002974ef5c7730873c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 01 Apr 2023 05:12:44 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 4687 3 KB
3 KB 202ms
199ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: wZkRmrxS7AFmMQdw8xTuiDflqCV6fwem
date: Sat, 01 Apr 2023 05:11:58 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:47 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 58
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: 1diW5nKdTYqn8fOwxfhhFZ5-ngtpQBLd5FesBUrath_lnmaQeA8uBg==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 4687 121 KB
40 KB 566ms
214ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-1e357"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Apr 2023 05:12:44 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 4687 2 KB
3 KB 208ms
206ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: zH92yqyQP3KTRxmSaYv8d2bGTxlSuzA4
date: Sat, 01 Apr 2023 05:12:11 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:20:47 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 37
x-amz-server-side-encryption: AES256
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: RcvkE2r4hBdkiDwCiXSVG48yqeZfNEoWDHX9pYQkVzArX5Z83WzWIg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 4687 4 KB
5 KB 217ms
215ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: ALN8MvSay3AX.v5cAQSvQaRj89Lr5LNQ
date: Sat, 01 Apr 2023 05:11:58 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 55
x-amz-server-side-encryption: AES256
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: vFOMIfNJcmF_izbvzeW7SaNZrEsB3DTB0I1JrX03Q5mmuvhbb12o5w==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 4687 3 KB
3 KB 222ms
220ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: PKLNBg42CeVg.VDXi3AZLFhPiGQZ2WdG
date: Sat, 01 Apr 2023 05:12:01 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:38 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 44
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: 3y6p19rCFd453h9Mx1H9MYe9lGRLod-uP4sR7DyKRczl0KtSeJeMNA==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 4687 6 KB
7 KB 236ms
234ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 9F8R2klc4rFPN_PdXlX_ozo26SvPPGR3
date: Sat, 01 Apr 2023 05:11:58 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:21:21 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 57
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: VqB2AiOldA-aGUgqOf0FrOD9IUwYr42S5xO2MsVieEGBBP7-a2kJfA==

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame E533 600 B
624 B 192ms
192ms Image
image/png 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:06:59 GMT
x-content-type-options: nosniff
age: 201945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 05 Apr 2023 21:06:59 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame E533 530 B
554 B 194ms
191ms Image
image/png 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 06:17:05 GMT
x-content-type-options: nosniff
age: 168939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 06 Apr 2023 06:17:05 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame E533 665 B
689 B 195ms
192ms Image
image/png 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 20:54:14 GMT
x-content-type-options: nosniff
age: 29910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Apr 2023 20:54:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E533 15 KB
15 KB 195ms
191ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 326496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E533 15 KB
15 KB 270ms
266ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:41:06 GMT
x-content-type-options: nosniff
age: 325898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:41:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E533 15 KB
15 KB 232ms
229ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:57 GMT
x-content-type-options: nosniff
age: 326447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:57 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame E533 27 KB
27 KB 198ms
197ms Image
image/jpeg 142.251.10.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AKH6MRGcSGccjqJJ6qJ7xT1nmMezZ0CMRc6fnn6RwItYZPdp_P1kbiKzaya3ysvbUt3ESNzPzU73KPHDlQnR6qkHkVXmdFLegqOuDfPM-7AasyMR8KHL3KsqhsUw05LWmLWZvTy5nKDqZ6Qa9gmSX2ur85owVg-1LTt88RZorXBbII_dBZkuuzZ5bszpY0XA_bOTlZZy8EchyN8qCT9MBsx0dr99nXXHVA&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f147.1e100.net

Software

GSE /

Resource Hash

b081359c6ae16e5b951869b78fd34165c020a807caaf12df15736decb8773b36

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:44 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27683
x-xss-protection: 1; mode=block
expires: Sat, 01 Apr 2023 05:12:44 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame EF77 36 B
406 B 299ms
299ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

81fe88c32c463440c159b3411c5aa3dca223647b1a59a82ad63a0548526946c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:44 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 881C 36 B
406 B 300ms
299ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

81fe88c32c463440c159b3411c5aa3dca223647b1a59a82ad63a0548526946c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:44 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame AEA8 5 KB
3 KB 298ms
298ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:44 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 01 Apr 2023 05:22:44 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame AEA8 0
170 B 356ms
356ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 01 Apr 2023 05:12:44 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame AEA8
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA

2 B
20 B

233ms
233ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 01 Apr 2023 05:12:44 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame AEA8 2 KB
2 KB 1236ms
302ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9592678084873443
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a63192a898c467f93de06f79c64eabd79b4b26fe8b8f7bb14dfee19d0a5a8f3f

Request headers

Referer: https://reurl.cc/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 01 Apr 2023 05:12:44 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1472

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame AEA8
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA

2 B
20 B

233ms
233ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 01 Apr 2023 05:12:44 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 4687 5 KB
3 KB 298ms
297ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:44 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 01 Apr 2023 05:22:44 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 4687 0
170 B 356ms
356ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 01 Apr 2023 05:12:44 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame AEA8 10 KB
11 KB 213ms
212ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13861&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=229&o=1&fc=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&d=1&b=2&ts=1&ii=2&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: TEiUgy_6oU8A9GzAEdY745kcECYdffgo
date: Sat, 01 Apr 2023 05:11:59 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:20:57 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 58
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: yrI_0EP1_th3e50fXeAaodvpD-E6QNRgSLsTYke0dmS8nmh3KONd3A==

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 4687 2 KB
2 KB 1294ms
325ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.20285828769943315
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b4210e08bd690da4fc764928b6750d37bd6110f3aaee764058a960a44760ad60

Request headers

Referer: https://reurl.cc/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 01 Apr 2023 05:13:12 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1469

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 4687
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA

2 B
20 B

231ms
231ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 01 Apr 2023 05:12:44 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 4687
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA

2 B
20 B

232ms
231ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 01 Apr 2023 05:12:44 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=W-Rnlq8aBvWIUYPQS70nZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 4687 10 KB
11 KB 212ms
212ms Script
application/javascript 13.227.254.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13859&rf=https%3A%2F%2Freurl.cc%2Fmain%2Fen&n=464&o=1&fc=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&d=1&b=2&ts=1&ii=2&FPCK=7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR&fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-48.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: TEiUgy_6oU8A9GzAEdY745kcECYdffgo
date: Sat, 01 Apr 2023 05:11:59 GMT
via: 1.1 0ebc10def77a5b11a9b58ccbe655bf62.cloudfront.net (CloudFront)
last-modified: Fri, 31 Mar 2023 15:20:57 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 58
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: j1qosLIhPH66iRnhG_-vU96WwV-vHLH_2DlaOoQWsLWokXp6iZZu2Q==

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame EF77 0
194 B 304ms
303ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&mp=608209f0-4c1f-4fe7-9267-79c1c21f8079

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net/ Frame EF77 0
79 B 410ms
298ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net/pixel?bd=608209f0-4c1f-4fe7-9267-79c1c21f8079&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 pixel
608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net/ Frame 881C 0
79 B 388ms
298ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net/pixel?bd=608209f0-4c1f-4fe7-9267-79c1c21f8079&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 881C 0
194 B 300ms
300ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe&mp=608209f0-4c1f-4fe7-9267-79c1c21f8079

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 4687 142 B
404 B 634ms
241ms XHR
application/json 182.161.73.145

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=68103749924

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.145 -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e4a19c48cde63c5e0f603328e87fc67b2289b9157120b26fcf52fccf1793ab2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 01 Apr 2023 05:12:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 141

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C6C9 76 KB
27 KB 228ms
223ms Script
text/javascript 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

sffe /

Resource Hash

41b93f51026119be7600223167a1d83b512e40ff2a76e5005e9a25f9b38f2d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27205
x-xss-protection: 0
server: sffe
etag: "1528 / 733 of 1000 / last-modified: 1680300463"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 01 Apr 2023 05:12:45 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame AEA8 142 B
404 B 456ms
247ms XHR
application/json 182.161.73.145

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=13528245064

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.145 -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

66ae2c43f2d4b20be42141922a5a9d1ab80c2303a35f56b81eadf5af64f2c94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 142

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BE37 76 KB
27 KB 265ms
264ms Script
text/javascript 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

sffe /

Resource Hash

28262860c6d2ac87b966e50a39e624aee4b80527e4de39aa81e617b57fe0aa46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27206
x-xss-protection: 0
server: sffe
etag: "1528 / 490 of 1000 / last-modified: 1680300336"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 01 Apr 2023 05:12:45 GMT

GET
H2 200 pubads_impl_2023033001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C6C9 397 KB
134 KB 192ms
192ms Script
text/javascript 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

sffe /

Resource Hash

5274d8f4dbd155adc7ab1035ca15e55b18cc4ff946ac3134c8fb0aea6f81262d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 10:55:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136582
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 08:35:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Mar 2024 10:55:16 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame C6C9 142 B
113 B 577ms
193ms XHR
application/json 172.217.194.155

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

57c887edbe15917d7b202e67eca64ec45cc5bbd2c3e3e048293bb7b2c8c7353b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88
x-xss-protection: 0
expires: Sat, 01 Apr 2023 05:12:46 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 4687 0
209 B 196ms
195ms Ping
text/plain 182.161.73.145

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.145 -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ Frame AEA8 0
209 B 196ms
195ms Ping
text/plain 182.161.73.145

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.145 -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 01 Apr 2023 05:12:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 pubads_impl_2023032801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BE37 397 KB
134 KB 324ms
323ms Script
text/javascript 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

sffe /

Resource Hash

95cebae126b596b85b7633805c98d6be3b0ccc8558b8a0c0cdcd3a0fef0c6917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 14:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136767
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 08:36:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Mar 2024 14:20:28 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame BE37 142 B
113 B 412ms
198ms XHR
application/json 172.217.194.155

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

57c887edbe15917d7b202e67eca64ec45cc5bbd2c3e3e048293bb7b2c8c7353b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88
x-xss-protection: 0
expires: Sat, 01 Apr 2023 05:12:46 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 193ms
193ms Ping
text/plain 74.125.24.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je33t0&_p=1140901553&cid=466576723.1680325961&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1680325961&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fmain%2Fen&dt=URL%20Shortener%20-%20reurl&en=scroll&epn.percent_scrolled=90&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f138.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Apr 2023 05:12:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ Frame C6C9 107 B
165 B 198ms
197ms Script
application/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C6C9 107 B
165 B 203ms
201ms Script
application/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C6C9 55 KB
13 KB 751ms
750ms XHR
text/plain 172.217.194.155

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2083120833534823&correlator=962228985069247&eid=31073289%2C31073537&output=ldjh&gdfp_req=1&vrg=2023033001&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13861&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=4072839793&sfv=1-0-40&sc=1&cookie=ID%3D4bf9823df80ec08b-225f9a72e7dc0071%3AT%3D1680325961%3ART%3D1680325961%3AS%3DALNI_MZbMDM2kYz8_iYoORk-iGGzJe8z3Q&gpic=UID%3D00000a3af167662b%3AT%3D1680325961%3ART%3D1680325961%3AS%3DALNI_MbMKwgxJrvNgTu46ddPY8Qitl5lCA&abxe=1&dt=1680325966313&lmt=1680325966&dlt=1680325965385&idt=841&adxs=935&adys=973&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=dlmw5s5578js&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=4&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ref=https%3A%2F%2Freurl.cc%2Fmain%2Fen&top=https%3A%2F%2Freurl.cc%2Fmain%2Fen&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=466576723.1680325961&ga_sid=1680325966&ga_hid=1711516538&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

8808e8c9dd41367071faeb8cc8ec77c25df64c76f9397bcda49d75bea39d9ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12881
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C6C9 15 KB
11 KB 203ms
201ms XHR
application/json 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023033001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

25e87120f92b394d95c7890efffe9951c0f3afefd6144d2d65f98561d288c6ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11232
x-xss-protection: 0

GET
H2 200 container.html Show response
4715d7a5ce1e943f7da2ef0322d21961.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 441A 6 KB
3 KB 586ms
193ms Document
text/html 74.125.130.132

General

Check archive.org

Show headers Download Go to

Full URL

https://4715d7a5ce1e943f7da2ef0322d21961.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 05:12:46 GMT
expires: Sun, 31 Mar 2024 05:12:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ Frame BE37 107 B
165 B 195ms
193ms Script
application/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BE37 107 B
165 B 195ms
194ms Script
application/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BE37 56 KB
13 KB 897ms
897ms XHR
text/plain 172.217.194.155

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=167766935307239&correlator=318063667565056&eid=31072028%2C31072879%2C31073459%2C44785729&output=ldjh&gdfp_req=1&vrg=2023032801&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13859&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=4136938775&sfv=1-0-40&sc=1&cookie=ID%3D4bf9823df80ec08b-225f9a72e7dc0071%3AT%3D1680325961%3ART%3D1680325961%3AS%3DALNI_MZbMDM2kYz8_iYoORk-iGGzJe8z3Q&gpic=UID%3D00000a3af167662b%3AT%3D1680325961%3ART%3D1680325961%3AS%3DALNI_MbMKwgxJrvNgTu46ddPY8Qitl5lCA&abxe=1&dt=1680325966395&lmt=1680325966&dlt=1680325965445&idt=921&adxs=365&adys=973&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=sxn3qfyont3w&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=4&url=https%3A%2F%2Freurl.cc%2Fmain%2Fen&ref=https%3A%2F%2Freurl.cc%2Fmain%2Fen&top=https%3A%2F%2Freurl.cc%2Fmain%2Fen&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=466576723.1680325961&ga_sid=1680325966&ga_hid=452716224&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

455adbe6cc44d26a290239ed14278ad2de68c2773725e5796f37e84aa9d12301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13264
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BE37 14 KB
11 KB 204ms
203ms XHR
application/json 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023032801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

507766029743850514f4dca1fca869a989d78a2d5b4b529f6ac27e540d6c9d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11194
x-xss-protection: 0

GET
H2 200 container.html Show response
c31505d756ab380a71150d2421f18107.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6271 6 KB
3 KB 583ms
194ms Document
text/html 74.125.130.132

General

Check archive.org

Show headers Download Go to

Full URL

https://c31505d756ab380a71150d2421f18107.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 05:12:46 GMT
expires: Sun, 31 Mar 2024 05:12:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C6C9 17 KB
7 KB 578ms
193ms Script
text/javascript 74.125.68.132

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 01 Apr 2023 05:12:47 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BE37 17 KB
6 KB 512ms
209ms Script
text/javascript 74.125.68.132

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 01 Apr 2023 05:12:47 GMT

GET
H2 200 amp4ads-v0.mjs
cdn.ampproject.org/rtv/012303151529000/ Frame 2E4C 74 KB
0 582ms
193ms Script
text/javascript 142.251.12.132

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151529000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 27 Mar 2023 17:09:18 GMT
age: 389009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61771
x-xss-protection: 0
server: sffe
etag: "ec0c62706e34eb3f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 26 Mar 2024 17:09:18 GMT

GET amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 2E4C 0
0

GET amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 2E4C 0
0

GET amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 2E4C 0
0

GET amp-form-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 2E4C 0
0

GET
H2 200 css
fonts.googleapis.com/ Frame 2E4C 6 KB
742 B 581ms
195ms Stylesheet
text/css 172.253.118.95

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023033001.js?cb=31073537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.95 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 01 Apr 2023 05:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 04:28:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 Apr 2023 05:12:47 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2E4C 3 KB
3 KB 195ms
194ms Image
image/png 74.125.68.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:27:43 GMT
x-content-type-options: nosniff
server: cafe
age: 2704
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sun, 02 Apr 2023 04:27:43 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2E4C 344 B
587 B 193ms
191ms Image
image/png 74.125.68.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 05:48:35 GMT
x-content-type-options: nosniff
server: cafe
age: 84252
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 01 Apr 2023 05:48:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2E4C 0
0 237ms
236ms Image
text/html 142.251.10.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpZRaIKQ1p2q6aHCty54LVyMaQzIAs_hDEPHfbberbfUFBaEwXAYGv_nqNReVkFhiAVSapCFQVJIOgRIg0CqaI-6IXvQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f147.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2E4C 0
0 203ms
202ms Image
text/html 172.217.194.155

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgjmtTr0nZLn3G-SUmsMP1_mz0ASL_KDob9Ou-om6EZaLtuKdORABINLMgRpgpYCAgJABoAHZxLXOAsgBCakCuUWLu4Jupj7gAgCoAwHIAwqqBN8BT9ADW5JF3V5O8nM4oUlO9lwRfJZ4rX7unSYCC_SGG6hwJBpjTW2bsRRq04IjzLZY_ZIljkmuGWhVbxzGgj8_4K73oiNk0OG-hljQmKHS55N5qzZNUJH85CraigJ5MaQVJ4LKEfmssqCmUGv6fNFXtHLqgvpslaHG1rsz11GKxGmI7E09_YqPiUoxDtopp3jlQxmv8MvHoCGwFux332qiTuPmrr9MWJQ_b3Jujv7MFH_0kQeg67kh_BYx6LKspmlnzffbY9xZSx_La9BSlI1GYfKd_Zb5NayVxA243AIbKMAE7Lbc46kE4AQBoAYugAePu8qxAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEObREtIIDwiAYRABGB0yAooCOgKAQIAKA8gLAbgT5APYEwOIFAbQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=NOPasLrllp4&uach_m=[UACH]&cid=CAQSOwDUE5ymj8vHlN5N36JRbra2-gOYRbpTJclKocRI_mT-8f-soVpS8qFzA5zRcEH0um1yPuMgn09_XKRGGAE&template_id=484
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.194.155 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/45170812819367333/ Frame 2E4C 50 KB
50 KB 233ms
233ms Image
image/jpeg 74.125.68.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/45170812819367333/2076313506083323656

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

585342b8b59bca46bc11cc2326c1c705774fcbfb6f7f559fbc3c380dd1c0c155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 04:20:15 GMT
x-content-type-options: nosniff
age: 175952
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51441
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 06:42:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Mar 2024 04:20:15 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10693318534524495940/ Frame 2E4C 5 KB
5 KB 218ms
218ms Image
image/jpeg 74.125.68.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10693318534524495940/14763004658117789537?w=100&h=100

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

741ff11da7ecc7af5f555ef8eb13bb520f9a3069ac1b4f45347770cd39f0ed7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 07:10:56 GMT
x-content-type-options: nosniff
age: 252111
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4806
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:18:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Mar 2024 07:10:56 GMT

GET
DATA 200
OK truncated
/ Frame 2E4C 220 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e20ca598957caa203fcfe3739b93ff3c000bcacd662eb20c120c24bc52abeaa2

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2E4C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 899ee5affa25e4ac40a35355a1ad8098b1f52a1023c37752bb0cfd18f51222ee

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 757D 13 KB
5 KB 387ms
386ms Document
text/html 74.125.68.132

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 355334
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 02:30:33 GMT
expires: Wed, 27 Mar 2024 02:30:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E85D 783 B
535 B 202ms
201ms Document
text/html 142.251.10.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f147.1e100.net

Software

GSE /

Resource Hash

d685304b9378321ae50ae48e05f5a9e6c24bc29e9d410bef18b581aa07159391

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BFi1x8JniXALNoN4TMEDkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-BFi1x8JniXALNoN4TMEDkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 05:12:47 GMT
expires: Sat, 01 Apr 2023 05:12:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 912C 13 KB
5 KB 372ms
370ms Document
text/html 74.125.68.132

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 355334
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 02:30:33 GMT
expires: Wed, 27 Mar 2024 02:30:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 29C7 783 B
538 B 202ms
201ms Document
text/html 142.251.10.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f147.1e100.net

Software

GSE /

Resource Hash

364575d8b287caeedb0bd9784c09be7197546e19536803bffa3d53cc47b2d03f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6jrjjjP3X6_KykV029KRIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 516
content-security-policy: script-src 'report-sample' 'nonce-6jrjjjP3X6_KykV029KRIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 05:12:47 GMT
expires: Sat, 01 Apr 2023 05:12:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET amp4ads-v0.mjs
cdn.ampproject.org/rtv/012303151529000/ Frame 0D3B 0
0

GET amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 0D3B 0
0

GET amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 0D3B 0
0

GET amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 0D3B 0
0

GET amp-form-0.1.mjs
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 0D3B 0
0

GET
H2 200 css
fonts.googleapis.com/ Frame 0D3B 4 KB
1 KB 337ms
194ms Stylesheet
text/css 172.253.118.95

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.95 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 01 Apr 2023 05:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 04:19:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 Apr 2023 05:12:47 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0D3B 3 KB
3 KB 220ms
219ms Image
image/png 74.125.68.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 04:27:43 GMT
x-content-type-options: nosniff
server: cafe
age: 2704
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sun, 02 Apr 2023 04:27:43 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0D3B 344 B
402 B 226ms
225ms Image
image/png 74.125.68.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 05:48:35 GMT
x-content-type-options: nosniff
server: cafe
age: 84252
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 01 Apr 2023 05:48:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0D3B 0
0 240ms
240ms Image
text/html 142.251.10.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyGGz2cbmX446ArfvG2xN0s_IRJiGwltJNcZiOieTXHRYGT36Bx5etn4Zanvie63Oa02wTQeiDST8MVFiXQzNPKuCNGw
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f147.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0D3B 0
0 204ms
203ms Image
text/html 172.217.194.155

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChLbNTr0nZM6BIYjOmsMPj_eTuA-L_KDob9Ou-om6EZaLtuKdORABINLMgRpgpYCAgJABoAHZxLXOAsgBCakCuUWLu4Jupj7gAgCoAwHIAwqqBN8BT9CXeIkooGxU5C2FLHlPh4USsiYoDf8i0di88YsbMB-BGmNM81mDEVHsvPWgrb9hxsrD2ttuRv4QMGTyYOBsOhTCQR6pbxl6ywIvTVuG9FULRHpHK1MMOb3zXZiYF0N0wj_qjRzQcuyY88x0sClOdQMG7cUuvV1HAOtvVRZtD4_pOx4EoniTkk-1EohV6a56abMTGfYagmohqJbpfFaeyCLTAvmpxei2bHeAhiMWKgfX94R3CiBPx0sU8mmWZYHkrKi-evVY1F3-xGSD6vwFWBAhsYw_d-SVBJaMLftzDcAE7Lbc46kE4AQBoAYugAePu8qxAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIPJEtIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTA4gUBtAVAZgWAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=SR2VDygHW9w&uach_m=[UACH]&cid=CAQSOwDUE5ymgWbtCZmvp7yoiVVHG6UgfMpHAIMKabPdoO6HJi9bbSMSY0ceCzyiOEFRhTqp4c0XmzQJ71DrGAE&template_id=5000
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.194.155 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/45170812819367333/ Frame 0D3B 26 KB
26 KB 227ms
227ms Image
image/jpeg 74.125.68.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/45170812819367333/14763004658117789537?w=400&h=209

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

706bc00dab6e0c9be8775266f9ed7cc2e60b239f757eb80039f052ca34acc7d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 05:12:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26201
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 06:42:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 31 Mar 2024 05:12:47 GMT

GET
DATA 200
OK truncated
/ Frame 0D3B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0D3B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adaac4596a1bdebf9f7b1d43eceef666c69f9f2c99306639e63949fb2ad487cf

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E85D 0
0 196ms
196ms Image
text/html 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023033001&jk=2083120833534823&rc=05AJrWKeW7aL_SE2MW-ZUMNmDBiEZa5DIrifDwyuDQqU8PiNNJ9JrKf9GbYAFQk45lAdp0BsCDtA_oaLRddk44DjrVwmqz1bmz_qEO1z9B-YUrxkizfdGZX_gezzBaij5dgNNmUe1Zpl51Jy5e1CGcTY5NbjHrkNNa37wrVwC6epgthfLOjaojjcKmWA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 29C7 0
0 196ms
195ms Image
text/html 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023032801&jk=167766935307239&rc=05AJrWKeW7aL_SE2MW-ZUMNmDBiEZa5DIrifDwyuDQqU8PiNNJ9JrKf9GbYAFQk45lAdp0BsCDtA_oaLRddk44DjrVwmqz1bmz_qEO1z9B-YUrxkizfdGZX_gezzBaij5dgNNmUe1Zpl51Jy5e1CGcTY5NbjHrkNNa37wrVwC6epgthfLOjaojjcKmWA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js
pagead2.googlesyndication.com/bg/ Frame 757D 36 KB
14 KB 191ms
191ms Script
text/javascript 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 11:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14139
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 11:45:30 GMT

GET hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js
pagead2.googlesyndication.com/bg/ Frame 912C 0
0

GET KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D3B 0
0

GET KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D3B 0
0

GET KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E4C 0
0

GET KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E4C 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Domain: scontent-syd2-1.xx.fbcdn.net
URL: https://scontent-syd2-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=oqGaVj6vO6EAX_Ru9d2&_nc_ht=scontent-syd2-1.xx&oh=00_AfDPbNNTQK1gCDKn9MTSE9qjEq3vzWnEao_SSFvVMKNJ-w&oe=642C0B15

Domain: external-syd2-1.xx.fbcdn.net
URL: https://external-syd2-1.xx.fbcdn.net/emg1/v/t13/14069597498329024862?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2019%2F12%2F%E6%97%85%E9%81%8A%E6%8A%98%E6%89%A3-KLOOK-kkday-%E6%8E%A8%E8%96%A6%E5%84%AA%E6%83%A0%E4%BF%A1%E7%94%A8%E5%8D%A1.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbEEhY0y3XmIT9SxUvZqOBvrXwc_C4-5KCL84ze_Yo9tbw&oe=64296FE6&_nc_sid=698a6b

Domain: external-syd2-1.xx.fbcdn.net
URL: https://external-syd2-1.xx.fbcdn.net/emg1/v/t13/18029814871319172731?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2021%2F02%2F2021-%E6%98%9F%E5%B1%95%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbHA4sQv3aVnwPwSJUabAD4AfuZ4gpntel2jsL3h6K30Tw&oe=64294DDD&_nc_sid=698a6b

Domain: external-syd2-1.xx.fbcdn.net
URL: https://external-syd2-1.xx.fbcdn.net/emg1/v/t13/287068195877952849?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F01%2F2023-JCB-%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E6%8E%A8%E8%96%A6.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbGSsVkHrlSeYgsrpd-Wur6JezNlOoLYN3PmgDKVIZy7GQ&oe=6429745E&_nc_sid=698a6b

Domain: external-syd2-1.xx.fbcdn.net
URL: https://external-syd2-1.xx.fbcdn.net/emg1/v/t13/16052937817076775126?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F02%2F%E5%AF%8C%E9%82%A6-Costco-%E8%81%AF%E5%90%8D%E5%8D%A1%E4%BB%8B%E7%B4%B9.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbHrWwF_22XEQAK3oU-zGOvfrCgbCZ7zP6yirhIiNY5vmw&oe=6429352D&_nc_sid=698a6b

Domain: scontent-syd2-1.xx.fbcdn.net
URL: https://scontent-syd2-1.xx.fbcdn.net/v/t45.1600-4/329368516_23853272234120247_7641927853592911745_n.jpg?stp=c0.36.1200.628a_cp0_dst-jpg_q75_s350x350_spS444&_nc_cat=100&ccb=1-7&_nc_sid=67cdda&_nc_ohc=ub-7wQPo6XYAX89NHal&_nc_ht=scontent-syd2-1.xx&oh=00_AfA1lvF1F5yt4YvECR-tshsmrukaSVMKge2QLGhmpEn8tg&oe=642D095C

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012303151529000/v0/amp-ad-exit-0.1.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012303151529000/v0/amp-analytics-0.1.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012303151529000/v0/amp-fit-text-0.1.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012303151529000/v0/amp-form-0.1.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012303151529000/amp4ads-v0.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012303151529000/v0/amp-ad-exit-0.1.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012303151529000/v0/amp-analytics-0.1.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012303151529000/v0/amp-fit-text-0.1.mjs

Domain: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012303151529000/v0/amp-form-0.1.mjs

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 15:04:37	Name: _GRECAPTCHA Value: 09AJrWKeWoIbvCVJooemxl1eXl3xcnd0nlevz3XJhptISK1Dw-e5OHCEEHaQxv2_F0m2c0HRGjy3-D8XOAtuqumWA
reurl.cc/	1970-01-20 19:31:01	Name: clientIdV2 Value: cffba54ebbd5e8cf93ab7eac0b26c866a832a7923ff820209705212d533c5d8dc343276d827940e610de7767242e06e59953ffef00d0dd2f64fb826ac1c15c26d74dc1c239677a5d8a754271
reurl.cc/	1970-01-20 19:31:01	Name: clientId Value: cffba54ebbd5e8cf93ab7eac0b26c866a832a7923ff820209705212d533c5d8dc343276d827940e610de7767242e06e59953ffef00d0dd2f64fb826ac1c15c26d74dc1c239677a5d8a754271
reurl.cc/	1970-01-20 19:31:01	Name: lang Value: en
.reurl.cc/	1970-01-20 20:21:25	Name: _ga_N394QBRGC0 Value: GS1.1.1680325961.1.0.1680325961.0.0.0
.reurl.cc/	1970-01-20 20:21:25	Name: _ga Value: GA1.2.466576723.1680325961
.reurl.cc/	1970-01-20 10:46:52	Name: _gid Value: GA1.2.1836387400.1680325961
.reurl.cc/	1970-01-20 10:45:26	Name: _gat Value: 1
.prnasia.com/	1970-01-20 10:45:27	Name: __cf_bm Value: MvsfkKuHAFEZCakCP60xdZBwk3l2M7jk.xQlVpQRTF4-1680325961-0-ASExkUwgzy5pwnIArK2g/GKUVmDw0EKBc5ajG0Ap9RYzXtQ14/wKflENDVv1SyOBZpP//R5fplpeVK7ePUYEg/E=
.reurl.cc/	1970-01-20 10:45:29	Name: _ht_em Value: 1
.reurl.cc/	1970-01-20 12:55:01	Name: _fbp Value: fb.1.1680325961604.1412548290
.reurl.cc/	1970-01-20 10:46:52	Name: _ht_a546ca Value: 1
.hinet.net/	1970-01-20 20:21:25	Name: uuid Value: 608209f0-4c1f-4fe7-9267-79c1c21f8079
.reurl.cc/	1970-01-20 20:07:01	Name: __gads Value: ID=4bf9823df80ec08b-225f9a72e7dc0071:T=1680325961:RT=1680325961:S=ALNI_MZbMDM2kYz8_iYoORk-iGGzJe8z3Q
.reurl.cc/	1970-01-20 20:07:01	Name: __gpi Value: UID=00000a3af167662b:T=1680325961:RT=1680325961:S=ALNI_MbMKwgxJrvNgTu46ddPY8Qitl5lCA
reurl.cc/	1970-01-20 11:28:37	Name: CFFPCKUUID Value: 5284-sdAgAdjE34l87tjqGD0WfowoCXUd9gsh
.reurl.cc/	1970-01-20 11:28:37	Name: CFFPCKUUIDMAIN Value: 7626-Ufd9K6iubrTM0AxHJ1YZTjd2WZxicvXR
.reurl.cc/	1970-01-20 11:28:37	Name: FPUUID Value: 7626-7d97c3271b7356f2e1f78a2425449189700489fda2f40a275eafd70a89a606bf
.holmesmind.com/	1970-01-20 20:21:25	Name: P Value: 936315-8wFM3ob86NNoKtdWCoFSFF5cOypYVzSe
.holmesmind.com/	1970-01-20 11:06:33	Name: Vision Value: 20230401-23:59,20230401-16,20230401-16,20230401-23:59
.holmesmind.com/	1970-01-20 11:06:33	Name: C Value: null
.holmesmind.com/	1970-01-20 13:10:23	Name: RK Value: null
.reurl.cc/	1970-01-20 10:46:52	Name: _ht_hi Value: 1
.reurl.cc/	1970-01-20 19:31:01	Name: __htid Value: 608209f0-4c1f-4fe7-9267-79c1c21f8079
.c.appier.net/	1970-01-20 19:32:28	Name: _auid Value: W-Rnlq8aBvWIUYPQS70nZA
.doubleclick.net/	1970-01-20 20:21:25	Name: IDE Value: AHWqTUlRL1yMD4ajgWmDOB0gNReEgOHmIRdYlorqPoaq1fdXWeIDOoeH_wwcLrejZWk
.holmesmind.com/	1970-01-20 11:06:33	Name: R Value: null
.holmesmind.com/	1970-01-20 13:10:23	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-20 20:21:25	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://fcm.holmesmind.com/cm.php Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

17c52f98-3b68-4d0a-89a5-c08001f24eed.t.ssp.hinet.net
4715d7a5ce1e943f7da2ef0322d21961.safeframe.googlesyndication.com
608209f0-4c1f-4fe7-9267-79c1c21f8079.t.ssp.hinet.net
ad.holmesmind.com
ad2.apx.appier.net
adcdn.holmesmind.com
adservice.google.com
adservice.google.com.au
bidder.criteo.com
c.holmesmind.com
c31505d756ab380a71150d2421f18107.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.holmesmind.com
cdn.jsdelivr.net
cdn.rawgit.com
cdnjs.cloudflare.com
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
connect.facebook.net
creditcards.com.tw
external-syd2-1.xx.fbcdn.net
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
i0.wp.com
img.gbyhn.com.tw
img.racingcharger.tw
m.holmesmind.com
mma.prnasia.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-asia.creativecdn.com
prebid.scupio.com
re-news.tw
reurl.cc
scontent-syd2-1.xx.fbcdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
t.ssp.hinet.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.gstatic.com
www.rayskyinvest.com
cdn.ampproject.org
external-syd2-1.xx.fbcdn.net
fcm.holmesmind.com
fonts.gstatic.com
pagead2.googlesyndication.com
scontent-syd2-1.xx.fbcdn.net
www.facebook.com
103.132.192.30
104.16.252.4
104.16.87.20
104.17.24.14
13.227.254.48
138.199.46.68
142.250.4.156
142.251.10.147
142.251.12.132
142.251.12.157
142.251.12.94
157.240.13.35
157.240.235.1
157.240.8.23
172.104.45.159
172.217.194.155
172.217.194.157
172.217.194.97
172.253.118.95
172.67.150.31
172.67.178.125
18.155.68.87
182.161.73.129
182.161.73.145
192.0.77.2
192.0.78.135
203.75.214.136
210.59.219.181
34.102.176.152
34.149.120.3
34.149.98.30
34.95.67.231
34.96.119.68
35.185.130.121
35.185.136.122
35.201.76.93
35.227.249.156
35.244.196.223
52.194.43.130
54.178.144.59
74.125.130.132
74.125.130.154
74.125.130.94
74.125.200.156
74.125.200.94
74.125.24.138
74.125.68.132
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0165c15a2bedf362f02f1dd1835b5c625faa48d7c0807de80cc4dd3ca40de809
03e8ad03b544f04661b5c5d7608552a26d56e30968072f81ab1b58b05c5e742a
051141599f128f399f2cd53514ee1c28ba9d269ce1b065ba81dcc4b11a5d3b02
062846e8d28e4b414ed35cb7885ff381f020faafaa66fd379cf9191566f81827
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0bf3b8bf5d162d75b078317a20d10ab6c4b9ba1b9d5347cb367d0cc28d1ef264
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
112a2742c1310aa69aeb3df0e402ea27ac342ce3c8db1d3850f53918af88fc5e
1380c84741adda7370ca6a12cdf5b945c5d09c3fdb22bb72de2140b1f1e69aa9
1428e1bc09838ba1f051526c85ed869c50c04902807843084717a21cf830132e
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2
19edd78ac137bab5143b6fce3d57467c5905674e29ae53e2d74b920e93cdfdef
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450
1f75b6ee6e9bd2f4f0e4c5221d955dede1229eae2c137ad283fccc4918cc5bac
20b9f77fb50c9a36b849adb3ff16036ae5cf0dc972ed7861a122de20d8b08487
23da6bca460f1bd205972b4ba6110fb6c31e2731b41cf59cdf756a629dd19903
25e87120f92b394d95c7890efffe9951c0f3afefd6144d2d65f98561d288c6ea
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
28262860c6d2ac87b966e50a39e624aee4b80527e4de39aa81e617b57fe0aa46
291ce914cec30326938e8ac7c3dfd589fd4b43aaabc4f3e9e0ca080451e5d8fc
2e239a7ef6b367100ceb17647f6057f4b9db339e29e8e0778151df9ca5e07e15
2f6c4eef1c3efc8673cf409110ca75fe96ad43a3d4a7fa049a41872b30186c38
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
30c1a1f1fc5c307021602584a7bfe5af655580484516b0f0bac662a2974ba8b7
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2
364575d8b287caeedb0bd9784c09be7197546e19536803bffa3d53cc47b2d03f
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36852a83c051c63be0effce8c3d1cf9d2c9af7fde62fa4e6a544848abbb7d0fd
38bf6598faa4b9c7c37f9e8005ea21f722b9517fbbe2b0689f9ca00ad309d47c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4017c8e6cb5b33e0d5426a26acc7b6a143ab5604bfb40790b6f5f44972882110
40d0de6c923c31f8df453337e0539edfc00a4a4a02ca8fcd84282ce328a76e92
41b93f51026119be7600223167a1d83b512e40ff2a76e5005e9a25f9b38f2d07
43cef17a32d6403565654fc0972e73949f5cdb2c7e51830898b0738078f89f56
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
455adbe6cc44d26a290239ed14278ad2de68c2773725e5796f37e84aa9d12301
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4883c68c0f9c35d5c627c1c8e809b25d40dce3b0af37ac346c6587e8cd69920d
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4db0e1f96890dfbbbfd8f552577cac8d05ad77a021d1b7a2d14da1e0ff02ee9a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
507766029743850514f4dca1fca869a989d78a2d5b4b529f6ac27e540d6c9d6b
5274d8f4dbd155adc7ab1035ca15e55b18cc4ff946ac3134c8fb0aea6f81262d
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53df1526fdc2b4f441555de54276736c9e11bca04fefa66d67a1c6185fcb24d2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57c887edbe15917d7b202e67eca64ec45cc5bbd2c3e3e048293bb7b2c8c7353b
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
585342b8b59bca46bc11cc2326c1c705774fcbfb6f7f559fbc3c380dd1c0c155
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5ad88988f5871797f8a6ae266d8cf7449aaaa85007064bf7fcc256abb80b39d7
5e137b703d3b95300c7e6e02ecd911eb480291a018794e40d0e5443dbd23e6a6
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66ae2c43f2d4b20be42141922a5a9d1ab80c2303a35f56b81eadf5af64f2c94a
706bc00dab6e0c9be8775266f9ed7cc2e60b239f757eb80039f052ca34acc7d6
741ff11da7ecc7af5f555ef8eb13bb520f9a3069ac1b4f45347770cd39f0ed7f
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7ef0b9c1b9c093c44236e49464706283a2e23346ea87edb2fa28e6ef2012137e
7f05353baa3e2dfc0ef79f7482ac4cd6e8af100ac91d9e4f99acb7d481836d2d
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
81fe88c32c463440c159b3411c5aa3dca223647b1a59a82ad63a0548526946c0
827f7bf182a3494943ece65a35c8267677935e0e35dabe002974ef5c7730873c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8377e96dd5a60df39397d22401247e3e3c51f9121019c3908cef680ab52603d3
87bae036cec691ad5dae2492440a08fe7eb4efbea0999e1e0d04f31b09218afa
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671
8808e8c9dd41367071faeb8cc8ec77c25df64c76f9397bcda49d75bea39d9ef9
899ee5affa25e4ac40a35355a1ad8098b1f52a1023c37752bb0cfd18f51222ee
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95cebae126b596b85b7633805c98d6be3b0ccc8558b8a0c0cdcd3a0fef0c6917
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
973c1c3635e44bf3bfe4fe4d5acbd83f571d5dbcb80046d161e1ca19963282dc
9899b870f85d5de6a82cb2d7b70afea5248f6854ee20ccdd2aab5a34c15d2a6a
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9c9f87285251bbcc9a701bc74e755b0c48e1321efdccafd33c28896b40aa3ff3
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63192a898c467f93de06f79c64eabd79b4b26fe8b8f7bb14dfee19d0a5a8f3f
a66ba6dda43ebd256dfc3de9235b98ec5b0c5e1274868d3d38f333679bb2ef18
a78bd4eebe3bf86745ee9faff5d5927cd9fca6f69b074e586b66fba4df1d5684
a794fbaadb2023fbd4b9627c15e5dd46cbfd88d6b889afa79bfac018c1af9d7b
a79ad475bdce90530467569d41f8319aea76030c5a4a52b30da61e2cd1d4d95a
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa110663d6600fd847987ed2d5046deea4e65e27183e20c76a12d56206c86a57
adaac4596a1bdebf9f7b1d43eceef666c69f9f2c99306639e63949fb2ad487cf
adfdffd27a3849c62169200dc83c9d8e535613e960adf14566f65ab109d9678b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b081359c6ae16e5b951869b78fd34165c020a807caaf12df15736decb8773b36
b1276adca00b19d123d3829d7657445758c774ef42342e8184e844c691af0ef7
b13cf50d039aa8a07ee03865eb8d18b5d9a026126454714d7934ecbc444effd9
b2030569339b862f00a936d97af228b1bc2500d7f7162abc23be7d8acc710482
b4210e08bd690da4fc764928b6750d37bd6110f3aaee764058a960a44760ad60
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c2cf5c25d11c6ec293d0208f89d3a9ae98afdbaece2d151c8db460f81f6d1629
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cb71d4020387c1cb7d70bc49ae11783f47a1bf619bb60ddf93855ba73378e68f
cbe3f8abaa9c986c3f25d246fea53f686a6086d15cc12cb2ac5e6c1e2940e436
cc0d49dfd20b6ece5010cdd54bdefad3fe2df62828dc6c579cbaf5a4e63a9fe0
cf658e5812fe693304264a1b126dc3e36f9ee7f849afbf560508074166c4c5d2
d2429dfbe741449bf01449b46bbf212b18f464038995e771ca9a4bb1e0925610
d352378469bf1a7557278d791064f7dfa7d9b39e7762b0344fca2028cb8b098b
d422135203d1e49c401349c8dc9372dfa93398de8c8aa0b191cb202871b05ce7
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d685304b9378321ae50ae48e05f5a9e6c24bc29e9d410bef18b581aa07159391
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db20e355eec38641464097836c909673eebdadf82ace277df50847eea9e060b8
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
de0f76c32a759f08ed51bd8d1d9a13a3df2174d3a6e3e2cb8959978c12e8fbdc
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e20ca598957caa203fcfe3739b93ff3c000bcacd662eb20c120c24bc52abeaa2
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a19c48cde63c5e0f603328e87fc67b2289b9157120b26fcf52fccf1793ab2e
e6308b7ee169eb29791819a3e85f47fc7517fa45afa6d031b147a0d5bae2b25e
e830fb2cd84ed7cc6eb54b4f7b682ddc8bf7dfe2bc02c3662631f0ee9abda2b7
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
ed4a43e0f2d9c8c6f9f81f98134586752936ce086697ae39d5ff849df237ca75
ee49cb23b0d017ee581357ad7e62cd125a41509c1c0d1543d731f48c6022e66d
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f49ee6865adfa19b7a80104eeeea91a42b07dc3f9bcef001ccb142da35f4ede8
f5a955b844dcf924eada41dc4914ff2ed7b5d503380f45b216f6b7ca43aa2e85
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fc9595ee8439c5d2990126d60c5587c1120741b96a168e278e6d47defccea5fa
fdbd7d1b7a9ab3237ec3d3096ddfd6e57246c21290abad11b4cd5696582074c6
ff7752702f4c4c362f1eaec396e6aac8a0aadf3def7dc0817e558c60ce20f0c5

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

258 Requests

87 %HTTPS

0 %IPv6

32 Domains

54 Subdomains

45 IPs

6 Countries

4018 kBTransfer

8831 kBSize

29 Cookies

23 Outgoing links

Page URL History

Redirected requests

258 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

258
Requests

87 %
HTTPS

0 %
IPv6

32
Domains

54
Subdomains

45
IPs

6
Countries

4018 kB
Transfer

8831 kB
Size

29
Cookies

258 HTTP transactions
5 data transactions