reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://reurl.cc/gvjOLp?co=muj3e
Submission: On April 15 via api (April 15th 2023, 3:07:08 am UTC) from CA — Scanned from CA

Summary HTTP 366 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 61 IPs in 5 countries across 39 domains to perform 366 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 253294.
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	35.185.130.121 35.185.130.121	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
25	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
1	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
27	52.85.61.110 52.85.61.110	16509 (AMAZON-02) (AMAZON-02)
38	2600:9000:24f... 2600:9000:24f0:3800:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
31	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c1d::71	15169 (GOOGLE) (GOOGLE)
5	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	52.69.218.118 52.69.218.118	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c1d::5f	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f00e:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	52.194.43.130 52.194.43.130	16509 (AMAZON-02) (AMAZON-02)
2	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 5	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2600:9000:251... 2600:9000:2512:6000:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3034::6815:6009	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.149.36.179 34.149.36.179	15169 (GOOGLE) (GOOGLE)
1	192.0.78.244 192.0.78.244	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6810:fd04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:43a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.176.152 34.102.176.152	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.185.136.122 35.185.136.122	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
9	18.179.127.135 18.179.127.135	16509 (AMAZON-02) (AMAZON-02)
7	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
2 9	2607:f8b0:400... 2607:f8b0:4004:c1b::69	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
4 6	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
6	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
10	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
6	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
7 14	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
7 7	172.105.235.90 172.105.235.90	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
2 8	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
15	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
6 13	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
8 10	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
1	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
8	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2 2	72.247.65.83 72.247.65.83	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.3.115.102 23.3.115.102	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
17	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
27	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
7 12	69.173.151.100 69.173.151.100	() ()
2	2607:f8b0:400... 2607:f8b0:4006:81f::2002	() ()
1 2	142.251.167.149 142.251.167.149	() ()
1	2607:f8b0:400... 2607:f8b0:4004:c06::95	() ()
1 1	69.173.158.64 69.173.158.64	() ()
1	23.193.121.161 23.193.121.161	() ()
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a05:104e:317f:d99a:8776	() ()
2 3	52.46.143.56 52.46.143.56	() ()
2 3	52.94.223.37 52.94.223.37	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
2 2	35.71.131.137 35.71.131.137	() ()
2	2606:4700:20:... 2606:4700:20::ac43:47fe	() ()
366	61

6 35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b30ccdf5-4162-4ff2-883b-6d9683522afe.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9ab262ee-4ce5-4a79-b8de-e72fefcf7d96.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 52.85.61.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-110.ewr53.r.cloudfront.net

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2600:9000:24f0:3800:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1d::71 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 210.59.219.180 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-180.hinet-ip.hinet.net

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.69.218.118 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-218-118.ap-northeast-1.compute.amazonaws.com

referer-log.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00e:13:face:b00c:0:3 (Toronto, Canada)

ASN32934 (FACEBOOK, US)

scontent-yyz1-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.194.43.130 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.76.93 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2512:6000:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:6009 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.36.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.36.149.34.bc.googleusercontent.com

www.rayskyinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.244 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fd04 (United States)

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:43a6 (United States)

ASN13335 (CLOUDFLARENET, US)

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.185.136.122 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 122.136.185.35.bc.googleusercontent.com

re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.179.127.135 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-127-135.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c1b::69 (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.96.203.13 (Fort Scott, United States) 4 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 210.59.219.181 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-181.hinet-ip.hinet.net

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.190.36.98 (Kansas City, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.105.235.90 (Tokyo, Japan) 7 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1889-90.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 210.59.219.175 (Taichung, Taiwan) 2 redirects

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-175.hinet-ip.hinet.net

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2620:100:a001::c (United States) 6 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.65.162 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.65.83 (New York, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-65-83.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.3.115.102 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-115-102.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:824::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

df2b8e11e7e94d8394ed0fa861efdd71.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ed5b2eb7ca8e2d1abd0202636c61d37e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:80b::2001 (New York, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 69.173.151.100 (None, ) 7 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.149 (None, ) 1 redirects

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::95 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (None, ) 1 redirects

ASN- ()

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.193.121.161 (None, )

ASN- ()

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a05:104e:317f:d99a:8776 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.143.56 (None, ) 2 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.223.37 (None, ) 2 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (None, ) 2 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:47fe (None, )

ASN- ()

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	holmesmind.com 1 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 139273 referer-log.holmesmind.com — Cisco Umbrella Rank: 253838 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 150059 fcm.holmesmind.com — Cisco Umbrella Rank: 171189 c.holmesmind.com — Cisco Umbrella Rank: 113989 adcdn.holmesmind.com — Cisco Umbrella Rank: 161293 ad.holmesmind.com — Cisco Umbrella Rank: 104458 m.holmesmind.com — Cisco Umbrella Rank: 282647	374 KB
46	scupio.com 2 redirects img.scupio.com — Cisco Umbrella Rank: 84859 bw.scupio.com — Cisco Umbrella Rank: 162560 prebid.scupio.com — Cisco Umbrella Rank: 75801 rec.scupio.com — Cisco Umbrella Rank: 131485	558 KB
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 d26c72bf54bc1e5091b530d89cca601b.safeframe.googlesyndication.com Failed df2b8e11e7e94d8394ed0fa861efdd71.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 138 ed5b2eb7ca8e2d1abd0202636c61d37e.safeframe.googlesyndication.com	297 KB
31	criteo.com 6 redirects bidder.criteo.com — Cisco Umbrella Rank: 737 gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2685	40 KB
30	doubleclick.net 9 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 80 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 220 googleads.g.doubleclick.net ad.doubleclick.net	498 KB
30	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 805 scontent-yyz1-1.xx.fbcdn.net — Cisco Umbrella Rank: 12044	558 KB
25	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 80376 b30ccdf5-4162-4ff2-883b-6d9683522afe.t.ssp.hinet.net 9ab262ee-4ce5-4a79-b8de-e72fefcf7d96.t.ssp.hinet.net	25 KB
21	appier.net 14 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 46958 gocm.c.appier.net — Cisco Umbrella Rank: 2302	4 KB
19	rubiconproject.com 10 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1064 eus.rubiconproject.com — Cisco Umbrella Rank: 575 token.rubiconproject.com pixel-apac.rubiconproject.com pixel.rubiconproject.com	30 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	327 KB
12	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73	3 KB
7	criteo.net static.criteo.net — Cisco Umbrella Rank: 655	230 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	28 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com aax-eu.amazon-adsystem.com	4 KB
6	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 20206	1 KB
6	aralego.com 4 redirects hb.aralego.com — Cisco Umbrella Rank: 29774 sync.aralego.com — Cisco Umbrella Rank: 3307	2 KB
6	reurl.cc reurl.cc — Cisco Umbrella Rank: 253294	6 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 323 fonts.googleapis.com — Cisco Umbrella Rank: 39	135 KB
4	google.ca www.google.ca — Cisco Umbrella Rank: 8550 adservice.google.ca — Cisco Umbrella Rank: 13840	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	91 KB
2	aralego.net cdn.aralego.net	1008 B
2	adsrvr.org 2 redirects match.adsrvr.org	919 B
2	re-news.tw storage.re-news.tw re-news.tw	32 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 358	58 KB
1	linkedin.com px.ads.linkedin.com	516 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	619 B
1	moatads.com z.moatads.com	283 B
1	2mdn.net s0.2mdn.net	63 KB
1	gstatic.com fonts.gstatic.com	30 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3274	488 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5036	331 KB
1	racingcharger.tw img.racingcharger.tw	114 KB
1	prnasia.com mma.prnasia.com — Cisco Umbrella Rank: 582643	17 KB
1	creditcards.com.tw creditcards.com.tw	56 KB
1	rayskyinvest.com www.rayskyinvest.com	274 KB
1	gbyhn.com.tw img.gbyhn.com.tw	129 KB
1	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 122586	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	80 KB
366	39

	Domain	Requested by
38	cdn.holmesmind.com	reurl.cc cdn.holmesmind.com ad.holmesmind.com
28	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
27	img.scupio.com	reurl.cc img.scupio.com rec.scupio.com ajax.googleapis.com
25	tpc.googlesyndication.com	reurl.cc securepubads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net cdn.ampproject.org
21	t.ssp.hinet.net	reurl.cc cdn.holmesmind.com t.ssp.hinet.net
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net reurl.cc tpc.googlesyndication.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
15	securepubads.g.doubleclick.net	reurl.cc securepubads.g.doubleclick.net
14	ad2.apx.appier.net	7 redirects reurl.cc
13	gum.criteo.com	6 redirects static.criteo.net
10	cm.g.doubleclick.net	8 redirects eus.rubiconproject.com
10	bidder.criteo.com	img.scupio.com static.criteo.net
9	www.google.com	2 redirects reurl.cc tpc.googlesyndication.com
9	ad.holmesmind.com	cdn.holmesmind.com img.scupio.com reurl.cc
8	mug.criteo.com	reurl.cc
8	rec.scupio.com	2 redirects img.scupio.com ajax.googleapis.com
7	gocm.c.appier.net	7 redirects
7	static.criteo.net	cdn.holmesmind.com img.scupio.com static.criteo.net
7	www.facebook.com	reurl.cc static.xx.fbcdn.net img.scupio.com
6	pixel.rubiconproject.com	3 redirects eus.rubiconproject.com
6	token.rubiconproject.com	4 redirects eus.rubiconproject.com
6	prebid.scupio.com	img.scupio.com cdn.holmesmind.com
6	prebid-asia.creativecdn.com	img.scupio.com cdn.holmesmind.com
6	reurl.cc	reurl.cc
5	adcdn.holmesmind.com	cdn.holmesmind.com
5	c.holmesmind.com	1 redirects cdn.holmesmind.com reurl.cc
5	bw.scupio.com	img.scupio.com ajax.googleapis.com eus.rubiconproject.com
4	sync.aralego.com	4 redirects
4	eus.rubiconproject.com	reurl.cc eus.rubiconproject.com
4	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
4	ajax.googleapis.com	img.scupio.com rec.scupio.com
4	www.google-analytics.com	reurl.cc www.google-analytics.com www.googletagmanager.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.ca	securepubads.g.doubleclick.net
3	b30ccdf5-4162-4ff2-883b-6d9683522afe.t.ssp.hinet.net	reurl.cc t.ssp.hinet.net
3	connect.facebook.net	reurl.cc connect.facebook.net
2	cdn.aralego.net	reurl.cc
2	match.adsrvr.org	2 redirects
2	ad.doubleclick.net	1 redirects reurl.cc
2	googleads.g.doubleclick.net	reurl.cc
2	secure-assets.rubiconproject.com	2 redirects
2	hb.aralego.com	img.scupio.com
2	fcm.holmesmind.com	cdn.holmesmind.com
2	scontent-yyz1-1.xx.fbcdn.net	www.facebook.com
2	referer-log.holmesmind.com	cdn.holmesmind.com
2	cdn.jsdelivr.net	reurl.cc
1	ed5b2eb7ca8e2d1abd0202636c61d37e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	px.ads.linkedin.com	eus.rubiconproject.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	z.moatads.com	ad.doubleclick.net
1	pixel-apac.rubiconproject.com	1 redirects
1	s0.2mdn.net	img.scupio.com
1	9ab262ee-4ce5-4a79-b8de-e72fefcf7d96.t.ssp.hinet.net	reurl.cc
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	df2b8e11e7e94d8394ed0fa861efdd71.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	m.holmesmind.com	cdn.holmesmind.com
1	www.google.ca	reurl.cc
1	stats.g.doubleclick.net	www.google-analytics.com
1	i0.wp.com	reurl.cc
1	re-news.tw	reurl.cc
1	static.wixstatic.com	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	mma.prnasia.com	reurl.cc
1	creditcards.com.tw	reurl.cc
1	www.rayskyinvest.com	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	storage.re-news.tw	reurl.cc
1	ad.sitemaji.com	reurl.cc
1	www.googletagmanager.com	reurl.cc
0	d26c72bf54bc1e5091b530d89cca601b.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
366	73

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
feebee.com.tw R3	`2023-02-28` - `2023-05-29`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-22` - `2023-04-22`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2023-04-13` - `2023-07-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gbyhn.com.tw GTS CA 1P5	`2023-03-29` - `2023-06-27`	3 months	crt.sh
*.rayskyinvest.com R3	`2023-03-09` - `2023-06-07`	3 months	crt.sh
tls.automattic.com R3	`2023-03-24` - `2023-06-22`	3 months	crt.sh
*.prnasia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-12-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-06` - `2023-08-06`	a year	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-05` - `2023-09-01`	6 months	crt.sh
re-news.tw R3	`2023-03-01` - `2023-05-30`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh

This page contains 48 frames:

Primary Page: https://reurl.cc/gvjOLp?co=muj3e
Frame ID: 25EC9A5DF382B93F9C706D30AF580C56
Requests: 43 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 1CB00B8EAC18B44516AF37E330E489B0
Requests: 38 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.67
Frame ID: A7E817814EBC7778AFDC2B94C764A6FE
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.67
Frame ID: 31754210DFAFCB685C88D98875D5AB8A
Requests: 16 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 80088BA2C6B86F2D89C4A3A770420723
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: FB723C47F2B9C8FA20B5B07C83DDF5FD
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 0B1D57BDAD9212F5DB676A7882B6C393
Requests: 26 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: AF2674E5E26FDF2234C579E035B6C098
Requests: 10 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: A8B30D0EB3A3FC48475B43F8AA86024A
Requests: 21 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: BDC900FECB18D3509380531E721B7E6C
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 13BF6C0FC126C425AA1B4B6C06F991A0
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: 4B61762525892C2090FCD016CF6BAF32
Requests: 8 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: 05B30F23F5CF00678E458202BF7604D7
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: DEFD3A98F4C89BFFDAB3AD3AD9568323
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 1C9C0030D4F419E01FC0FED8DF10C0BF
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 523BB0DCC1434FFA4597B000C0A4F08E
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf
Frame ID: A35291B9823C1A51B1EE90D6FF27E9B1
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 6D1248113660C8BB67002729F787EE72
Requests: 18 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 9E253D0CD24615B0E62016E6729D9313
Requests: 2 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: 570871A5DE637D4CDDCF70EA5A2839BE
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 666D6F141499836C2D26AF61C1BAEC8B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: BDBB088F96810BA2CBBAAD6E35165C82
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: CA5E16C6EBAB38640B137BF0F7F2C4FC
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGXzENqIZ3eL__K73jwrjfk&google_cver=1&google_ula=3918219,0
Frame ID: 601A64145D548A6C6C29EB6F13E714E9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: CF5D06BE7D45C1FA938938C0904DE9D2
Requests: 12 HTTP requests in this frame

Frame: https://d26c72bf54bc1e5091b530d89cca601b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: F8D30AA7FF42CE44FCA395DF2BD6D65E
Requests: 1 HTTP requests in this frame

Frame: https://df2b8e11e7e94d8394ed0fa861efdd71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 6E84A77E53BFF994D1A0B29E135DDF36
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: CECD2EF7F143C38B62919EF5A07451ED
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGXzENqIZ3eL__K73jwrjfk&google_cver=1&google_ula=3918219,0
Frame ID: 09A01F60EE35D8329B83EAC124E531D1
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 991EA50892832EA8B25114CC160A9E52
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs
Frame ID: E98BF8B147591F764A58C72C87F6CD2A
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A6DA66012926926B124CD71DCA8C3F0D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 242CC8E61A55C780F7184FF235BE245C
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=52
Frame ID: 8D717C09494C2182F7E0DCD3851CF8A4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D6C9C60CF2B880129FD14C695AE27B56
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E9A95736315FE0BD54D716396116951
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=52
Frame ID: 0132F1D713C0887626286BAB97E72FED
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
Frame ID: 03FC5CAD34F34DFD996520F5AA734F7C
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B3CCFF6595B45546275F6695153A031A
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs
Frame ID: C0BEB66417198183001B8E3C7071CA94
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 22D80255F7E1DE2152E659AAF0B307C2
Requests: 3 HTTP requests in this frame

Frame: https://ed5b2eb7ca8e2d1abd0202636c61d37e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: B54AFCB55737128553E081C1D922D390
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 884BC00D40D3C54E37CB3A5850DC37F4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 66CECE1A8FFFAE4079728093822AC9C4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs
Frame ID: BB9EF5EA83AF9EED8C70645414399F8D
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 75ABF4B352C318C966F734EDB7CD68B2
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 8AEEFA34856AC4DEDF65ED5F16EB771F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 028EDE54013DC88A41F57AF3B6C28B56
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Send Money, Pay Online or Set Up a Merchant Account - PayPal

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

366
Requests

89 %
HTTPS

48 %
IPv6

39
Domains

73
Subdomains

61
IPs

5
Countries

4891 kB
Transfer

10834 kB
Size

44
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://re-news.tw/
Title: Exit

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/48153

Search URL Search Domain Scan URL

URL: https://re-news.tw/rayskyinvest/99446

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/292631

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/4066729_XG66729_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/38375

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/643372f4ae3afc3372568f7b

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/25257

Search URL Search Domain Scan URL

URL: https://re-news.tw/renews/151

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/14027

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: Emoji

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: Geo IP

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: Big5/GB Converter

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QR Code

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: Length Converter

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: Taiwan Stock

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: Word Counter

Search URL Search Domain Scan URL

URL: https://youtils.cc/password/zh-Hants
Title: Password Generator

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: Date Calculator

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: Lunar Calendar

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: UTM tool

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 121

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=BxerxQkhC867ZIct1xQ6ZA

Request Chain 122

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=SpYKSvzUCeGAgCdi1xQ6ZA

Request Chain 123

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=7JM6-600CMeZDrv51xQ6ZA

Request Chain 126

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=SXbyoSEHDh691qja1xQ6ZA

Request Chain 127

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=R3rJXEsBBQemhJ4T1xQ6ZA

Request Chain 162

https://rec.scupio.com/recweb/js/rec.js HTTP 301
https://img.scupio.com/js/rec.js

Request Chain 168

https://rec.scupio.com/recweb/js/rec.js HTTP 301
https://img.scupio.com/js/rec.js

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=922415-4x4kZzCwGyYZU82MyJz3EYJGdIAnJxAO&uu_m=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=922415-4x4kZzCwGyYZU82MyJz3EYJGdIAnJxAO&uu_m=undefined&google_tc= HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=922415-4x4kZzCwGyYZU82MyJz3EYJGdIAnJxAO&uu_m=undefined&google_gid=CAESELFMNCyWefIVeIcCumZhyp0&google_cver=1

Request Chain 207

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=zi47xXwyeWQzZW1ISTFhMTA2YkpYZ2dxY0VmTzFVc3N5S0RJTEpWenpUOUpVbCtxTGVMeEo5QTluUmt3UERTeHBTRFR6L2d0UG12Tnh4L21IRURZcXA1RHpmU3IxMmM5UjErUFRpeUVlM1JnajB1VFJWL2RzZnNwSDhHODByQWJ0cmVJUHdLT3JhZHQ2MVRlaCs2NnY3VDg3eFRCcFpwdkZWWmRBVkJwR3lUV0NoWlFaaCsvQ0ZxMndaOExPNWlaYXVsOTM0aThYZDBpdEhiNGFTbFBDZTRVdHJaL3MyNk51QjBEcFljVzdNUGp4cno5dnprVkY2RStjK2VpQU9WRzl4T3Q1WExRS3Rlbmp3VlZSS2lYalRJaWdYUT09fA&cppv=2

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0xBMjAyMzA0MTUxMTA3MDQ5MzM2MzA%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGXzENqIZ3eL__K73jwrjfk&google_cver=1&google_ula=3918219,0

Request Chain 210

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 212

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CLA20230415110704933630 HTTP 302
https://rec.scupio.com/recweb/uxid.aspx?id=6f82f59e-3967-3413-ab12-4f4e29fed802

Request Chain 213

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=x7e7enxoNldnWW0wV1FOcnBGSWZzT05ZSUxSNU1weXlqazZiUHpoblI1bjBFUm1SRkF3akt3ZUpkam55Z2NUVDU1YkxUTmdHSTlJSExIbFF1eHhxT3NyT0FsakI0cVl1TEV4WXIrdlo2SWN6Qkl6enJMZCsycExmbGRyakliNjNvbGVrWTZuUkxteUpjY2J6OWlTQWJqTTB0dWFZUjQ4WUJwZmxsbEtsTURZWEprVVNlOVFWWklEekoyZUJXUWsyTEFSVXNzWGgvemhWajVUT1EwZUxVOXBRcWhoZjFwU29UWXNMNkxZR3FHVkF4cHZtN2w0eTE4cSswc2U1U1M3b3pqbnpQWFBVZ1dDTkcxN2wvUkgxcWJ4Zy9kWUNVZjhxWDFIS3g0cGt1aDhBalc1dz18&cppv=2

Request Chain 216

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=R3rJXEsBBQemhJ4T1xQ6ZA

Request Chain 217

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=R3rJXEsBBQemhJ4T1xQ6ZA

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0xBMjAyMzA0MTUxMTA3MDQ3MTk2NTg%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGXzENqIZ3eL__K73jwrjfk&google_cver=1&google_ula=3918219,0

Request Chain 233

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 235

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CLA20230415110704719658 HTTP 302
https://rec.scupio.com/recweb/uxid.aspx?id=6f82f59e-3967-3413-ab12-4f4e29fed802

Request Chain 266

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 272

https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681528025093348;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_pre=CNqXioX0qv4CFUW2swod7cMBlQ;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681528025093348;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 282

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=LGHEDC9E-1I-IUGE HTTP 302
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=LGHEDC9E-1I-IUGE

Request Chain 289

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/JmmsEilDN4Cxj2lgzLYuPMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-V6sN2dtE2oJcZ4BJUWLpzP_l29ftp7GZUU8M_A--~A

Request Chain 290

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SgNG4d4eQ9i-MhTel20wow&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SgNG4d4eQ9i-MhTel20wow

Request Chain 291

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdIRURDOUUtMUktSVVHRQ== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP3qDXaYEfNlEUf8LeXN9DA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdIRURDOUUtMUktSVVHRQ==&google_push=

Request Chain 292

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJQZtTr-z15nAnwS0OSEqm0&google_cver=1

Request Chain 304

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TVlh7zpVSMmeu43Tfokxxg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TVlh7zpVSMmeu43Tfokxxg

Request Chain 305

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGHEDC9E-1I-IUGE

Request Chain 306

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://match.adsrvr.org/track/cmb/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e0155521-d663-465d-a8fc-68f85070a386&gdpr=0&gdpr_consent=&expires=30

Request Chain 307

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzczN2E5ZmNlYWZhYWJjZTNhMmMzYWUxYTAxNTQ3NzJmYmI4MzBjZA

Request Chain 314

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 331

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=gLKSOnxCTXptOXFzL1g2RkxHL3prOXgzRmtaa2lXanRxWUQ3MnVNQkxrNUl1aU5JZUNaR2ozTWsydzVXa1JWSDgwOTNEUjE5UDNmdkhwQ0VLdHc5UU4xRXBCU3pZeDRaMHdNWnIwS3l2ZEdqTWVCNXovMU9pdmRzZTY0bE9hMng2SGxzU3c3STl1WkdLOEJoM3JpMnlGM01adWlVN2FzcTcwUWFsSUkzUlE1YkxsdjRRcndoM0J2ajlYVmRyeGwrRHNNM1l2UVZUQmxQN1o4KzV5cE9iV0FPdFFRQWN0cGcwa2h6Yk9UZkFERXNwemYyM2FrbHk0UmlVOGxQOUlBQXNqZUd2MEN2VHNjK2o1ZWFCYXdTaFNwTUxtTkN4bnJYQm9xR1hiTHkxSUUwZW8rND18&cppv=2

Request Chain 333

https://sync.aralego.com/idSync HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=NmY4MmY1OWUtMzk2Ny0zNDEzLWFiMTItNGY0ZTI5ZmVkODAy&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
https://cdn.aralego.net/img/1x1.png

Request Chain 338

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=2STdZXx5TE0xZDRGZnlDNlp0TzRBQXVBYjN6ZHJ3R1djTWdCOWhaaTloQ2lMbG5ycjRtL3FKcVlCU3d2M3ZMTWtPcWFWdTVlZDgwRXpZY2xJOFBKSUNlK0l5VFZTcm5tZVBMMGZjdnl4L25VeHhKejFycFp1eWZoQUlOOVBrTlViSnNZNnhTcEwyclh0MWhNZDlCbklCTG9RVUh1RTJnb2xLN1YzZm1veGxLRm5jZUY2dXVDMTgzS2tjV3RtN29GUkZwUFB4cHlNNUZab2tVOGdieEY3cC9ZeUkxYlRiNUxUYVdGS3J3SWVLNG54NEZwZkJYNFRqcDFzRW1GM0I1eHo4ZUNzOEJHZWt6YlZJbWRIZTdmd2I2Nm1jNVQySFptNXE1dkx6SUxHVlNsRHNHdz18&cppv=2

Request Chain 340

https://sync.aralego.com/idSync HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=NmY4MmY1OWUtMzk2Ny0zNDEzLWFiMTItNGY0ZTI5ZmVkODAy&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
https://cdn.aralego.net/img/1x1.png

Request Chain 365

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=9dfnt3wyanBmenhvQy92NjROcWR2NUhNQ2NSZTJ3UEZQdlEwRWNBWDNDSHdCbG5Ucy9HQXp0c0pUaEwrTG5XMW5WOThPZUVTOWtUVFY3QUJmNVJyVDA5R2t0VGQ0NXJQQUNwYTZHNGRMQ1IvSTBpOFN1TkVob0hWNGloRC84MjhhOUQvbUEyd0YyVTBPUUN6ajdOSDExN2RRalUvV0xFU3R5ZTdpZFJEeTZ1THU0Q1VCdC9nYnRxdlNSaVFqcDk3TFlsRWRhejVQdWNaZmNiZHRlbFVUS3dTb3RrS1IxOWJSV2FpN2pyZEV6cDVzMzVHSmRaUnZUTVRydUlUdXR5MVBLTG9tL3g1ckNnWE12ZmxlaUE0bll2akdIdz09fA&cppv=2

Request Chain 368

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=GwDuzF9HSDZuUkZkSkdPYnpRMDZaWjU0M1FLTEJXd0NFZzlsJTJCaFpqQkJ0UkFLQXclMkJmOWJKSm15cmV1NWRRcUswMGtVcVElMkZKQ0RLTVI5N0lHcnZEMEdrTk5EYTRmN0JuQktkY3FJVFY3Rlc4WEk0UHF1RXNjRFFpNW93TUxhUkdGYXZHNVlHQXVDeEduSjNXMkslMkZHTVRjUnRnZyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=LJPLuXxwNGdhK250TWpzM3oxelF3ZzhmekVkTUVGVmxtTUpPUGx2cTRCU3g5b25WVDBOVDMvOHlLU1UxWlNYYWFlcUhCdUVaV1JjT0p1NTdNQnEvdHUyeWhYOWpkYmhUZWRxK3NkUnR1NkhzR1g0UnZoOEp6ZldTaWdGZjdLRmlJZGR5Uno5RHExcm9HU3lvbGlNdUZEaGpnSmJmTHYyZmIvcks0NWFXTm40dWYyYkRsWXRwMVpzVG1xZit1YkptYmlmSXlSRVQyM1V0RTRiRTU4bklabGYxeDBrdkFuYTF1aTVKMHFlL3B2d2I3eW9zSFlJSEtQT0RqbTJORDloVFozeDVOK1YxR1BxMDd0V2dWbC9ZcTkrb2xkQT09fA&cppv=2

Request Chain 369

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=GwDuzF9HSDZuUkZkSkdPYnpRMDZaWjU0M1FLTEJXd0NFZzlsJTJCaFpqQkJ0UkFLQXclMkJmOWJKSm15cmV1NWRRcUswMGtVcVElMkZKQ0RLTVI5N0lHcnZEMEdrTk5EYTRmN0JuQktkY3FJVFY3Rlc4WEk0UHF1RXNjRFFpNW93TUxhUkdGYXZHNVlHQXVDeEduSjNXMkslMkZHTVRjUnRnZyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=9wsaM3xKVWVCL3dmak52Snk2ZHllM1A0T3k4dlBORmVLVC8rck1mVWYyZ0JkS0pCbVVFNkRsYWZwMFlveVBsWGNRbzFQcWtjeGF4WE5PWkRIVW9NRGpQZ2sxMkJXUVl1ejhhOGNFcURrZ1Zob0xwcmZ0VGt4Y1dsRlhaeUtWdEtsUUdlQ2ZBUUliR1hoNTg2bmVNSXpEWkFLYW9XN2c5ekk2ZDJVK0tYTHA5ZmxjMi9ycVpmT1Q2NCtCUlRhMmNTU2QySS9WT0Y5VGh1NERKbFVubzZ1NU1HZldTMnJmNzc4MCtuZWdTeHgzWVhWUmRGdTR1SlRuNzhOWjdMQVZ1T2c0Qm5JMy85MFRlb21mYXZIUE05RzlOOWZjZz09fA&cppv=2

366 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request gvjOLp Show response
reurl.cc/ 9 KB
3 KB 622ms
197ms Document
text/html 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fa290c5bd698d78e1855a34a80955ab1ba962f08b452b7d65c01c12da0abe76a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 03:07:01 GMT
server: nginx/1.18.0 (Ubuntu)
target: https://cya.nz/4Fgg
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
26 KB 49ms
13ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Apr 2023 03:07:01 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2642837
x-jsd-version: 4.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25648
x-served-by: cache-fra-eddf8230028-FRA, cache-yul12830-YUL
x-jsd-version-type: version
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
reurl.cc/stylesheets/rwd/ 2 KB
1 KB 198ms
195ms Stylesheet
text/css 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/gvjOLp?co=muj3e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-9f6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Sun, 14 Apr 2024 03:07:01 GMT

GET
H2 200 pixel.js Show response
reurl.cc/javascripts/ 429 B
524 B 198ms
197ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/gvjOLp?co=muj3e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-1ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 14 Apr 2024 03:07:01 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 5 KB
3 KB 619ms
202ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 03:17:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
80 KB 97ms
42ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cdaaac8c42822a2f9a477aa766f51927caf17b354cf808397b73f5d24c90115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81900
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Apr 2023 03:07:01 GMT

GET
H2 200 ysm_reurl.js Show response
ad.sitemaji.com/ 17 KB
6 KB 52ms
12ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_reurl.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 17:38:33 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:48:16 GMT
server: nginx/1.12.1 (Ubuntu)
age: 34108
etag: W/"5d0b4850-4488"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5880
expires: Sat, 15 Apr 2023 17:38:33 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 76 KB
23 KB 98ms
21ms Script
application/javascript 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: cfb9efc885f20a99b4de4a37da33b3d25262b880f14df6b13aadd0c3e3754944

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:05:18 GMT
content-encoding: gzip
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 01:19:47 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 104
etag: W/"641a57b3-12f95"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
x-amz-cf-id: vf5UpPNHYHHB1Ddx4zCHVOuuOCCUzfj9-adIFrKEcjL3KDY_tPKWuw==
expires: Sat, 15 Apr 2023 03:20:17 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ 17 KB
18 KB 100ms
24ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: DUhNY4EFxx.4ZxHOJWw5a1tFjsqena_.
date: Sat, 15 Apr 2023 03:06:20 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 48
x-amz-server-side-encryption: AES256
etag: "6c37b2eb5706a6225b62a75a80493f4a"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17750
x-amz-cf-id: -oaW-MWvIahzu9MBvUrvVVigxzCeJYz_nojYVKHqkeGobPe4oulkrw==

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
33 KB 48ms
13ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 15 Apr 2023 03:07:01 GMT
x-content-type-options: nosniff
content-encoding: br
age: 927191
x-jsd-version: 2.5.16
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33184
x-served-by: cache-fra-eddf8230020-FRA, cache-yul12830-YUL
x-jsd-version-type: version
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 renews.js Show response
reurl.cc/javascripts/ 412 B
493 B 199ms
197ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/gvjOLp?co=muj3e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-19c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 14 Apr 2024 03:07:01 GMT

GET
H2 200 loading.js Show response
reurl.cc/javascripts/ 134 B
339 B 199ms
198ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/loading.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/gvjOLp?co=muj3e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-86"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 14 Apr 2024 03:07:01 GMT

GET
H2 200 ga2.js Show response
reurl.cc/javascripts/ 536 B
550 B 200ms
199ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/ga2.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/gvjOLp?co=muj3e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-218"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 14 Apr 2024 03:07:01 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 74ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 15 Apr 2023 03:07:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: IC7LwM7AVSSV9FOqeotI7iYOQl+9mDryPg1aIHTPWqUyhyU4f1iso4tbQvhX/gDzE179b2poMpa6gimJyMpujg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 1CB0 96 KB
27 KB 165ms
113ms Document
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

697039e7a64e2e39ed080d5f0526af5314f9f1b81eda4b4b2a09dd94dcc33378

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 03:07:01 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: hZ8uoVw4YAiOmO300XsVCUpMpNrN+9docX5+AWCyo72Ih+TnCFY3t+AGXsX0weqgIfoKuxExdJfuu5/13nGyLw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 feeds Show response
storage.re-news.tw/ 7 KB
8 KB 232ms
197ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 62997ef9963dd71a8147b9a5a1c24e66464a245bff2390b479b144a6fcc3b94a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1dd0-pApZyJdXChuyZr6MzsqnKsVVoVs"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7632

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 77ms
25ms Script
text/javascript 2607:f8b0:4004:c1d::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 02:58:46 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 495
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 15 Apr 2023 04:58:46 GMT

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 150 KB
41 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.101&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9c9f87285251bbcc9a701bc74e755b0c48e1321efdccafd33c28896b40aa3ff3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 15 Apr 2023 03:07:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 42315
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jRTFKAcPzR/V3INVm43/tTVomn4F6jHrYOk+rXx2mPyV5RTDff4UfIswQ+Fa8d1hToR2ZXiUWuREc3yt8EhAWg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 17229.json Show response
img.scupio.com/js/config/ 461 B
870 B 57ms
19ms XHR
application/json 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: e40fab19fb3fe7b54e20e095695aea442893df40ac66bfaa82e0453dbe66ea5d

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 03:04:35 GMT
via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 146
x-cache: Hit from cloudfront
content-length: 461
last-modified: Sat, 15 Apr 2023 02:20:47 GMT
server: nginx/1.12.1
etag: "643a09ff-1cd"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
x-amz-cf-id: A54qpOzyzBFRTmmb_cBrFPVTZrqf3313vov4gGOZfpjcrUnbZhcMgA==
expires: Sat, 15 Apr 2023 06:04:35 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
711 B 1048ms
206ms XHR
application/json 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.589454771044656
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-180.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 03:07:02 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json
Access-Control-Allow-Origin: https://reurl.cc
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame A7E8 83 KB
22 KB 21ms
19ms Document
text/html 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.67
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 930
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 02:51:45 GMT
etag: W/"641a5637-14dfe"
expires: Mon, 15 May 2023 02:51:31 GMT
last-modified: Wed, 22 Mar 2023 01:13:27 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
x-amz-cf-id: ufdKMfK-JNAUA9xqzNwSEdYrbN3LHHL5sANQmCEp5PjeD31-XVCwlg==
x-amz-cf-pop: EWR53-P1
x-cache: Hit from cloudfront

GET
H2 200 17253.json Show response
img.scupio.com/js/config/ 461 B
867 B 451ms
422ms XHR
application/json 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 06322fc8a6f8e63c959a7361f664450b4db0dbb9151f27a9e47f71c41e4871f6

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
last-modified: Sat, 15 Apr 2023 02:20:48 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
etag: "643a0a00-1cd"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 461
x-amz-cf-id: GNOTVcaKCFY6mxoQDUAcnCakovbWxTRIEOMrHMj6uZF4TcGHikqwZw==
expires: Sat, 15 Apr 2023 06:07:02 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
711 B 1056ms
209ms XHR
application/json 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.8396802882192755
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-180.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 03:07:02 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json
Access-Control-Allow-Origin: https://reurl.cc
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame 3175 83 KB
22 KB 22ms
21ms Document
text/html 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.67
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 930
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 02:51:45 GMT
etag: W/"641a5637-14dfe"
expires: Mon, 15 May 2023 02:51:31 GMT
last-modified: Wed, 22 Mar 2023 01:13:27 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
x-amz-cf-id: mNyeqClsx3Vin6ScYQ6XJf-qtASL37SAgD13gyRrGpFQkywV95RRMA==
x-amz-cf-pop: EWR53-P1
x-cache: Hit from cloudfront

GET
H2 200 create Show response
referer-log.holmesmind.com/api/v1/kinesis/ 51 B
261 B 836ms
274ms Fetch
application/json 52.69.218.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=13856&domain=reurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.69.218.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-69-218-118.ap-northeast-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

1bfc2e2068ee2ce434a9273fee1accffeeacdad69ce3c220d9daa5fbed639a62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 8008 7 KB
8 KB 30ms
29ms Document
text/html 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 7
content-length: 7381
content-type: text/html
date: Sat, 15 Apr 2023 03:07:01 GMT
etag: "7043648f76be8783efb738bc06c56fa0"
last-modified: Thu, 13 Apr 2023 07:03:38 GMT
server: AmazonS3
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
x-amz-cf-id: fwh0oQnfrkUqDujfHvaW0VP2LGdG-xNGni4xIALUAMh38rD3CcNnHQ==
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: dx1zZGj7kM5P2QQxgaZZkMgXwhIKv6rf
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ 662 B
1 KB 20ms
19ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: NKk4DvuerUEJSZO2Q_zQvbJHzZhMaWpl
date: Sat, 15 Apr 2023 03:06:48 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:15 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 14
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: YU-Q7GZJaupxg1Ra1AvRPwRB4YLe6T5I5GfiAQA4vtvtAUFy0xpZWg==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame FB72 15 KB
16 KB 31ms
31ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: BDmwaD25zAZXCzgujfpq5axvW6cde0Fd
date: Sat, 15 Apr 2023 03:07:01 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 26
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: 18FoHNzlJMvUZlmSULS-n3QStjMih5VPqfO_qDJqBhw4i89TvRVj3A==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 0B1D 15 KB
16 KB 24ms
24ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: BDmwaD25zAZXCzgujfpq5axvW6cde0Fd
date: Sat, 15 Apr 2023 03:07:01 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 26
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: A5mxUnaNRTSJxyesoWx42MNp0uXwQI3FI2iNJRe2fRCINXJ9aO9GPg==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame AF26 15 KB
16 KB 29ms
29ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: BDmwaD25zAZXCzgujfpq5axvW6cde0Fd
date: Sat, 15 Apr 2023 03:07:01 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 26
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: utKwZ0MktZKfB5Fvj9Ws9nkyLR0Lr4tB57Viwax99EVwHg2zSN7PaQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame A8B3 15 KB
16 KB 23ms
23ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: BDmwaD25zAZXCzgujfpq5axvW6cde0Fd
date: Sat, 15 Apr 2023 03:07:01 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 26
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: aUTUuxyuZmLvBjqHL2b-YF8pUjIfBUE8FKOyft5Awy6VWGQGebFI0g==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame A7E8 95 KB
34 KB 81ms
26ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 19:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 19:29:34 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame A7E8 236 KB
83 KB 21ms
20ms Script
application/javascript 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:06:05 GMT
content-encoding: gzip
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 60
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: rS0brOKx307Y10UpVCpZgw4dZ8TKhNxB7EDaGUdCrj-8x34rV--luw==
expires: Mon, 15 May 2023 03:06:01 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 3175 95 KB
33 KB 97ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 19:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 19:29:34 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 3175 236 KB
83 KB 28ms
28ms Script
application/javascript 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:06:05 GMT
content-encoding: gzip
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 60
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: tsNodSWqSV1CparQ-IstN1IAUNv-g0p7tlPNvxkCR-N1mZxCtL4ssw==
expires: Mon, 15 May 2023 03:06:01 GMT

GET
H2 200 z7wmxKtIZsi.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ Frame 1CB0 20 KB
5 KB 72ms
22ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/z7wmxKtIZsi.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4fbc87a75771407325342610ece2c80083d0b735dc7da625839fde08bcf66285

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: x3Wn+KCvITgs+5bNyICjZg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5108
x-fb-rlafr: 0
x-fb-debug: FLnvCaHgZHIHATMyrByO4Se5ON6oefxXYT1arrnXp69NsB7NuZXB5LBtnjV7MYoV/s0tHTHXIlZkBJ+A/aySwg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 13 Apr 2024 18:50:59 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 1CB0 2 KB
1 KB 72ms
22ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: +iRqI2oUMazBmmeF1FBsbVxFBOcgimSg6R2vqnxkVIAG0Zsd4XSQTzMmBud7iCC1f143kWo3ibBJ5WwGoSfTXQ==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 04 Apr 2024 20:50:27 GMT

GET
H2 200 5Efu-Dd9ERG.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame 1CB0 33 KB
7 KB 68ms
19ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fl5R7gBdn+7q3joF/eO71w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6398
x-fb-rlafr: 0
x-fb-debug: xLoXxDTloLZ3ZArpH4vzfaipRUidgkremNWww3AjyPW7DaxMvxOUhnBhyJzimAK/4eFWjZu9sBsA4RnHT1SFYg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 17:34:13 GMT

GET
H2 200 ktJzP47EwrW.css
static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/ Frame 1CB0 25 KB
6 KB 110ms
60ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/ktJzP47EwrW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4fe2f1e10ad7169b07a1fa35579e12df94c80710f138fe2ceea62d047d4da43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: c/Lr/MUvwswpZDqzOqjszw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5632
x-fb-rlafr: 0
x-fb-debug: 3TI9C9a4JFaLqW1Ng7Hw0ogQPGgp+XCqJn+jTqcmSwqogSRBUg9o38laVLDZbjlAzCNdVy76herT4x9gjoo6xg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 12 Apr 2024 06:03:28 GMT

GET
H2 200 PTAMAF8Hi8v.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 1CB0 304 KB
80 KB 72ms
23ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/PTAMAF8Hi8v.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ad7d15812eaa6a06c1ba50fd4e12534afa72ef234e6263ddf5d633fe1ea7a9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +upM8hBNCoEzgKWYl/AzGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 81667
x-fb-rlafr: 0
x-fb-debug: SJTsf+5qFde7/nDyvMfs6G31NFJlZBlee9yA4VVVr/CuyLQ9YT5SvPfTMaMimHQvwF6zlli3+tpm11pYEK0lQg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 02:30:43 GMT

GET
H2 200 TXms_HrZwKP.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 1CB0 57 KB
18 KB 72ms
23ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/TXms_HrZwKP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

30a288f4b8350f8121ceab4313aa78320d3a313c7425136323191ced5b6a0b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5xeNXxWs1OEER8b29ktDpw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17978
x-fb-rlafr: 0
x-fb-debug: 5W7FrBh9FIJkMR3nG57zQbsQNmH49CQNGIC820vIHoYupsp89uXvIWRwnZIdaXV+RhwIx7eevOQGgSd8OR6BrQ==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:15:26 GMT

GET
H2 200 tsYdVHJ-hR3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 1CB0 56 KB
18 KB 110ms
61ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/tsYdVHJ-hR3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

541aa8107ab5589ef7f8da4481836ffeef358d9dba7a3fad482d0bda1c7f9960

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SuHECju1lDa01xQE0qV9nA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17750
x-fb-rlafr: 0
x-fb-debug: bC5EbUQIlV/GXEFom5wI2Pa/duqlwDOJKEvwopFj4bxc3FnFUaf3OQFw9wY1oIp+qlEq7Jl7erLSh0PxURvhtA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 13 Apr 2024 05:46:48 GMT

GET
H2 200 Pv0iK0zPy4O.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yP/l/en_GB/ Frame 1CB0 76 KB
22 KB 110ms
62ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yP/l/en_GB/Pv0iK0zPy4O.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a3920a01c0dcd03e7617df96bcbd48fb4c6f9ef73ae02927bc9578b15918afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TfS0DiWXKuHxZdy16nO7fQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22446
x-fb-rlafr: 0
x-fb-debug: lxNFfp8Kzq2BH9RCHx3iBHQkdGPhSt0D1cp2pvmpn/BERp0190gfMxLSrRbwbxGlUVjCAL8eVFEgEC3OPrUOaA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 20:12:39 GMT

GET
H2 200 9gv42zM66FW.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame 1CB0 17 KB
6 KB 111ms
63ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/9gv42zM66FW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

693a43ba2993bd6945ee91c96cdc986d8db5db50dc67aa5c6c631164cb635333

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7dm1CR+m7GVkOcKBuUrKJw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5947
x-fb-rlafr: 0
x-fb-debug: 6RcJiLXW1VXNxhZN71N5lurmqdVfSLjSqlx9TZChbtph+Es6mH0i+MFatnI3t8iWhSnLh/YKzVSM+oosxKagbQ==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:15:26 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 1CB0 507 B
486 B 111ms
63ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: P3eVJi2JRflDRneXdgoHYN9ZoXo4KVsN6F23rvOEUZh9Qubp1WOXiQzSZxdnh/koCI2dJ+mGyNsd+rXXc5H3Iw==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 22:48:10 GMT

GET
H2 200 UCbKgtEtu7r.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/y2/l/en_GB/ Frame 1CB0 206 KB
59 KB 113ms
65ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/y2/l/en_GB/UCbKgtEtu7r.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d356266cbf28b090f7fa6ee9c515390bec1aa129686a1efe76d076690d4af611

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: liTOG76UPKsMvH+tXJ+ruA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 60087
x-fb-rlafr: 0
x-fb-debug: n1Jz9Cd0yia1P9WGEcz2EJGR0wbuiK1VuOKmmIuiOY4bCfEMgi3RiAFjPuPSNuZ+YwnYmLqlfmK2/I09wuxTQg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 13 Apr 2024 18:40:54 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 1CB0 5 KB
2 KB 112ms
64ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: koakLGY1v5R2GWTxsSnA3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1615
x-fb-rlafr: 0
x-fb-debug: O1EvsGERMgNGapOZXELDdARejjuA0JMlfLJWFvVu4qDeUGOvf50a9mWrdUq6c1LZsWPLu61q+kVwDnX32bmwRQ==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 06:28:06 GMT

GET
H2 200 -YfYBc41JI7.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame 1CB0 25 KB
8 KB 110ms
62ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/-YfYBc41JI7.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e95cae8d40d54a66307d061c442dd08b982292891e91a92be1cb21eec8a2d22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dWoEb7wLFR6Z3VHvF0fu4A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8322
x-fb-rlafr: 0
x-fb-debug: Ytrvd710YsKuJIg+QtHugq/BE7uWofMf+AsN0zJJjSBU3hF2elYrbbmCVXlw5nye5jeNGiFqEUWFnZ/eFdi1FQ==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 12 Apr 2024 15:24:41 GMT

GET
H2 200 mBu2BfVLkkb.js Show response
static.xx.fbcdn.net/rsrc.php/v3impS4/y0/l/en_GB/ Frame 1CB0 328 KB
77 KB 118ms
71ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3impS4/y0/l/en_GB/mBu2BfVLkkb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8fbc4d6db87655c070a74a1a787c657077a12214a8d85da2129cdc1a7bd5d7fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pRbQwVPcSQLQ/bTJlD1wuA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78662
x-fb-rlafr: 0
x-fb-debug: PDEKmvuuM09svhTmjksN6mVEoflMMGXUssG2RyCXuepXLGDvOZpNQ5KJUDEOrSff+Sm7je5zQoNXqWyIMbp7Mg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 13 Apr 2024 18:40:08 GMT

GET
H2 200 6c4xucucgO9.js Show response
static.xx.fbcdn.net/rsrc.php/v3i30-4/yG/l/en_GB/ Frame 1CB0 410 KB
96 KB 109ms
62ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i30-4/yG/l/en_GB/6c4xucucgO9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20b236770c01f9b8cd4ec9c927acb7f55e4fa559fd9b41a1b5c2bd9d39d7a277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dE+znXG0SvyMAg3QWA8TzQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 98559
x-fb-rlafr: 0
x-fb-debug: b591giqiTjdHGL7t/B1z9d941jfRhQ+DtsujWeEkP7qum+VSGAi7QiHp3v6Z4O9Y+MyenA27TFzHzo0+cbPOOg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 12 Apr 2024 07:51:09 GMT

GET
H2 200 I91dQtKCqtJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 1CB0 4 KB
1 KB 112ms
65ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/I91dQtKCqtJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35038446d0cae0d4cf68472310f8c4e3775f84d4a6c51036fb52c1276c8a5ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2IYt6/c/e1MNqkQFb3wwdQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1285
x-fb-rlafr: 0
x-fb-debug: hzcbvUeqtJqFGCwdR3uoq4BReIHt5E5azGHspw+iGgzLjvxp0k99H2DbiMjvmfmZ96RN4WSS1x69PzioRytGDw==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:15:49 GMT

GET
H2 200 G_cSoAztzdC.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 1CB0 27 KB
7 KB 112ms
65ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/G_cSoAztzdC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f971cb967dcad04a8841f828a2de1be5c99abec685ce5dadb449b5e36c217dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MzBmMfp4vjooX85fINNmZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7322
x-fb-rlafr: 0
x-fb-debug: KOYEgs6MJeqfnE2sjhGRSpoqc358b/nyThFOnEYG7ejVSmNUgnLQF3ZHBrKH6aLt6ZQ4iB0FOnJH76HGis6Ymw==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Apr 2024 18:35:55 GMT

GET
H2 200 Mx73slMhfF2.js Show response
static.xx.fbcdn.net/rsrc.php/v3ibcU4/y_/l/en_GB/ Frame 1CB0 53 KB
16 KB 111ms
64ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ibcU4/y_/l/en_GB/Mx73slMhfF2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be4783efeb04d9e88319ad016bb8e7044723c832fa5e87dd1c02029ec045d644

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Koqcw5i26jAdQVv8M3vsaA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16262
x-fb-rlafr: 0
x-fb-debug: GVr0/yNgQb1FNQ022vo9TCom/DVlTtENg2E8IVuQFqzK9b9/hKi1ohHpwto11XSGzvS7RZAlO1Y+T27M7Y9DeA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:20:36 GMT

GET
H2 200 7TQpq0fzfu4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 1CB0 2 KB
973 B 110ms
64ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TLChQoDhUYzpJFadDZTs1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 782
x-fb-rlafr: 0
x-fb-debug: NE9oo21IGhzL5lkWMC7QDyisFJuFu0ODnV6is1txBwaYTs3km62Ie0CKAWhVzEP+pEYbGDmsGooi1Mcrgracwg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 05 Apr 2024 15:36:37 GMT

GET
H2 200 h8ulkmpky8f.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 1CB0 55 KB
15 KB 110ms
63ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lbhbphR1BNPxW6RqDJiiow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15174
x-fb-rlafr: 0
x-fb-debug: UWzGx6t+75dSfHHOSESBXd8nh0Y0C+ULOhoFMh/c1VpUJiCvbeyO8KwtcM4LiP72qiGl9f33Wgaqex4bLVxXww==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 04 Apr 2024 19:27:27 GMT

GET
H2 200 325141786_6140032619364934_7377705774471631398_n.jpg
scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-6/ Frame 1CB0 16 KB
17 KB 57ms
18ms Image
image/jpeg 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=dd9801&_nc_ohc=G4524WmMrN4AX8kN2-o&_nc_ht=scontent-yyz1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfD0O0YkebPfcKtNbh0yngqOGhtgorKOjIMYBKdGrppK7Q&oe=643F17C5
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-haystack-needlechecksum: 1290236993
date: Sat, 15 Apr 2023 03:07:02 GMT
x-fb-trip-id: 1512268381
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 13 Jan 2023 04:15:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1433450679
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2910780274
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 16853

GET
H2 200 305964663_450890893727816_1742559653774706626_n.jpg
scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-1/ Frame 1CB0 1 KB
2 KB 51ms
17ms Image
image/jpeg 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=bt6Lld2MPBAAX_bouem&_nc_ht=scontent-yyz1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfDGIaeKYWCwqYjKeGgN93nwC7aZpYfejmYCNA12WrOThQ&oe=643FD195
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-haystack-needlechecksum: 760809244
date: Sat, 15 Apr 2023 03:07:02 GMT
x-fb-trip-id: 1512268381
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2540016234
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1345

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 15 Apr 2023 03:07:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: sBPUVU04Yyc3pOSJZPkRQh5bDrsINPt6+COuF9FeWk4wtWuVGkkzj48GLw01yVbY8apXHFSekCI7cdqfx4s5dQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
142 B 38ms
32ms XHR
text/plain 2607:f8b0:4004:c1d::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1177014739&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&ul=en-us&de=UTF-8&dt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1310666146&gjid=1268762503&cid=1916364193.1681528022&tid=UA-102456694-1&_gid=1570841255.1681528022&_r=1&_slc=1&z=1172093558

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 25ms
25ms Image
image/gif 2607:f8b0:4004:c1d::71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1177014739&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&ul=en-us&de=UTF-8&dt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MTQ5LjU2LjE1My4xODQ&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1916364193.1681528022&tid=UA-102456694-1&_gid=1570841255.1681528022&z=1910124078

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 01:35:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5471
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame BDC9 0
217 B 860ms
266ms Document
text/html 52.194.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 03:07:02 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 502 cm.php Show response
fcm.holmesmind.com/ Frame 13BF 332 B
417 B 6080ms
6040ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: /
Resource Hash: 8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 03:07:07 GMT
referrer-policy: no-referrer

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 8008 5 KB
3 KB 356ms
204ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 03:17:02 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 8008
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
509 B

46ms
45ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 8008 0
218 B 859ms
265ms Image
text/html 52.194.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 38ms
37ms Ping
text/plain 2607:f8b0:4004:c1d::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je34c0&_p=1177014739&cid=1916364193.1681528022&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681528021&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&dt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame FB72 575 B
644 B 103ms
20ms Script
text/html 2600:9000:2512:6000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:6000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:03:02 GMT
content-encoding: gzip
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: JFK50-P7
age: 240
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: eXOMuDKsJDp2yyIYomLCTqvUJCUToPhNY8AyHA2IMQNJ0oRwYT-4Ag==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 0B1D 905 B
732 B 101ms
21ms Script
text/html 2600:9000:2512:6000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:6000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ed74e72b416728f59f50d31d28e49a600686f2305a5e01b9345f7ca614101b63

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:03:02 GMT
content-encoding: gzip
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: JFK50-P7
age: 240
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: aaR7JHAWj_WUybhcNvoUBX_ly-VLxrehJlGTSFkK1U9Y9fC6VgrryA==

GET
H2 200 1681511369-5f4c8c1d4970a526c7dd0e03447ef085-840x525.jpg
img.gbyhn.com.tw/2023/04/ 128 KB
129 KB 129ms
34ms Image
image/jpeg 2606:4700:3034::6815:6009
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2023/04/1681511369-5f4c8c1d4970a526c7dd0e03447ef085-840x525.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:6009 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e023dff186832c6a9062473e5bbadbab1a9ba3b12654fc51235a13a407ae60b5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15603
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 131422
last-modified: Fri, 14 Apr 2023 22:29:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aM6yxHTl9qmYGZdm%2Bw2caVj6lgGgZGcLKSwaKOsa3yMNti%2BBwGPb3iyzgcksDOyfaVWQD6pb1dgkTnueFTCBBo3DNX4w%2B9VSC%2BoPHUuON2qzdJlC59Dyr48TGVLS8Geiy82rQQtNB94Kqzxrfk1e"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b80f9d9dd4a11a3-ORD
expires: Fri, 21 Apr 2023 22:41:14 GMT

GET
H2 200 %E8%B7%9F%E9%A2%A8-Youtuber%E3%80%81KOL-%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9C%9F%E8%83%BD%E8%B3%BA%E9%8C%A2%E5%97%8E-2-750x375.png
www.rayskyinvest.com/wp-content/uploads/2023/04/ 273 KB
274 KB 126ms
30ms Image
image/png 34.149.36.179
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/2023/04/%E8%B7%9F%E9%A2%A8-Youtuber%E3%80%81KOL-%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9C%9F%E8%83%BD%E8%B3%BA%E9%8C%A2%E5%97%8E-2-750x375.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.149.36.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 179.36.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 73e18bfe1a45f8cb774ec7f8526277d36a113618d90ed3b6d44c713962ff26b3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 15 Apr 2023 03:07:02 GMT
expires: Sat, 13 Apr 2024 19:23:33 GMT
last-modified: Fri, 14 Apr 2023 18:55:23 GMT
server: nginx
etag: "6439a19b-44589"
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 279945
x-cdn-c: all
x-sg-cdn: 1

GET
H2 200 %E5%BD%B0%E5%8C%96%E9%8A%80%E8%A1%8C%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1%EF%BC%8C%E6%8C%87%E5%AE%9A%E9%80%9A%E8%B7%AF%E6%9C%80%E9%AB%98-10-%E5%9B%9E%E9%A5%8B-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/04/ 56 KB
56 KB 169ms
103ms Image
image/webp 192.0.78.244
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2023/04/%E5%BD%B0%E5%8C%96%E9%8A%80%E8%A1%8C%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1%EF%BC%8C%E6%8C%87%E5%AE%9A%E9%80%9A%E8%B7%AF%E6%9C%80%E9%AB%98-10-%E5%9B%9E%E9%A5%8B-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.244 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

18bb0e90797ec6f226137169e5775aceac0cb1ede819c3526b431cc2034db84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ac: 2.yyz _atomic_dca BYPASS
content-length: 57142
x-nc: HIT bur 5
last-modified: Fri, 14 Apr 2023 09:55:21 GMT
server: nginx
etag: "a0eb31a3ae0e1194"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Sun, 13 Apr 2025 21:55:21 GMT

GET
H2 200 Vymo_Logo.jpg
mma.prnasia.com/media2/1026997/ 16 KB
17 KB 81ms
28ms Image
image/jpeg 2606:4700::6810:fd04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/1026997/Vymo_Logo.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:fd04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f0637711cd180a6cb50f2882d67a419ac556e21ad9ec02ade9f5e2df2bc063b2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
cf-cache-status: HIT
age: 60150
x-powered-by: ASP.NET
server-timing: intid;desc=5e61ab3fbcea7efb
content-length: 16859
cf-bgj: h2pri
last-modified: Fri, 14 Apr 2023 08:31:51 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 7b80f9d99c56ece6-YUL
access-control-allow-headers: Content-Type
expires: Fri, 14 Apr 2023 08:31:52 GMT

GET
H2 200 2023041403051756.jpg
img.racingcharger.tw/wp-content/uploads/ 114 KB
114 KB 178ms
38ms Image
image/jpeg 2606:4700:3032::6815:43a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2023041403051756.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:43a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6729563a7dcd413a09f819cbd4ed5f581a3d3ebd65c52ea411d85d77067f4526

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 03:05:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26700
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBlmmUUbRLKTC%2BnY%2FdKYodbsdIbxg6O6ms8FaCBCycouOZc1Z7XWTKyouzwSjFMnjLW43ywNUGxA%2Bm2zQ53KRsj%2FOcygcVLc5lOrcLMASnYp6GyK01IPNehRRpfHO82BZdNPNmcFBm53%2Fd44UuUPGzkDiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7b80f9da2f3d10ab-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 116240

GET
H2 200 file.png
static.wixstatic.com/media/08c74d_ba3a5eb8e092499c974acd5b3e418350~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 331 KB
331 KB 57ms
15ms Image
image/png 34.102.176.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/08c74d_ba3a5eb8e092499c974acd5b3e418350~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.21.4.1 /
Resource Hash: fe3c06eeffb10add536e52ac60fb6cccc3ea545d6fa16231830de8c4630d4851

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 15:31:27 GMT
via: 1.1 google
server: openresty/1.21.4.1
age: 128135
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338711
wix-tracer: 2ONT9PRngBNXpVOFoU1NM4fbJLr
x-seen-by: image-manipulator-54fd5c7947-lzpnk

GET
H2 200 renews-title1.png
re-news.tw/images/ 24 KB
24 KB 615ms
196ms Image
image/png 35.185.136.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re-news.tw/images/renews-title1.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.136.122 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 122.136.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
last-modified: Sun, 28 Nov 2021 04:19:19 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "61a30347-5fad"
content-length: 24493
content-type: image/png

GET
H2 200 1672766450-7-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/01/ 487 KB
488 KB 64ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg?fit=2560%2C1920&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

81a83ad8c65b893ec909609444e653b7e0be9395ccf59016e03284e0d1a13844

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Sat, 15 Apr 2023 03:07:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Jan 2023 09:13:55 GMT
server: nginx
etag: "f7d4c4808cdae700"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg>; rel="canonical"
content-length: 498450
expires: Wed, 08 Jan 2025 21:13:55 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame AF26 7 KB
1 KB 23ms
20ms Script
text/html 2600:9000:2512:6000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=14209
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:6000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 67988687e1abdb7513a40ec60f8ed45c834949e86c1c9fa76983d00590ce0da4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:01:51 GMT
content-encoding: gzip
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: JFK50-P7
age: 311
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: zrEI8tyYV8xF731cK-Leq6YVWd6CyuMfSTCcrClu-NAPWbGlxpej0Q==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame A8B3 756 B
691 B 23ms
21ms Script
text/html 2600:9000:2512:6000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13847
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:6000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ede20041bf104095302e63753987b35d2b4bd8c1761ca246df8d7350385de315

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:03:02 GMT
content-encoding: gzip
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: JFK50-P7
age: 240
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: JEEq6xniQKzPIrM_wrnIgspU6Qrb7WBeHmybS0I0R7DX8ikc53YqRQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
344 B 88ms
33ms XHR
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-102456694-1&cid=1916364193.1681528022&jid=1310666146&gjid=1268762503&_gid=1570841255.1681528022&_u=IEBAAEAAAAAAACAAI~&z=1894569706

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 15 Apr 2023 03:07:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
127 B 19ms
18ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&rl=&if=false&ts=1681528022068&sw=1600&sh=1200&v=2.9.101&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1681528022066.1471806994&it=1681528021737&coo=false&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 15 Apr 2023 03:07:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame FB72 2 KB
999 B 1033ms
313ms Script
text/html 18.179.127.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&n=847&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT&fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.127.135 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-127-135.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b5631557d4a0e8f36801f90e601b47095e63bf30162b6e10e6fb87cd87fa7ecc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 03:07:03 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame FB72 3 KB
3 KB 30ms
29ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: DlDm2.RaHqnwd1PNmY0dNCVp5YdFVv6_
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:39 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 12
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: NaKU1HXwibJcRsuq8Rlzz7K-TxrL9_y0sBg-DgGss-zhDR8RZ_sLJA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame FB72 3 KB
3 KB 20ms
20ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: bBaDhinVDm2bQtBAHs6w8Ot0TdmtaBTy
date: Sat, 15 Apr 2023 03:06:32 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 32
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: lhB_-YyjUdaG3BQi_MbpwxOsXGwM6LyooW6c9oq4FMnJj92MDng45w==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame A8B3 2 KB
1 KB 993ms
275ms Script
text/html 18.179.127.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&n=676&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT&fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.127.135 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-127-135.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7fc0ad2c7249978b6cbfb8b5d2fead7f0d60116cdb47bc8516ff5cd7d0941e56

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame A8B3 3 KB
3 KB 29ms
25ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: DlDm2.RaHqnwd1PNmY0dNCVp5YdFVv6_
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:39 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 12
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: E5626uEg87Vc0KS-CrMDPAbhZq77qLt6x3yfOv5S2ryZpoxzwhvCBg==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame A8B3 121 KB
40 KB 100ms
49ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-1e357"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Apr 2023 03:07:02 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame A8B3 2 KB
3 KB 33ms
27ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: PY2bcG6xDpnYGIi3HqgNZW1F0xtNtFx9
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:02:56 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 12
x-amz-server-side-encryption: AES256
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: mMiBZL8Z8BwtDCNTu06UGv8PHygCqYlBx8rfdiXYoMW4WcLmvoEpJw==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame A8B3 4 KB
5 KB 33ms
27ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: boIKRsKmKdtT.J77QHrBLe19jkz7V0u.
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:35 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 4
x-amz-server-side-encryption: AES256
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: -gGHd081hFK58-SUy8jy7lHpLLfak11nEMdgJXQeeyCfdNdOlQWG9A==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame A8B3 3 KB
3 KB 23ms
18ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: bBaDhinVDm2bQtBAHs6w8Ot0TdmtaBTy
date: Sat, 15 Apr 2023 03:06:32 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 32
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: uQLzp__WpgiEpAJzgXIF5tkWy1it4D8ApXLjTrreLpNYKhM4R3Ux1Q==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame A8B3 6 KB
7 KB 34ms
28ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: lsUCSJJiHzZ.l3kqzr7xEkgy8qV8KR3d
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 26
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: EzirIRaBPokkE8Bjnz2l-0NTPe2HJMiUfBaHRzcM3CdmEEWjBnCbQg==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame AF26 2 KB
1 KB 1027ms
312ms Script
text/html 18.179.127.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&n=412&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT&fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.127.135 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-127-135.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: af6ba1c43cbb747c782cafa6d73dbcee9ceab96ae865144138380f8a935be96d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 03:07:03 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame AF26 6 KB
7 KB 33ms
27ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: lsUCSJJiHzZ.l3kqzr7xEkgy8qV8KR3d
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 26
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: z2cQ_8k6xyQ-bSRkazzcr_HbpXNdxtt_ksLS5nNInDze5PqEqc92eA==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 0B1D 4 KB
1 KB 1019ms
306ms Script
text/html 18.179.127.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&n=928&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT&fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.127.135 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-127-135.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d09c7e9ab90fb033006b924de33631051bd6a39e6a409254cb756b63ee8863d8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 03:07:03 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 0B1D 3 KB
3 KB 25ms
21ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: DlDm2.RaHqnwd1PNmY0dNCVp5YdFVv6_
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:39 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 12
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: YVHongDyQl9IaaU4tEwshobHPin1C3WUbJzewoh1K48THTKhHzkhpw==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 0B1D 121 KB
40 KB 124ms
76ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-1e357"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Apr 2023 03:07:02 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 0B1D 2 KB
3 KB 30ms
26ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: PY2bcG6xDpnYGIi3HqgNZW1F0xtNtFx9
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:02:56 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 12
x-amz-server-side-encryption: AES256
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: 3Iroj1lcD0ua94SWxKcC4PmpzdGJ9z7ikqxeySeyXTMvEWxR1TirQw==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 0B1D 4 KB
5 KB 31ms
28ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: boIKRsKmKdtT.J77QHrBLe19jkz7V0u.
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:35 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 4
x-amz-server-side-encryption: AES256
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: TBmKEeQt0TViUzghLiO-JpsZgKhkjUsfwAI_WEVyZBi_AhYjOqTXgg==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 0B1D 3 KB
3 KB 32ms
29ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: bBaDhinVDm2bQtBAHs6w8Ot0TdmtaBTy
date: Sat, 15 Apr 2023 03:06:32 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 32
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: 6th6vFgEmAKAp1VM0sRVLyYh0T-48YM2oBHLHClm8P4ueQ0lD4YgEw==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 0B1D 6 KB
7 KB 32ms
29ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: lsUCSJJiHzZ.l3kqzr7xEkgy8qV8KR3d
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 26
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: uGVfQj3liDAX7yqbz_wtxAyQ0agAFZ5mLRU6blNzhbKO-H-3Db80Ww==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 96ms
40ms Image
image/gif 2607:f8b0:4004:c1b::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102456694-1&cid=1916364193.1681528022&jid=1310666146&_u=IEBAAEAAAAAAACAAI~&z=1187440123

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 91ms
36ms Image
image/gif 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102456694-1&cid=1916364193.1681528022&jid=1310666146&_u=IEBAAEAAAAAAACAAI~&z=1187440123

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 1CB0 573 B
626 B 18ms
18ms Image
image/png 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/z7wmxKtIZsi.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/z7wmxKtIZsi.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: 4fFZinlHznBEST2yy6l1Ya5OGl021A9FEOPgyb493KIALIjz3NCr0sJWQAbqu+HwPYf9fjHEbD1S/jBAcYptHA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 13 Apr 2024 11:58:50 GMT

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame A7E8 108 B
496 B 18ms
18ms XHR
application/json 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 1a2dcbaa8da5e1459685453a48b20ad6d18fcc772cc45dffcc2c2c719fee8091

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 03:04:36 GMT
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Fri, 14 Apr 2023 19:15:04 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 146
etag: "6439a638-6c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
accept-ranges: bytes
content-length: 108
x-amz-cf-id: 8lytyh0VuYJeIhLICbik-LzG5FtwkgSPswqEv_zsXOv2vUyoMeibfg==
expires: Sat, 15 Apr 2023 06:04:36 GMT

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame A7E8 0
176 B 135ms
51ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=4935d5fa-c645-479c-882f-387f9641a374&u=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=a3d2337c-3ec6-47db-b0d2-f54b51cb7f08&w=300&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Sat, 15 Apr 2023 03:07:02 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame A7E8 0
176 B 901ms
264ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 15 Apr 2023 03:07:03 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame A7E8 0
216 B 77ms
26ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=67906941018

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 200 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame A7E8 2 KB
1 KB 650ms
218ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.019295486176687415
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-181.hinet-ip.hinet.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6b2e648e27c74470e73c88199b2d17ac6c6e9ed2a2cbd0d85e47299259d2f259

Request headers

Referer: https://img.scupio.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: private
access-control-allow-credentials: true
content-length: 1473

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame A7E8 0
218 B 1152ms
519ms XHR
text/html 18.179.127.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1681528022137&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.127.135 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-127-135.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 15 Apr 2023 03:07:03 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 BW7a5tS7MH9.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame 1CB0 10 KB
4 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/BW7a5tS7MH9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/PTAMAF8Hi8v.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4e8897f617acf8c561309a5d51674bc1cbef024b66acf21ceb35ddf76a0c16b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 35ezpiND1KsgnE8MWEcrlA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3500
x-fb-rlafr: 0
x-fb-debug: CQpQcmYmVUQAFpHq4T47xf7yFAuqIvZdnM3XpM1e+o9xoQLV/L6O6Bk3d6F0Ua9FhQoNlC2QYKTPyUZffkVLqg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 12 Apr 2024 02:03:04 GMT

GET
H2 200 Zj4GuFghQl4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 1CB0 12 KB
4 KB 22ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/Zj4GuFghQl4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/PTAMAF8Hi8v.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dBSAisRg2e2k/EbKxbTt7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3450
x-fb-rlafr: 0
x-fb-debug: 1p5v4MrRjD4tEoWmerFTXnt1tTkpU1EuyHpHR2wxuV/seu/yAfskaQ9er4EjOEnoKw3RNbCQYU6/dg+DUzpeJg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:17:46 GMT

GET
H2 200 wFDi4gNQG6i.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 1CB0 335 KB
73 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/wFDi4gNQG6i.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/PTAMAF8Hi8v.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1519f65f0646c7ec878163cb3a7034c6db155f9243ae1208e3b3ad3bbd5ad503

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +o34IKUMS7CgN5ozA9WUtw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74026
x-fb-rlafr: 0
x-fb-debug: XGnZXUzK7ITgDYHNarZPN5uRZXLSM8na4VW2fEey4QTjDK4JmE1BD6/NqwlD522qxjnt8pEh8Hnv/X9TeMW0Bg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 13 Apr 2024 18:49:33 GMT

GET
H2 200 BqEjD1dj1pL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 1CB0 840 B
548 B 21ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/PTAMAF8Hi8v.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uknKQ5sJ+8vBWLiIBWWBIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 356
x-fb-rlafr: 0
x-fb-debug: h2Kid0bUOD5uM898FpFWt/KRqWJ6ntQTXHoBa29Hu30R3x/XiP+K32o1galTXyO0m7AbDB/auAm43NRiJf3YUg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 31 Mar 2024 08:54:11 GMT

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 3175 108 B
495 B 18ms
18ms XHR
application/json 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 1a2dcbaa8da5e1459685453a48b20ad6d18fcc772cc45dffcc2c2c719fee8091

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 03:04:36 GMT
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Fri, 14 Apr 2023 19:15:04 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 146
etag: "6439a638-6c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
accept-ranges: bytes
content-length: 108
x-amz-cf-id: FAoiqyncWWHPAe3-YFU3UX_d6dzMg68BsMa-fahfs2hgwAWVAM6GfA==
expires: Sat, 15 Apr 2023 06:04:36 GMT

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 3175 0
176 B 105ms
55ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=4935d5fa-c645-479c-882f-387f9641a374&u=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=c453698e-0671-4f44-a15d-d548f68ea0bd&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Sat, 15 Apr 2023 03:07:02 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 3175 0
218 B 797ms
280ms XHR
text/html 18.179.127.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1681528022195&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.127.135 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-127-135.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 200 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 3175 2 KB
2 KB 776ms
462ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.43151001462347716
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-181.hinet-ip.hinet.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: de2189900c580d964bcb40a316b12021be3b8cad1ffca4a536c3c22205297998

Request headers

Referer: https://img.scupio.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: private
access-control-allow-credentials: true
content-length: 1529

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3175 0
215 B 29ms
29ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=64024611652

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 3175 0
177 B 778ms
263ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Sat, 15 Apr 2023 03:07:03 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame FB72 0
170 B 977ms
475ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 03:07:03 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame A8B3 0
170 B 976ms
474ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 03:07:03 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame A8B3 2 KB
2 KB 511ms
213ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.4986098906555705
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-181.hinet-ip.hinet.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bdd0f418e7490689676049a2309f560c5e0b345e6c64e3707dd7a12ee13628cc

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true
content-length: 1375

POST
H2 200 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame A8B3 2 KB
1 KB 515ms
217ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9764379437525827
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-181.hinet-ip.hinet.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 741e9864cc92729f93ac6f5ec564b2362816dd629517aa5761a5caf4d430514b

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true
content-length: 1460

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame A8B3
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=BxerxQkhC867ZIct1xQ6ZA

2 B
168 B

196ms
193ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=BxerxQkhC867ZIct1xQ6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:03 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 03:07:03 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=BxerxQkhC867ZIct1xQ6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame A8B3
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=SpYKSvzUCeGAgCdi1xQ6ZA

2 B
139 B

199ms
196ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=SpYKSvzUCeGAgCdi1xQ6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:03 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 03:07:03 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=SpYKSvzUCeGAgCdi1xQ6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame AF26
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=7JM6-600CMeZDrv51xQ6ZA

2 B
20 B

285ms
284ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=7JM6-600CMeZDrv51xQ6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:03 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 03:07:03 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=7JM6-600CMeZDrv51xQ6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 0B1D 0
170 B 763ms
265ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 03:07:03 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 0B1D 2 KB
1 KB 756ms
460ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.006519222008121606
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-181.hinet-ip.hinet.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bd4643650ef1fd81194c8ca24134b7abf5bdafa2ac5c4f24292afc26a71b0da4

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true
content-length: 1471

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 0B1D
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=SXbyoSEHDh691qja1xQ6ZA

2 B
139 B

197ms
195ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=SXbyoSEHDh691qja1xQ6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:03 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 03:07:03 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=SXbyoSEHDh691qja1xQ6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 0B1D
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=R3rJXEsBBQemhJ4T1xQ6ZA

2 B
20 B

214ms
214ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=R3rJXEsBBQemhJ4T1xQ6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:03 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 03:07:03 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=R3rJXEsBBQemhJ4T1xQ6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame FB72 5 KB
3 KB 203ms
203ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 03:17:02 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame A8B3 5 KB
3 KB 202ms
202ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 03:17:02 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame AF26 5 KB
3 KB 201ms
201ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 03:17:02 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 0B1D 5 KB
3 KB 202ms
202ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 03:17:02 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
402 B 205ms
203ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c52655c1e75a0878043d63b0dead220f6e0119b4648d8a4f1db5bf3674e0c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 8008 37 B
408 B 204ms
203ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

466a427994880eeb4f60a72e1ce472626ff6139258fcd724110f61d9fda983ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame A8B3 20 B
307 B 30ms
27ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=99516692428

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

1a99c7dc79dd2b64ac281c5c9f9e470aa37b28bbb958ef7bc8eff508cded8e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame A8B3 20 B
307 B 28ms
26ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=12696768046

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

1a99c7dc79dd2b64ac281c5c9f9e470aa37b28bbb958ef7bc8eff508cded8e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46

GET /
www.facebook.com/platform/plugin/tab/renderer/ Frame 1CB0 0
0

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 1CB0 907 B
565 B 52ms
51ms XHR
application/x-javascript 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yP/l/en_GB/Pv0iK0zPy4O.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b3ac7e567de8f507f3f13592e80bfe050a9972fb038699427f4ed13d85bac38b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: B9rtZ-jj7CqPaUFYPp9wBJ
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 198387
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 03:07:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: QTi8F93PqSqPNDoQlgy+8Nogkqn8MrSyQe/1GRmB+FDvl1oX/ZK0+2AHk5Y9rPYjbhdBIHAZD/IaOhuL2yz9GQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 1CB0 907 B
555 B 50ms
50ms XHR
application/x-javascript 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yP/l/en_GB/Pv0iK0zPy4O.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50928241be05b5a5c4932449c1bc580713bf68b2238db3d4d96648ce01631823

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: B9rtZ-jj7CqPaUFYPp9wBJ
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 198387
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 15 Apr 2023 03:07:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: IF1Z/HMKCEJ6TICI/Yy7nE5ASeUN7zMMD9OMgIsjqt3EY4XS6O4UryfTJCyIckJHIwWZkTeHDBqDvSrfm6C2sg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 1CB0 12 KB
12 KB 19ms
18ms Image
image/png 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
x-fb-rlafr: 0
x-fb-debug: 10xESNyuEQcmAvJypm5SYT51qtvBFkwpbioQ7EYESB57nmZLex3CGu8YnAl7EZCnLodIpNfMuwiNgVxD79LbnQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 04 Apr 2024 08:54:08 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 1CB0 1 KB
1 KB 21ms
20ms Image
image/png 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/z7wmxKtIZsi.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/z7wmxKtIZsi.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: qG9YLxoodl37unjpoR4Ivg2IK8HvGUUDXTZvzv5qlw8OnDfaSWm0ef3bvM1pnDlQcJPHffQB3HevkOpOzDXHuQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 31 Mar 2024 16:24:30 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 0B1D 20 B
307 B 28ms
26ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=80119582482

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

1a99c7dc79dd2b64ac281c5c9f9e470aa37b28bbb958ef7bc8eff508cded8e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46

POST
H2 204 events
bidder.criteo.com/csm/ Frame A8B3 0
209 B 26ms
25ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ Frame A8B3 0
209 B 25ms
25ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 03:07:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 1CB0 198 B
254 B 19ms
18ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/PTAMAF8Hi8v.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: EZFx3k4JFNTil7ECfEN4cMEzTIEcLoBeJK5t46GAdlfnJoZ9sOCFE1ndmLftPLo56WlVELbj7gVH3aX/MKWsxA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sun, 31 Mar 2024 12:13:07 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 0B1D 0
209 B 24ms
24ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET /
www.facebook.com/login/ Frame 1CB0 0
0

GET
H3 200 /
www.facebook.com/login/ Frame 1CB0 0
0 96ms
95ms Document
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/PTAMAF8Hi8v.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 15 Apr 2023 03:07:02 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: W9MI3nOvDhgZ3yZHLv26J5mOi5bjfM7Tl4FCWYUvW2OyTGKn/+PGEos8zDUI2jdGwImdzJGnrsRHj2aQYrj5QQ==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame FB72 37 B
402 B 204ms
204ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0c16cc91a6b87a91cf466974b74b7618ded03bc511a0c8c2c0da803a6524855b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame A8B3 37 B
402 B 207ms
207ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

f61cd997410f3ab38e9b388aa872853d030608cc9857d88fe3d122007646fd4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame AF26 37 B
402 B 207ms
207ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0aa50482e0443a679a0e25093a5ab55e39f55da632e3fc5a89103d89f2b48472

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 0B1D 37 B
401 B 206ms
205ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

65b5cbb5228409a318a772e1431591f48da58d13ee8aa9b9e20e22de9cb9fa19

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
271 B 206ms
206ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=b30ccdf5-4162-4ff2-883b-6d9683522afe

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:02 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

POST bz
www.facebook.com/ajax/ Frame 1CB0 0
0

GET
H2 200 cm Show response
t.ssp.hinet.net/ 0
187 B 219ms
218ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=b30ccdf5-4162-4ff2-883b-6d9683522afe

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:03 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
b30ccdf5-4162-4ff2-883b-6d9683522afe.t.ssp.hinet.net/ 0
79 B 1185ms
191ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b30ccdf5-4162-4ff2-883b-6d9683522afe.t.ssp.hinet.net/pixel?bd=b30ccdf5-4162-4ff2-883b-6d9683522afe&t=a546ca&referrer=%25%25%20referrer%20%25%25

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame AF26 0
187 B 215ms
215ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT&mp=b30ccdf5-4162-4ff2-883b-6d9683522afe

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:03 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
b30ccdf5-4162-4ff2-883b-6d9683522afe.t.ssp.hinet.net/ Frame AF26 0
79 B 967ms
192ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b30ccdf5-4162-4ff2-883b-6d9683522afe.t.ssp.hinet.net/pixel?bd=b30ccdf5-4162-4ff2-883b-6d9683522afe&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 pixel
b30ccdf5-4162-4ff2-883b-6d9683522afe.t.ssp.hinet.net/ Frame 0B1D 0
79 B 962ms
192ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b30ccdf5-4162-4ff2-883b-6d9683522afe.t.ssp.hinet.net/pixel?bd=b30ccdf5-4162-4ff2-883b-6d9683522afe&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 0B1D 0
187 B 210ms
209ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT&mp=b30ccdf5-4162-4ff2-883b-6d9683522afe

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:03 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame A8B3 10 KB
11 KB 20ms
20ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&n=676&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT&fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: LIZmdv2hFCXzLRIEC1sZeQc0mxpBBOFG
date: Sat, 15 Apr 2023 03:06:48 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:03 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 52
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: NkHCj5u7d49B9pTcI12YCsAyiztRizO53HFrxN-VgLOr-SLH2CQNGQ==

GET
H2

200

rec.js Show response
img.scupio.com/js/ Frame 4B61
Redirect Chain

https://rec.scupio.com/recweb/js/rec.js
https://img.scupio.com/js/rec.js

21 KB
8 KB

21ms
20ms

Script
application/javascript

52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/rec.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:04:20 GMT
content-encoding: gzip
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Tue, 27 Dec 2022 03:54:11 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 193
etag: W/"63aa6c63-54dc"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=10800
x-amz-cf-id: SUWBmx7TtQbs4z-RmrSRp7NnSfHcNqhT7uBThy3DbuBkwzMvlLxmQQ==
expires: Sat, 15 Apr 2023 06:03:51 GMT

Redirect headers

Location: https://img.scupio.com/js/rec.js
Date: Sat, 15 Apr 2023 03:07:03 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 155
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame 3175 3 KB
3 KB 1043ms
205ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.04448205234783287
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-180.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 858830a2570046f6876910c915a69c236f9f7cb8e586f772c3419af5f7f1d428

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 03:07:03 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: application/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1623

GET
DATA 200
OK truncated
/ Frame 3175 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 0B1D 10 KB
11 KB 20ms
19ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&n=928&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT&fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: LIZmdv2hFCXzLRIEC1sZeQc0mxpBBOFG
date: Sat, 15 Apr 2023 03:06:48 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:03 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 52
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: 18MPKoBuYrGR3rrQfVh_HdDTMugRQbUcNnFajM0wuEyMfexTLoKgmA==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame AF26 10 KB
11 KB 19ms
18ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&n=412&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT&fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: LIZmdv2hFCXzLRIEC1sZeQc0mxpBBOFG
date: Sat, 15 Apr 2023 03:06:48 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:03 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 52
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: VopneYQKl1zjK5Wj9CN3BSXiiIfkq64AmU7Qgi_s0bnKv1x90wjm-w==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame FB72 10 KB
11 KB 20ms
19ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&n=847&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT&fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: LIZmdv2hFCXzLRIEC1sZeQc0mxpBBOFG
date: Sat, 15 Apr 2023 03:06:48 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:03 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 52
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: 7FVcQSCc6X0jPkojRksfZcpGh-T43TNjcQQoEaljn34EGkySmHV-Ww==

GET
H2

200

rec.js Show response
img.scupio.com/js/ Frame 05B3
Redirect Chain

https://rec.scupio.com/recweb/js/rec.js
https://img.scupio.com/js/rec.js

21 KB
8 KB

24ms
20ms

Script
application/javascript

52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/rec.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: H2
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:04:20 GMT
content-encoding: gzip
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Tue, 27 Dec 2022 03:54:11 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 193
etag: W/"63aa6c63-54dc"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=10800
x-amz-cf-id: KNF_0NkAyrBp8k9EyW3s8TO7Ea-m_osl5e07dwXfczJIqt5T3_wYJg==
expires: Sat, 15 Apr 2023 06:03:51 GMT

Redirect headers

Location: https://img.scupio.com/js/rec.js
Date: Sat, 15 Apr 2023 03:07:03 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 155
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame A7E8 3 KB
3 KB 1004ms
205ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.43583571215314465
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-180.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c9988dc8b74734b23c6f8c9163b9fbd70c6fa1fde469b264de99fbf16500f928

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 03:07:03 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: application/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1626

GET
DATA 200
OK truncated
/ Frame A7E8 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1.js Show response
cdn.holmesmind.com/js/tmp2/ Frame 0B1D 17 KB
18 KB 31ms
30ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/tmp2/1.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16be4732369bed69d2ddb41d61adf1936cf47cd5f24b986b9769af99ad5bbe83

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: kkrecLjTCmtYk7MhHvrWisOHbcp7EGGA
date: Sat, 15 Apr 2023 03:07:03 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:04:00 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 4
x-amz-server-side-encryption: AES256
etag: "6a678a06d6d5e5cce801fa3da3d54280"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17516
x-amz-cf-id: oaiisX4Jk2ritzYwG3jDVraKlH8KlpDXV6WkJw8XxCFDiaJTEpIYYg==

GET
H2 200 cf.png
cdn.holmesmind.com/ Frame 0B1D 1 KB
2 KB 19ms
18ms Image
image/png 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/cf.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 812fee8364370eb24b5e585558d3b0df4785cd95a76105c9e0ab987ff8d5cd84

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 14 Apr 2023 07:05:18 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2016 08:32:53 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 72106
etag: "a77740eea95ba2ef6436403310c6f59a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1512
x-amz-cf-id: uyrvDt-kbRAbf_gTtDOkKtglGDffTVxsc0qCIix17BdU0yGM4WIUAQ==

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame 0B1D 2 KB
2 KB 45ms
23ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/tmp2/1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: OrL1Aq4xaUNXTNN8qYKdqkpVJ5QfOFVC
date: Sat, 15 Apr 2023 03:07:03 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:04:22 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 50
x-amz-server-side-encryption: AES256
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: RNttbi-lozyM6IWjVNnLUe-vZN36gQggWahgY0q3sMRrKsyE16le6Q==

GET
H2 200 013f78161139e3e2c56fccc1c73b3a29.jpeg
cdn.holmesmind.com/image/16076/ Frame 0B1D 78 KB
79 KB 37ms
15ms Image
image/jpeg 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/image/16076/013f78161139e3e2c56fccc1c73b3a29.jpeg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f65030722e49610453f4d7ab90d76b69f151001e1f1855443b7d8bea8daac94d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:33:59 GMT
x-amz-version-id: TL142wGOGTDgvPN3qP_L7qxNf6x_6xx.
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Fri, 10 Mar 2023 09:48:52 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 66785
etag: "011a89dafc0c960eecdc8197b1a57f51"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 80222
x-amz-cf-id: xQXgV9pU8H-pKKN-713enGaCEkv1UAP60lIKM-Tmh-eEU93VnyO-oA==

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame 0B1D 0
77 B 359ms
338ms Image
image/png 18.179.127.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1681528023&p=14210:71285:150193:ac356ce7912ddf756f3b52940f04f155:16076
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.127.135 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-127-135.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/png
date: Sat, 15 Apr 2023 03:07:03 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DEFD 77 KB
25 KB 207ms
81ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01ecf2059c1f90fe83dcf397cf242085b033983b34e788ebd2c99c037eec0f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25598
x-xss-protection: 0
server: cafe
etag: 379 / 19462 / 31073791 / config-hash: 11787412583201714567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 03:07:04 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1C9C 77 KB
26 KB 143ms
54ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f4201e80c122e9316411e7b8629f712eb58ca9a2dc638d4496af43b286226ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25616
x-xss-protection: 0
server: cafe
etag: 925 / 19462 / m202304110101 / config-hash: 11787412583201714567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 03:07:03 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 523B 17 KB
18 KB 51ms
18ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: DUhNY4EFxx.4ZxHOJWw5a1tFjsqena_.
date: Sat, 15 Apr 2023 03:06:20 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 50
x-amz-server-side-encryption: AES256
etag: "6c37b2eb5706a6225b62a75a80493f4a"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17750
x-amz-cf-id: MwlrrlMq443dIshwRfvOYF5prdDkRh6BuElA1G-gwp3vBxwSQzNxzw==

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame A7E8 87 KB
28 KB 57ms
30ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Apr 2023 03:07:03 GMT

GET
H2 200 create Show response
referer-log.holmesmind.com/api/v1/kinesis/ Frame 523B 51 B
260 B 295ms
274ms Fetch
application/json 52.69.218.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=13857&domain=reurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.69.218.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-69-218-118.ap-northeast-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

aee80027210ae75f2e8fb3327baa7cb67340c226af488b7aeba254096073e4e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame A352 7 KB
8 KB 27ms
18ms Document
text/html 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 9
content-length: 7381
content-type: text/html
date: Sat, 15 Apr 2023 03:07:01 GMT
etag: "7043648f76be8783efb738bc06c56fa0"
last-modified: Thu, 13 Apr 2023 07:03:38 GMT
server: AmazonS3
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
x-amz-cf-id: YEpY5zuJS705OJVKkd9gDEU-CagFsahyGXNMC9G4ies9LJeFpQP__A==
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: dx1zZGj7kM5P2QQxgaZZkMgXwhIKv6rf
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 523B 662 B
1 KB 33ms
19ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: NKk4DvuerUEJSZO2Q_zQvbJHzZhMaWpl
date: Sat, 15 Apr 2023 03:06:48 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:15 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 16
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: BkWmDaO2TUPO4Q-ipoRlpg-lcaGLGGt4cFlIbdBVCrwaKKTQBVqSpw==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 6D12 15 KB
16 KB 25ms
20ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: BDmwaD25zAZXCzgujfpq5axvW6cde0Fd
date: Sat, 15 Apr 2023 03:07:01 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 28
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: GzG4-iDiHrjYmdNA0EVGoc5VS28ZW5nfmr2bS4v2iKhPEfUSE_-HFg==

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 3175 87 KB
28 KB 29ms
29ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Apr 2023 03:07:03 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9E25 15 KB
6 KB 104ms
32ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 03:07:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 853017
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame A7E8 87 KB
28 KB 113ms
49ms XHR
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Apr 2023 03:07:04 GMT

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 5708 0
217 B 275ms
273ms Document
text/html 52.194.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 03:07:04 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 666D 95 B
332 B 48ms
42ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Sat, 15 Apr 2023 03:07:04 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame A352 5 KB
3 KB 229ms
228ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 03:17:04 GMT

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame A352 0
217 B 272ms
271ms Image
text/html 52.194.43.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.43.130 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-43-130.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H3 200 cm
c.holmesmind.com/ Frame A352 0
15 B 1111ms
1110ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame A352
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=922415-4x4kZzCwGyYZU82MyJz3EYJGdIAnJxAO&uu_m=undefined
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=922415-4x4kZzCwGyYZU82MyJz3EYJGdIAnJxAO&uu_m=undefined&google_tc=
https://m.holmesmind.com/ml/google?cf_uid=922415-4x4kZzCwGyYZU82MyJz3EYJGdIAnJxAO&uu_m=undefined&google_gid=CAESELFMNCyWefIVeIcCumZhyp0&google_cver=1

0
473 B

573ms
171ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=922415-4x4kZzCwGyYZU82MyJz3EYJGdIAnJxAO&uu_m=undefined&google_gid=CAESELFMNCyWefIVeIcCumZhyp0&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
x-guploader-uploadid: ADPycduI0b2713gfJ9xCzzG2x6UK-BoX3_oItsxrTi8h0Zos24W393-grKtzEnuH1g7FvUwYnfUJSLq0m4LY9UuuU7FboQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Sat, 15 Apr 2023 04:07:04 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=922415-4x4kZzCwGyYZU82MyJz3EYJGdIAnJxAO&uu_m=undefined&google_gid=CAESELFMNCyWefIVeIcCumZhyp0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 6D12 1 KB
742 B 21ms
20ms Script
text/html 2600:9000:2512:6000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:6000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:04:38 GMT
content-encoding: gzip
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: JFK50-P7
age: 146
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: ZRy7OExEGdWpUHRbXGquGohYQihOnNg37ae79v_qritefPD6pUBeUA==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BDBB 15 KB
6 KB 50ms
33ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 03:07:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 339864
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 3175 87 KB
28 KB 46ms
36ms XHR
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Apr 2023 03:07:04 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/ Frame 1C9C 400 KB
124 KB 30ms
26ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 03:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86248
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126862
x-xss-protection: 0
server: cafe
etag: 16869941564567738629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 13 Apr 2024 03:09:36 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 1C9C 530 B
290 B 100ms
43ms XHR
application/json 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c2bf10bca31e2a83cedd1d0b0766ced230ffa5f82bacc5338fe1c84efc4747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
expires: Sat, 15 Apr 2023 03:07:04 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/ Frame DEFD 398 KB
124 KB 65ms
64ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d3b45a4be3864673801baea2c3f066e1c7320bab56d3c7818d7484cf1811696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44921
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126408
x-xss-protection: 0
server: cafe
etag: 11042757488233447259
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 13 Apr 2024 14:38:23 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame DEFD 530 B
290 B 86ms
48ms XHR
application/json 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c2bf10bca31e2a83cedd1d0b0766ced230ffa5f82bacc5338fe1c84efc4747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
expires: Sat, 15 Apr 2023 03:07:04 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 6D12 2 KB
1 KB 362ms
360ms Script
text/html 18.179.127.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&n=765&o=1&fc=3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT&d=1&b=2&ts=1&ii=2&FPCK=3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT&fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.127.135 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-127-135.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c7424d2a06fdc0dc2bbaa0fec9802f2ca34aed324f7d8960bb68748336d69d0d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 6D12 3 KB
3 KB 23ms
20ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: DlDm2.RaHqnwd1PNmY0dNCVp5YdFVv6_
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:39 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 14
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: WiwedGao1GVO9Iuf0Z4M1FcMwakVOpKteWxOuY-TTggsUegk5fVveg==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 6D12 121 KB
40 KB 34ms
29ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-1e357"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Apr 2023 03:07:04 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 6D12 2 KB
3 KB 24ms
21ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: PY2bcG6xDpnYGIi3HqgNZW1F0xtNtFx9
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:02:56 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 14
x-amz-server-side-encryption: AES256
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: UX6xmE-4ldlTodW8MZXPFoOE1bsogVXHCVYFJF4plV5I1W4VGBL4Yg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 6D12 4 KB
5 KB 25ms
23ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: boIKRsKmKdtT.J77QHrBLe19jkz7V0u.
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:35 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 6
x-amz-server-side-encryption: AES256
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: srCqT122_hUnR20AIWxkB1McSxopPIgZnNX9X7PPgsACvuapsGmkNw==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 6D12 3 KB
3 KB 25ms
23ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: bBaDhinVDm2bQtBAHs6w8Ot0TdmtaBTy
date: Sat, 15 Apr 2023 03:06:32 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:32 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 34
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: I-H6e2A61yHesFrMGApXdsekn-oKV1JVfZD4h7DGHF-UNekY2sNHSQ==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 6D12 6 KB
7 KB 26ms
24ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: lsUCSJJiHzZ.l3kqzr7xEkgy8qV8KR3d
date: Sat, 15 Apr 2023 03:07:02 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 28
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: CeIPt3jt9jVKvNeUXYSlXuyIHny8NIWzk69s8r7_rNNckFPNQ2DrOQ==

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9E25
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=zi47xXwyeWQzZW1ISTFhMTA2YkpYZ2dxY0VmTzFVc3N5S0RJTEpWenpUOUpVbCtxTGVMeEo5QTluUmt3UERTeHBTRFR6L2d0UG12Tnh4L21IRURZcXA1RHpmU3IxMmM5UjErUFRpeUVlM1JnajB1VFJWL2RzZnNwSDhHOD...

449 B
661 B

524ms
27ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zi47xXwyeWQzZW1ISTFhMTA2YkpYZ2dxY0VmTzFVc3N5S0RJTEpWenpUOUpVbCtxTGVMeEo5QTluUmt3UERTeHBTRFR6L2d0UG12Tnh4L21IRURZcXA1RHpmU3IxMmM5UjErUFRpeUVlM1JnajB1VFJWL2RzZnNwSDhHODByQWJ0cmVJUHdLT3JhZHQ2MVRlaCs2NnY3VDg3eFRCcFpwdkZWWmRBVkJwR3lUV0NoWlFaaCsvQ0ZxMndaOExPNWlaYXVsOTM0aThYZDBpdEhiNGFTbFBDZTRVdHJaL3MyNk51QjBEcFljVzdNUGp4cno5dnprVkY2RStjK2VpQU9WRzl4T3Q1WExRS3Rlbmp3VlZSS2lYalRJaWdYUT09fA&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f71e473c0e38d24fde08a924c53c4c642dcd2341e1057ed0bf970ec3aab30ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2733012
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=zi47xXwyeWQzZW1ISTFhMTA2YkpYZ2dxY0VmTzFVc3N5S0RJTEpWenpUOUpVbCtxTGVMeEo5QTluUmt3UERTeHBTRFR6L2d0UG12Tnh4L21IRURZcXA1RHpmU3IxMmM5UjErUFRpeUVlM1JnajB1VFJWL2RzZnNwSDhHODByQWJ0cmVJUHdLT3JhZHQ2MVRlaCs2NnY3VDg3eFRCcFpwdkZWWmRBVkJwR3lUV0NoWlFaaCsvQ0ZxMndaOExPNWlaYXVsOTM0aThYZDBpdEhiNGFTbFBDZTRVdHJaL3MyNk51QjBEcFljVzdNUGp4cno5dnprVkY2RStjK2VpQU9WRzl4T3Q1WExRS3Rlbmp3VlZSS2lYalRJaWdYUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 527989
content-length: 0
expires: 0

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame CA5E 1 KB
1 KB 44ms
36ms Document
text/html 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2064
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 02:32:51 GMT
etag: W/"583295c9-4dc"
expires: Sat, 22 Apr 2023 02:32:40 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
x-amz-cf-id: XbMVrpBtdLT0BYGmE84oBcs5ygIsmQnvN3JXuz1g1_W5dQmD_kestg==
x-amz-cf-pop: EWR53-P1
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame 601A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0xBMjAyMzA0MTUxMTA3MDQ5MzM2MzA%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGXzENqIZ3eL__K73jwrjfk&google_cver=1&google_ula=3918219,0

0
551 B

223ms
222ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGXzENqIZ3eL__K73jwrjfk&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Server: 210.59.219.175 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-175.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 03:07:03 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGXzENqIZ3eL__K73jwrjfk&google_cver=1&google_ula=3918219,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame CF5D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

100ms
20ms

Document
text/html

23.3.115.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-115-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 15 Apr 2023 03:07:04 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 15 Apr 2023 03:07:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H3 200 /
www.facebook.com/tr/ Frame 601A 0
15 B 55ms
54ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=588795092476391&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&if=true&ts=1681528024267&cd[SBST]=17&cd[PuID]=reurl&cd[labelsource]=sp&ud[external_id]=e1dae87ae11915cc5d6e9d6a51dd3540b7ee077a3fef5fb4af5f72de948a6a83

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 15 Apr 2023 03:07:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1

200
OK

uxid.aspx
rec.scupio.com/recweb/ Frame 601A
Redirect Chain

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CLA20230415110704933630
https://rec.scupio.com/recweb/uxid.aspx?id=6f82f59e-3967-3413-ab12-4f4e29fed802

35 B
581 B

222ms
220ms

Image
image/gif

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rec.scupio.com/recweb/uxid.aspx?id=6f82f59e-3967-3413-ab12-4f4e29fed802
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Server: 210.59.219.175 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-175.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 03:07:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Length: 35

Redirect headers

Location: https://rec.scupio.com/recweb/uxid.aspx?id=6f82f59e-3967-3413-ab12-4f4e29fed802
Date: Sat, 15 Apr 2023 03:07:04 GMT
Connection: close
Content-Length: 101
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H2

200

sid Show response
mug.criteo.com/ Frame BDBB
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=x7e7enxoNldnWW0wV1FOcnBGSWZzT05ZSUxSNU1weXlqazZiUHpoblI1bjBFUm1SRkF3akt3ZUpkam55Z2NUVDU1YkxUTmdHSTlJSExIbFF1eHhxT3NyT0FsakI0cVl1TEV4WXIrdlo2SWN6Qkl6enJMZCsycExmbGRyak...

438 B
660 B

420ms
26ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=x7e7enxoNldnWW0wV1FOcnBGSWZzT05ZSUxSNU1weXlqazZiUHpoblI1bjBFUm1SRkF3akt3ZUpkam55Z2NUVDU1YkxUTmdHSTlJSExIbFF1eHhxT3NyT0FsakI0cVl1TEV4WXIrdlo2SWN6Qkl6enJMZCsycExmbGRyakliNjNvbGVrWTZuUkxteUpjY2J6OWlTQWJqTTB0dWFZUjQ4WUJwZmxsbEtsTURZWEprVVNlOVFWWklEekoyZUJXUWsyTEFSVXNzWGgvemhWajVUT1EwZUxVOXBRcWhoZjFwU29UWXNMNkxZR3FHVkF4cHZtN2w0eTE4cSswc2U1U1M3b3pqbnpQWFBVZ1dDTkcxN2wvUkgxcWJ4Zy9kWUNVZjhxWDFIS3g0cGt1aDhBalc1dz18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

7730b08f6c5794f9ee9395e4e0c816f885bdac041d4dc892d8b3bfa8b32f83b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2446864
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=x7e7enxoNldnWW0wV1FOcnBGSWZzT05ZSUxSNU1weXlqazZiUHpoblI1bjBFUm1SRkF3akt3ZUpkam55Z2NUVDU1YkxUTmdHSTlJSExIbFF1eHhxT3NyT0FsakI0cVl1TEV4WXIrdlo2SWN6Qkl6enJMZCsycExmbGRyakliNjNvbGVrWTZuUkxteUpjY2J6OWlTQWJqTTB0dWFZUjQ4WUJwZmxsbEtsTURZWEprVVNlOVFWWklEekoyZUJXUWsyTEFSVXNzWGgvemhWajVUT1EwZUxVOXBRcWhoZjFwU29UWXNMNkxZR3FHVkF4cHZtN2w0eTE4cSswc2U1U1M3b3pqbnpQWFBVZ1dDTkcxN2wvUkgxcWJ4Zy9kWUNVZjhxWDFIS3g0cGt1aDhBalc1dz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 600837
content-length: 0
expires: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 6D12 0
170 B 253ms
247ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 15 Apr 2023 03:07:04 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 6D12 2 KB
2 KB 231ms
223ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.24135488993106047
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-181.hinet-ip.hinet.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 247660d21012b7eed855272f346d4f88a4075e347a51fac3aabcbeee922ec599

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true
content-length: 1474

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 6D12
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=R3rJXEsBBQemhJ4T1xQ6ZA

2 B
20 B

193ms
193ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=R3rJXEsBBQemhJ4T1xQ6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 03:07:04 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=R3rJXEsBBQemhJ4T1xQ6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 6D12
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=R3rJXEsBBQemhJ4T1xQ6ZA

2 B
20 B

196ms
195ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=R3rJXEsBBQemhJ4T1xQ6ZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 15 Apr 2023 03:07:04 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=R3rJXEsBBQemhJ4T1xQ6ZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ Frame 1C9C 107 B
531 B 482ms
46ms Script
application/javascript 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1C9C 107 B
456 B 469ms
34ms Script
application/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1C9C 57 KB
13 KB 407ms
407ms XHR
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2488601604662369&correlator=1873476434672691&eid=31073825%2C31073834%2C31073559%2C31070232&output=ldjh&gdfp_req=1&vrg=202304110101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14209&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x100%7C320x100%7C320x50&ifi=1&adks=2995874615&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1681528024368&lmt=1681528024&dlt=1681528023864&idt=456&adxs=640&adys=364&biw=1600&bih=1200&isw=320&ish=100&scr_x=0&scr_y=0&btvi=0&ucis=c26pou1y0p0s&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&ref=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&top=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&frm=23&vis=1&psz=320x100&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=1916364193.1681528022&ga_sid=1681528024&ga_hid=310531577&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e461a5448b3c86bc890703e35662fd164dc6e071423b8c435728d5c36938beb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13266
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1C9C 15 KB
11 KB 460ms
46ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c7f27d9302d40b6ff1364536088d17c0d862580710f07e5344d469e0fe82781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11260
x-xss-protection: 0

GET container.html
d26c72bf54bc1e5091b530d89cca601b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F8D3 0
0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 6D12 20 B
307 B 54ms
53ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=12328988666

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

1a99c7dc79dd2b64ac281c5c9f9e470aa37b28bbb958ef7bc8eff508cded8e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 15 Apr 2023 03:07:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 6D12 5 KB
3 KB 202ms
201ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 15 Apr 2023 03:17:04 GMT

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ Frame DEFD 107 B
165 B 76ms
57ms Script
application/javascript 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame DEFD 107 B
165 B 62ms
44ms Script
application/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DEFD 45 KB
11 KB 802ms
802ms XHR
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4160504276391415&correlator=3127865120936408&eid=31071991%2C31073678%2C31073791%2C31073829%2C31073837%2C31070232&output=ldjh&gdfp_req=1&vrg=202304100101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=1&adks=129673690&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1681528024799&lmt=1681528024&dlt=1681528023822&idt=598&adxs=315&adys=567&biw=1600&bih=1200&isw=970&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=qumva2tty3eq&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&ref=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&top=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&frm=23&vis=1&psz=970x90&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=1916364193.1681528022&ga_sid=1681528025&ga_hid=936337608&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03b64bb0d20922746a87312330694e2031794c6816de8231a3d3f9fc10e39667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11096
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DEFD 15 KB
11 KB 44ms
44ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304100101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acab16b9e28b18573f526a1358b8e77e2b30505ef69639f3c3f57eac2a050e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11326
x-xss-protection: 0

GET
H2 200 container.html Show response
df2b8e11e7e94d8394ed0fa861efdd71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6E84 6 KB
3 KB 118ms
41ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://df2b8e11e7e94d8394ed0fa861efdd71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 03:07:04 GMT
expires: Sun, 14 Apr 2024 03:07:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame A352 36 B
408 B 211ms
204ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1757f85274e5852abf3473d640efe7c17691f915849fcd8808afdde646069659

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame CECD 1 KB
1 KB 27ms
18ms Document
text/html 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 2064
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 02:32:51 GMT
etag: W/"583295c9-4dc"
expires: Sat, 22 Apr 2023 02:32:40 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
x-amz-cf-id: edjgJLkLDu_BYGCFqhzxNzMNjG5aiOaCO5GbWu6mpnfcX-aLTvFfUw==
x-amz-cf-pop: EWR53-P1
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame 09A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0xBMjAyMzA0MTUxMTA3MDQ3MTk2NTg%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGXzENqIZ3eL__K73jwrjfk&google_cver=1&google_ula=3918219,0

0
551 B

210ms
209ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGXzENqIZ3eL__K73jwrjfk&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Server: 210.59.219.175 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-175.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 03:07:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEGXzENqIZ3eL__K73jwrjfk&google_cver=1&google_ula=3918219,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 991E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

59ms
24ms

Document
text/html

23.3.115.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-115-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 15 Apr 2023 03:07:05 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 15 Apr 2023 03:07:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H3 200 /
www.facebook.com/tr/ Frame 09A0 0
15 B 23ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=588795092476391&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&if=true&ts=1681528024839&cd[SBST]=17&cd[PuID]=reurl&cd[labelsource]=sp&ud[external_id]=e4b01995fc28222eb5847962a3935ef1624483befdd7bbee55abbe1e06598143

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 15 Apr 2023 03:07:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1

200
OK

uxid.aspx
rec.scupio.com/recweb/ Frame 09A0
Redirect Chain

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CLA20230415110704719658
https://rec.scupio.com/recweb/uxid.aspx?id=6f82f59e-3967-3413-ab12-4f4e29fed802

35 B
581 B

419ms
210ms

Image
image/gif

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rec.scupio.com/recweb/uxid.aspx?id=6f82f59e-3967-3413-ab12-4f4e29fed802
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Server: 210.59.219.175 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-175.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 03:07:04 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Length: 35

Redirect headers

Location: https://rec.scupio.com/recweb/uxid.aspx?id=6f82f59e-3967-3413-ab12-4f4e29fed802
Date: Sat, 15 Apr 2023 03:07:04 GMT
Connection: close
Content-Length: 101
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame 0B1D 0
152 B 270ms
267ms Script
text/html 18.179.127.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=14210:71285:150193:ac356ce7912ddf756f3b52940f04f155:16076&type=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.127.135 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-127-135.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 204 events
bidder.criteo.com/csm/ Frame 6D12 0
209 B 47ms
45ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ Frame 4B61 93 KB
33 KB 46ms
41ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 01:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Apr 2024 01:13:24 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 6D12 10 KB
11 KB 43ms
39ms Script
application/javascript 2600:9000:24f0:3800:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&n=765&o=1&fc=3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT&d=1&b=2&ts=1&ii=2&FPCK=3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT&fp_uuid=3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:3800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: LIZmdv2hFCXzLRIEC1sZeQc0mxpBBOFG
date: Sat, 15 Apr 2023 03:06:48 GMT
via: 1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
last-modified: Thu, 13 Apr 2023 07:03:03 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 53
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: dfqDJeheouvzfcivi3Mh0sYnSsOKnbXMUr-8-MoyAr35o9iy970s0A==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304040531000/ Frame E98B 222 KB
60 KB 97ms
23ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61837
x-xss-protection: 0
server: sffe
etag: "4c71ce2fa24fb84d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame E98B 15 KB
6 KB 93ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5234
x-xss-protection: 0
server: sffe
etag: "5c3964a98ed5c9e1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame E98B 94 KB
28 KB 138ms
66ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28939
x-xss-protection: 0
server: sffe
etag: "55c7a8d78e6c0bd3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame E98B 5 KB
2 KB 94ms
22ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "d57b42639333a446"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame E98B 40 KB
13 KB 132ms
60ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12940
x-xss-protection: 0
server: sffe
etag: "aa817619b4e21783"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E98B 8 KB
1 KB 107ms
35ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 15 Apr 2023 02:16:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Apr 2023 03:07:04 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E98B 3 KB
3 KB 39ms
35ms Image
image/png 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 12:01:25 GMT
x-content-type-options: nosniff
server: cafe
age: 54339
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 15 Apr 2023 12:01:25 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E98B 344 B
570 B 38ms
34ms Image
image/png 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 17:23:59 GMT
x-content-type-options: nosniff
server: cafe
age: 34985
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 15 Apr 2023 17:23:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E98B 0
0 53ms
49ms Image
text/html 2607:f8b0:4004:c1b::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRofnxbJYw1da1l5wt2cP6mNxxqOZOeagcf6lqX7cb5bk-HSbQxZZ_Ye0dbi2JOakbWj10Ggpdw_jh1QUZOiocxpqMv0g
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E98B 0
0 63ms
61ms Image
text/html 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8qbx2BQ6ZL2cGtmYoPwPnNK74Azd4u-BcPfvse3uEbf88_0IEAEg0syBGmD96KKB8AOgAe264oQDyAEBqQKaHreQCnGyPuACAKgDAcgDCqoE7QFP0PrKeZM-UnCiVQ4t42RuKsROpIq5C1No7A-g9hrBxDuMfKHow4InEjyH3b9ZevflY2-_R857plSJW71AKuSQ9J3GMMaCNUYEPE9DhNIpC-Qx3bj9wlNco3sNkxu4gyFR3indkPf5zHgvGH7pYqioCC5qr2o6qk2O2ip0OwYFDvH1W6UhR3QdcxtMYKpGoZRjNZGSIrTAde1A6OcMPJTnTey3q9Zh7XqynYLTgZe1ZWksVaPniFR-V8LQnRRqfu55YuyUd2tFNrTVuPoTQtUahJJ_DCaWMwsdOZDBdG4b8eabFmhXoH5yM09OPc7ABJbdn7aiBOAEAZIFBAgEGAGSBQQIBRgEgAf7xJ17qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-coL0ggPCIBhEAEYHTICigI6AoBAgAoDyAsB2BMK0BUBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=C82N8QvBvUk&uach_m=[UACH]&cid=CAQSPABygQiD6N-aBzfhlz6lK7wpACg2QnGls1qgR7WXygwy8hrh_Hh2ng7HQth22g2FQtguQvFyYNoeWeCiVRgB
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1C9C 17 KB
7 KB 42ms
41ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 03:07:04 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DEFD 17 KB
6 KB 46ms
36ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 03:07:04 GMT

GET
DATA 200
OK truncated
/ Frame E98B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05e281469e11497e91db76b031ea480c6bca6ee601ec9b714115fc278c98c30b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 6D12 36 B
401 B 204ms
204ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1757f85274e5852abf3473d640efe7c17691f915849fcd8808afdde646069659

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ Frame 05B3 93 KB
33 KB 27ms
26ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 01:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Apr 2024 01:13:24 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A6DA 13 KB
5 KB 35ms
31ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 292972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 17:44:13 GMT
expires: Wed, 10 Apr 2024 17:44:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 242C 783 B
535 B 49ms
48ms Document
text/html 2607:f8b0:4004:c1b::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8bb12b252c7ba1b0862a3d288e9a22f635400ef16c87fdb62d1b3805f6ce60a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DjSW0HuXsZw1ZZktaCJKUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-DjSW0HuXsZw1ZZktaCJKUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 03:07:05 GMT
expires: Sat, 15 Apr 2023 03:07:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 8D71 1 KB
1 KB 25ms
21ms Document
text/html 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html?mid=52
Requested by: Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 169
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 03:04:38 GMT
etag: W/"583295c9-4dc"
expires: Sat, 22 Apr 2023 03:04:16 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
x-amz-cf-id: 64oa9FJ6ez2osfN5WuUlmS7dXJ486pj4xakca3CjTI9uvcEIPBWGrg==
x-amz-cf-pop: EWR53-P1
x-cache: Hit from cloudfront

POST
H/1.1 200
OK rec.aspx Show response
rec.scupio.com/recweb/ Frame 4B61 3 KB
2 KB 265ms
221ms XHR
text/javascript 210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/rec.aspx?cb=0.609780122567728
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-175.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b53431caf6daca77bf5a250d12106c4138d3cb9e792708b1e5430199e8c9b644

Request headers

Accept: */*
Referer: https://img.scupio.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 03:07:04 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: text/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 2045

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CF5D 34 KB
10 KB 22ms
19ms Script
text/html 23.3.115.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-115-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5d357e59e464329ea174ee6add3631078f821d8190ff89db5546999578310d88

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 03:07:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Apr 2023 19:05:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=57493
Connection: keep-alive
Content-Length: 10019
Expires: Sat, 15 Apr 2023 19:05:18 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame E98B 29 KB
30 KB 114ms
20ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://reurl.cc
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 00:26:26 GMT
x-content-type-options: nosniff
age: 268839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Apr 2024 00:26:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D6C9 13 KB
5 KB 27ms
26ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 292972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 17:44:13 GMT
expires: Wed, 10 Apr 2024 17:44:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7E9A 783 B
536 B 48ms
42ms Document
text/html 2607:f8b0:4004:c1b::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22c18b5b72825a3d32935b8e5b3ba142a414e7f746e5c8699a539205e7186040

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Lmo0MBT3m54pUMRVjMRxmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Lmo0MBT3m54pUMRVjMRxmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 03:07:05 GMT
expires: Sat, 15 Apr 2023 03:07:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 991E 34 KB
10 KB 74ms
73ms Script
text/html 23.3.115.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-115-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5d357e59e464329ea174ee6add3631078f821d8190ff89db5546999578310d88

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 03:07:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Apr 2023 19:05:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=57493
Connection: keep-alive
Content-Length: 10019
Expires: Sat, 15 Apr 2023 19:05:18 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame CF5D 284 B
921 B 184ms
25ms Image
image/jpg 69.173.151.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 314e432eb2d967cf733b82bdbbe35231
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 jquery.min.js Show response
img.scupio.com/js/ Frame 05B3 93 KB
37 KB 21ms
19ms Script
application/javascript 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/jquery.min.js
Requested by: Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:05:28 GMT
content-encoding: gzip
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Wed, 08 Jun 2016 02:46:48 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 102
etag: W/"57578718-17277"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-id: nNemuemJQO2bExXQCTxAd-r62Z-Le_jqI3-noZuD-W3MhUcdAHUMFA==
expires: Sun, 14 Apr 2024 03:05:23 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E98B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

80ms
33ms

Image
text/html

2607:f8b0:4006:81f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Server: 2607:f8b0:4006:81f::2002 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Redirect headers

date: Sat, 15 Apr 2023 03:07:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 0132 1 KB
1 KB 22ms
22ms Document
text/html 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html?mid=52
Requested by: Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 169
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 03:04:38 GMT
etag: W/"583295c9-4dc"
expires: Sat, 22 Apr 2023 03:04:16 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
x-amz-cf-id: ciKFvPCM2QJaa_aSdEjlViH9_ea8U1K6Tarzp-YG-TlxA7EB-ugxog==
x-amz-cf-pop: EWR53-P1
x-cache: Hit from cloudfront

POST
H/1.1 200
OK rec.aspx Show response
rec.scupio.com/recweb/ Frame 05B3 3 KB
2 KB 224ms
221ms XHR
text/javascript 210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/rec.aspx?cb=0.5352762355828822
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-175.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e7103ba18461b18abe7bf4f8e973116e62119e9c952dfe67dd6fab2e8e9f556d

Request headers

Accept: */*
Referer: https://img.scupio.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 15 Apr 2023 03:07:04 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: text/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1777

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 991E 284 B
934 B 104ms
25ms Image
image/jpg 69.173.151.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: af308bb17a856a105b8c87aaae7d7f8c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 adimg.js Show response
img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/ Frame 4B61 4 KB
2 KB 19ms
18ms XHR
application/javascript 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/adimg.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 96ab2c962212f8af22ffc89817fe5094db6a0d27b8cbaacd34323aa9007ca7fa

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 23:07:53 GMT
content-encoding: gzip
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2023 09:05:32 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 619152
etag: W/"6423ff5c-1128"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: AXCNprKmi5QPXZh9NEhZCOGtXy-Z4ou6mNWryqUpauySbEdbbwVXZw==
expires: Sat, 06 Apr 2024 23:07:53 GMT

GET
H2 200 CoverImage.js Show response
img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/ Frame 4B61 1 KB
1 KB 20ms
19ms XHR
application/javascript 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/CoverImage.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 05:14:00 GMT
content-encoding: gzip
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2023 09:05:32 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 942785
etag: W/"6423ff5c-54d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 0TFxEo4_G9a_O6zWpL2uqgEiKe3AZmJ-ztcaMWLM6pD9MAoN-2Z5zg==
expires: Wed, 03 Apr 2024 05:14:00 GMT

GET
H2

200

B29461065.360610284;dc_pre=CNqXioX0qv4CFUW2swod7cMBlQ;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681528025093348;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_c... Show response
ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/ Frame 4B61
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681528025093348;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_pre=CNqXioX0qv4CFUW2swod7cMBlQ;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681528025093348;dc_lat=;dc_rd...

19 KB
13 KB

67ms
65ms

Script
text/javascript

142.251.167.149

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_pre=CNqXioX0qv4CFUW2swod7cMBlQ;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681528025093348;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Server

142.251.167.149 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

8edea5a8a7606d1d58b0b448d8ce414a4c4a8da6f87e9fdaa81484f7c12ddf85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13072
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_pre=CNqXioX0qv4CFUW2swod7cMBlQ;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681528025093348;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 242C 0
0 82ms
40ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304110101&jk=2488601604662369&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame A352 0
194 B 207ms
206ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=922415-4x4kZzCwGyYZU82MyJz3EYJGdIAnJxAO&mp=9ab262ee-4ce5-4a79-b8de-e72fefcf7d96

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
9ab262ee-4ce5-4a79-b8de-e72fefcf7d96.t.ssp.hinet.net/ Frame A352 0
79 B 705ms
205ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9ab262ee-4ce5-4a79-b8de-e72fefcf7d96.t.ssp.hinet.net/pixel?bd=9ab262ee-4ce5-4a79-b8de-e72fefcf7d96&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7E9A 0
0 49ms
40ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304100101&jk=4160504276391415&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A6DA 36 KB
14 KB 23ms
20ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 19:31:32 GMT

GET
H2 200 970x250_150k.html Show response
img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/ Frame 03FC 3 KB
2 KB 29ms
28ms Document
text/html 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 80860039f446459e6f34654d02cbf2e08a038f5ebea6ee6bda37a2730ea2c415

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1316
cache-control: max-age=1500
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Apr 2023 02:45:09 GMT
etag: W/"63f62852-d29"
expires: Sat, 15 Apr 2023 03:10:09 GMT
last-modified: Wed, 22 Feb 2023 14:36:02 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
x-amz-cf-id: IWNyDBDGJ2PUHQRuQxVmcr4563xtNHqeWkjifI3tC3-KftPKENv0eg==
x-amz-cf-pop: EWR53-P1
x-cache: Hit from cloudfront

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame D6C9 36 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 19:31:32 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 03FC 236 KB
63 KB 103ms
33ms Script
text/javascript 2607:f8b0:4004:c06::95

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::95 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 03:07:05 GMT

GET
H2 200 970x250_150k.js Show response
img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/ Frame 03FC 94 KB
30 KB 49ms
48ms Script
application/javascript 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 3cf0a027279a8c477ae06724a704afdae7bf0c3ea4ecca10bee308be1b149789

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
content-encoding: gzip
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 14:33:04 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 1316
etag: W/"63f627a0-178f2"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=1500
x-amz-cf-id: NTdy8sdyOgjNdndlAemddR9bDLXQCeGwX7CzaHfmfwEMntTjRJgPoA==
expires: Sat, 15 Apr 2023 03:10:09 GMT

GET
H/1.1

200
OK

rubiconid.aspx
bw.scupio.com/adpinline/ Frame CF5D
Redirect Chain

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=LGHEDC9E-1I-IUGE
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=LGHEDC9E-1I-IUGE

0
621 B

203ms
202ms

Image
application/javascript

210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bw.scupio.com/adpinline/rubiconid.aspx?uid=LGHEDC9E-1I-IUGE
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Server: 210.59.219.180 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-180.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sat, 15 Apr 2023 03:07:06 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/javascript
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://bw.scupio.com/adpinline/rubiconid.aspx?uid=LGHEDC9E-1I-IUGE
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
Expires: 0

GET
H2 200 adimg.js Show response
img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/ Frame 05B3 4 KB
2 KB 21ms
19ms XHR
application/javascript 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/adimg.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 96ab2c962212f8af22ffc89817fe5094db6a0d27b8cbaacd34323aa9007ca7fa

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 23:07:53 GMT
content-encoding: gzip
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2023 09:05:32 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 619152
etag: W/"6423ff5c-1128"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: A8IjkgzuelO5x5NuV0z69radSNnrb--SVUZYkh5MPdJGIpbBoamqag==
expires: Sat, 06 Apr 2024 23:07:53 GMT

GET
H2 200 CoverImage.js Show response
img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/ Frame 05B3 1 KB
1 KB 21ms
20ms XHR
application/javascript 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/staticfiles/285f65df57e3167b1a38a0ee73a200fd93898a09/scripts/adbanner/build/CoverImage.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 05:14:00 GMT
content-encoding: gzip
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2023 09:05:32 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 942785
etag: W/"6423ff5c-54d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: -Q2DukWBMt7c4LTcKduNuuzeUanMVPGUXqN6ptqpow3EUQN9x-yYKg==
expires: Wed, 03 Apr 2024 05:14:00 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/chaseapacdcmdisplay693238567679/ Frame 4B61 0
283 B 298ms
62ms Script
application/x-javascript 23.193.121.161

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/chaseapacdcmdisplay693238567679/moatad.js
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681528025093348;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.193.121.161 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
last-modified: Fri, 03 Mar 2023 12:49:47 GMT
server: AmazonS3
x-amz-request-id: 2XHKSX6FB8T6NK8A
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
content-type: application/x-javascript
cache-control: max-age=18644
accept-ranges: bytes
content-length: 0
x-amz-id-2: tGK+hTY30ZPfeq4OqKJl8bbHSBZwuT+JkgKXtpD9nJL5DzGW9cc8fqjta/5yUpv3pL979uu8sWI=

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4B61 41 KB
15 KB 45ms
33ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N1579222.3596942BRIDEWELL/B29461065.360610284;dc_trk_aid=551410387;dc_trk_cid=187636275;ord=1681528025093348;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 17:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 17:27:42 GMT

GET
H2 200 ff26f32d-3e4e-464f-8bfc-f5f2adbff0a2.jpg
img.scupio.com/dsp/ad-image/798/f/ Frame 05B3 85 KB
85 KB 34ms
30ms Image
image/jpeg 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/dsp/ad-image/798/f/ff26f32d-3e4e-464f-8bfc-f5f2adbff0a2.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: df9ccf06ec3dca085e5d3a6661a0cf8cb4ccf2cc886f2415ef4ebf60be9a628d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Wed, 12 Apr 2023 01:51:07 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 111
etag: "64360e8b-15329"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=21600
accept-ranges: bytes
content-length: 86825
x-amz-cf-id: fkWGhUuy6k-p1cLyEqKdtyQe95zCjGYWOQhAVPn21sWZvzJu4ham3g==
expires: Sat, 15 Apr 2023 09:05:14 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B3CC 77 KB
25 KB 43ms
42ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

024e15d4b3131aaad2b4af84cd29aff20b9f53a931e76f5cfb3d8152e386845a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25617
x-xss-protection: 0
server: cafe
etag: 792 / 19462 / m202304110101 / config-hash: 11787412583201714567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 03:07:05 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame CF5D
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/JmmsEilDN4Cxj2lgzLYuPMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-V6sN2dtE2oJcZ4BJUWLpzP_l29ftp7GZUU8M_A--~A

42 B
691 B

51ms
25ms

Image
image/gif

69.173.151.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-V6sN2dtE2oJcZ4BJUWLpzP_l29ftp7GZUU8M_A--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Server: 69.173.151.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 314e432eb2d967cf733b82bdbbe35231
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 15 Apr 2023 03:07:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-V6sN2dtE2oJcZ4BJUWLpzP_l29ftp7GZUU8M_A--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CF5D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SgNG4d4eQ9i-MhTel20wow&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SgNG4d4eQ9i-MhTel20wow

43 B
479 B

43ms
43ms

Image
image/gif

52.46.143.56

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SgNG4d4eQ9i-MhTel20wow

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

HTTP/1.1

Server

52.46.143.56 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Apr 2023 03:07:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: R4PA0FWHPDBADTG90PGC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SgNG4d4eQ9i-MhTel20wow
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF5D
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdIRURDOUUtMUktSVVHRQ==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP3qDXaYEfNlEUf8LeXN9DA&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdIRURDOUUtMUktSVVHRQ==&google_push=

170 B
188 B

40ms
39ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdIRURDOUUtMUktSVVHRQ==&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdIRURDOUUtMUktSVVHRQ==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0b388c490ecfef74be7d13328a4f3ac3
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame CF5D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJQZtTr-z15nAnwS0OSEqm0&google_cver=1

42 B
691 B

148ms
28ms

Image
image/gif

69.173.151.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJQZtTr-z15nAnwS0OSEqm0&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Server: 69.173.151.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 19ea072139d67f7022c6e463249c998e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJQZtTr-z15nAnwS0OSEqm0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304040531000/ Frame C0BE 222 KB
60 KB 33ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61837
x-xss-protection: 0
server: sffe
etag: "4c71ce2fa24fb84d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame C0BE 15 KB
5 KB 51ms
38ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5234
x-xss-protection: 0
server: sffe
etag: "5c3964a98ed5c9e1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame C0BE 94 KB
28 KB 52ms
40ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28939
x-xss-protection: 0
server: sffe
etag: "55c7a8d78e6c0bd3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame C0BE 5 KB
2 KB 62ms
49ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "d57b42639333a446"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame C0BE 40 KB
13 KB 62ms
51ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12940
x-xss-protection: 0
server: sffe
etag: "aa817619b4e21783"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C0BE 3 KB
3 KB 63ms
56ms Image
image/png 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 12:01:25 GMT
x-content-type-options: nosniff
server: cafe
age: 54340
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 15 Apr 2023 12:01:25 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C0BE 344 B
368 B 63ms
56ms Image
image/png 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 17:23:59 GMT
x-content-type-options: nosniff
server: cafe
age: 34986
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 15 Apr 2023 17:23:59 GMT

GET
DATA 200
OK truncated
/ Frame C0BE 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d51d72a2290a7370b1fc4e4428422eb4098f64a8ab06a4c03f9f005f2253bf5

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1784954868215229652
tpc.googlesyndication.com/simgad/ Frame C0BE 24 KB
24 KB 61ms
54ms Image
image/gif 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1784954868215229652

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a891b3a84a972a5adadc493a1443ba559ced5e28b5ad34707b5f206fd2f9dfa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24799
x-xss-protection: 0
last-modified: Wed, 23 Dec 2020 19:49:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Apr 2024 03:07:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C0BE 0
0 61ms
54ms Image
text/html 2607:f8b0:4004:c1b::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAr1moNsFfS1R3zjk7SG9TUErRoEezLTV7xzJ6X5HMjyUB0D5499IyZMOqjlGu9rDdxjdilMDk8IBgJ8cZybgJyOtbRA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C0BE 0
0 63ms
56ms Image
text/html 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGu-02BQ6ZMrkNJjpzwXmxrf4At-R7PdvtvHsrcwOjpfG0_4fEAEg0syBGmD96KKB8AOgAaaJ64wDyAED4AIAqAMByAMIqgTvAU_QWP4DMFbZU-1uhe9V16a7HqG0uyu9pPxtNwMw6P89pZPYcGdLebieFk_QE2_B8mzAhInEEuCnwCKr2qo2LP9do6B9dYqr0wFx_Ju_8_C_ycEAGo0BWeAR-B-R2gAYsigKve9ZPVSlBQKrypmJR1d9XZFsUBf017Jc0pxM1kiYjki4_cg-em9AGvWevRcdCT5TUUL-azFUFz1HMQ8_u9eHxnHkv6o0uXRU-QYHDoAslKel6ZK8biFLgEsIRSguH5_UjCtccFuMS6L59RvH2oexubY15Ysz4tnR1tgZM1M1ysn5LEdec2BALem10rV2wASj14WnrQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGA4AH-_PO4QGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC6kAvSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=wpw2tkU9D3M&uach_m=[UACH]&cid=CAQSPABygQiDcjvnysSTyNYawB6yVxOTcFlCht5vkyzSAdRRDTmksDrqQmrzpzoks10NL8ILfF4dv78usJdIbRgB
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame CF5D
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TVlh7zpVSMmeu43Tfokxxg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TVlh7zpVSMmeu43Tfokxxg

43 B
479 B

100ms
100ms

Image
image/gif

52.94.223.37

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TVlh7zpVSMmeu43Tfokxxg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

HTTP/1.1

Server

52.94.223.37 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Apr 2023 03:07:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3T3YNS69ZFZCJ38ZSV5F
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=TVlh7zpVSMmeu43Tfokxxg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 19c1ac3b9706c83a73951eba4d239689
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame CF5D
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGHEDC9E-1I-IUGE

0
516 B

153ms
108ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGHEDC9E-1I-IUGE
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7DB6271EB60942C3B797E3DBC0EC057A Ref B: YMQ01EDGE0515 Ref C: 2023-04-15T03:07:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX5V0CqixdzHC3O9hQ5Fg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGHEDC9E-1I-IUGE
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: af308bb17a856a105b8c87aaae7d7f8c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame CF5D
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://match.adsrvr.org/track/cmb/rubicon?
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e0155521-d663-465d-a8fc-68f85070a386&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

26ms
25ms

Image
image/gif

69.173.151.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e0155521-d663-465d-a8fc-68f85070a386&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Server: 69.173.151.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 574abe46412f7df61ec8713ff1a5b646
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:06 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e0155521-d663-465d-a8fc-68f85070a386&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF5D
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzczN2E5ZmNlYWZhYWJjZTNhMmMzYWUxYTAxNTQ3NzJmYmI4MzBjZA

170 B
188 B

50ms
39ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzczN2E5ZmNlYWZhYWJjZTNhMmMzYWUxYTAxNTQ3NzJmYmI4MzBjZA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzczN2E5ZmNlYWZhYWJjZTNhMmMzYWUxYTAxNTQ3NzJmYmI4MzBjZA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0b388c490ecfef74be7d13328a4f3ac3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 bg_1.jpg
img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/ Frame 03FC 40 KB
40 KB 96ms
80ms Image
image/jpeg 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/bg_1.jpg?1677047584623
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: a0f0c84d066058cf2d62319dcc1f80f6f71bc7faab03ffc4b9cb8f36fc024b46

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 02:45:09 GMT
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 14:34:04 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 1315
etag: "63f627dc-9efb"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=21600
accept-ranges: bytes
content-length: 40699
x-amz-cf-id: 2sWJq13R0n1kwGsMa_A8XQhHArChOH_Vn61dSOHW9OlHhjx7ioar4A==
expires: Sat, 15 Apr 2023 08:45:09 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/ Frame B3CC 400 KB
124 KB 64ms
52ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 03:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86249
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126862
x-xss-protection: 0
server: cafe
etag: 16869941564567738629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 13 Apr 2024 03:09:36 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame B3CC 530 B
290 B 66ms
55ms XHR
application/json 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c2bf10bca31e2a83cedd1d0b0766ced230ffa5f82bacc5338fe1c84efc4747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 265
x-xss-protection: 0
expires: Sat, 15 Apr 2023 03:07:05 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 22D8 22 KB
8 KB 40ms
25ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 293775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 17:30:50 GMT
expires: Wed, 10 Apr 2024 17:30:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bg_2jpg.jpg
img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/ Frame 03FC 34 KB
35 KB 32ms
32ms Image
image/jpeg 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/bg_2jpg.jpg?1677047584623
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: cad8b167abd483998bc5688d0ad86b441889ecd5e6a26af4ef13dd754183524d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 14:34:06 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 1315
etag: "63f627de-899f"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=21600
accept-ranges: bytes
content-length: 35231
x-amz-cf-id: jSPY5z__SHqV_vvxtMsiJBeZEF__30vKqqiwr1--LxX_ZfqzQ7tkBA==
expires: Sat, 15 Apr 2023 08:45:10 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D6C9 0
10 B 24ms
24ms Image
text/plain 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UIEh1g
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C0BE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

36ms
35ms

Image
text/html

2607:f8b0:4006:81f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Server: 2607:f8b0:4006:81f::2002 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Redirect headers

date: Sat, 15 Apr 2023 03:07:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 1784954868215229652
tpc.googlesyndication.com/simgad/ Frame C0BE 24 KB
24 KB 33ms
33ms Image
image/gif 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1784954868215229652

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a891b3a84a972a5adadc493a1443ba559ced5e28b5ad34707b5f206fd2f9dfa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24799
x-xss-protection: 0
last-modified: Wed, 23 Dec 2020 19:49:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Apr 2024 03:07:05 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C0BE 3 KB
3 KB 26ms
25ms Image
image/png 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 12:01:25 GMT
x-content-type-options: nosniff
server: cafe
age: 54340
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 15 Apr 2023 12:01:25 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C0BE 344 B
368 B 26ms
25ms Image
image/png 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 17:23:59 GMT
x-content-type-options: nosniff
server: cafe
age: 34986
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 15 Apr 2023 17:23:59 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A6DA 0
10 B 27ms
26ms Image
text/plain 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?G-C4Bg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ Frame B3CC 107 B
165 B 39ms
36ms Script
application/javascript 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B3CC 107 B
165 B 36ms
34ms Script
application/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B3CC 44 KB
10 KB 459ms
458ms XHR
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2203537247135992&correlator=4385255111841810&eid=44752586&output=ldjh&gdfp_req=1&vrg=202304110101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13857&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=2474970467&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3De15706d378fe3dda%3AT%3D1681528024%3AS%3DALNI_MYP5s-rAmaHFsapb0QHS2TK3j0X6A&gpic=UID%3D00000be2b6fd31d2%3AT%3D1681528024%3ART%3D1681528024%3AS%3DALNI_MaPr_u8lwTtRlkf7JXJR45gGA-hdQ&abxe=1&dt=1681528025971&lmt=1681528025&dlt=1681528025632&idt=318&adxs=270&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=u7ckp9aerusx&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=4&url=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&ref=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&top=https%3A%2F%2Freurl.cc%2FgvjOLp%3Fco%3Dmuj3e&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1916364193.1681528022&ga_sid=1681528026&ga_hid=1089270832&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6555491f41d86a583aae6e38394bfe911b4e774434a17a63df50d011270b392c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10721
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B3CC 15 KB
11 KB 50ms
49ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22fbbaf575b934bf1c67b8750c4322500fb7da06a68c59e1e5347b7a138d5346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11325
x-xss-protection: 0

GET
H2 200 container.html Show response
ed5b2eb7ca8e2d1abd0202636c61d37e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B54A 6 KB
3 KB 44ms
32ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ed5b2eb7ca8e2d1abd0202636c61d37e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 03:07:06 GMT
expires: Sun, 14 Apr 2024 03:07:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 girl.png
img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/ Frame 03FC 5 KB
5 KB 29ms
27ms Image
image/png 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/girl.png?1677047584623
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 2551865dd99b97818b4d039219dc5c2c356c9de2f9d37ab39f8a7e95abd4989a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:06 GMT
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 14:34:06 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 1316
etag: "63f627de-13c8"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=21600
accept-ranges: bytes
content-length: 5064
x-amz-cf-id: osjjC4hfXwLfMve-rekZF22lpeGzkaVumuPvbo4aCY05HSGQJ2qG0Q==
expires: Sat, 15 Apr 2023 08:45:10 GMT

GET
H3 200 MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js Show response
pagead2.googlesyndication.com/bg/ Frame 22D8 36 KB
14 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14288
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 19:28:39 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B3CC 17 KB
6 KB 42ms
41ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Apr 2023 03:07:06 GMT

GET
H2 200 kv.jpg
img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/ Frame 03FC 37 KB
37 KB 30ms
29ms Image
image/jpeg 52.85.61.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/images/kv.jpg?1677047584623
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-110.ewr53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 922bbc618accfdaf35e193bb5b3b0b2ff4aa9b2820eb39d8b86e2fae3782516b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/dsp/ad-image/1106/1/1fff5aa6-b914-47d6-ac51-9db28dceb60f/970x250_150k/970x250_150k.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:06 GMT
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 14:34:06 GMT
server: nginx/1.12.1
x-amz-cf-pop: EWR53-P1
age: 1316
etag: "63f627de-9242"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=21600
accept-ranges: bytes
content-length: 37442
x-amz-cf-id: IFBQQEEiOfJolW2jyYGUs-UtM6w0rJavJ3tVobSHHQyXy-EvI7Ci0w==
expires: Sat, 15 Apr 2023 08:45:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 884B 13 KB
5 KB 28ms
25ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 292973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 17:44:13 GMT
expires: Wed, 10 Apr 2024 17:44:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 66CE 783 B
536 B 49ms
47ms Document
text/html 2607:f8b0:4004:c1b::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c11d35a13e3b520231154fd6b15153e2cf1b57c432c7223939d78fcd8efec2ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4kzl65da6YxuMPF-q2pMWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-4kzl65da6YxuMPF-q2pMWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 03:07:06 GMT
expires: Sat, 15 Apr 2023 03:07:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 76ms
24ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 15 Apr 2023 03:07:05 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 236724
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3175
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=gLKSOnxCTXptOXFzL1g2RkxHL3prOXgzRmtaa2lXanRxWUQ3MnVNQkxrNUl1aU5JZUNaR2ozTWsydzVXa1JWSDgwOTNEUjE5UDNmdkhwQ0VLdHc5UU4xRXBCU3pZeDRaMHdNWnIwS3l2ZEdqTWVCNXovMU9pdmRzZTY0bE...

482 B
575 B

25ms
24ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=gLKSOnxCTXptOXFzL1g2RkxHL3prOXgzRmtaa2lXanRxWUQ3MnVNQkxrNUl1aU5JZUNaR2ozTWsydzVXa1JWSDgwOTNEUjE5UDNmdkhwQ0VLdHc5UU4xRXBCU3pZeDRaMHdNWnIwS3l2ZEdqTWVCNXovMU9pdmRzZTY0bE9hMng2SGxzU3c3STl1WkdLOEJoM3JpMnlGM01adWlVN2FzcTcwUWFsSUkzUlE1YkxsdjRRcndoM0J2ajlYVmRyeGwrRHNNM1l2UVZUQmxQN1o4KzV5cE9iV0FPdFFRQWN0cGcwa2h6Yk9UZkFERXNwemYyM2FrbHk0UmlVOGxQOUlBQXNqZUd2MEN2VHNjK2o1ZWFCYXdTaFNwTUxtTkN4bnJYQm9xR1hiTHkxSUUwZW8rND18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ba2c36be139c306c7eb602a1a16ba8d31f40cb0477393d1cdc04a6a56e113654

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:05 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1056460
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=gLKSOnxCTXptOXFzL1g2RkxHL3prOXgzRmtaa2lXanRxWUQ3MnVNQkxrNUl1aU5JZUNaR2ozTWsydzVXa1JWSDgwOTNEUjE5UDNmdkhwQ0VLdHc5UU4xRXBCU3pZeDRaMHdNWnIwS3l2ZEdqTWVCNXovMU9pdmRzZTY0bE9hMng2SGxzU3c3STl1WkdLOEJoM3JpMnlGM01adWlVN2FzcTcwUWFsSUkzUlE1YkxsdjRRcndoM0J2ajlYVmRyeGwrRHNNM1l2UVZUQmxQN1o4KzV5cE9iV0FPdFFRQWN0cGcwa2h6Yk9UZkFERXNwemYyM2FrbHk0UmlVOGxQOUlBQXNqZUd2MEN2VHNjK2o1ZWFCYXdTaFNwTUxtTkN4bnJYQm9xR1hiTHkxSUUwZW8rND18&cppv=2
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 514822
content-length: 0
expires: 0

GET
H3 200 cm
c.holmesmind.com/ Frame 3175 0
13 B 47ms
46ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:06 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

1x1.png
cdn.aralego.net/img/ Frame 3175
Redirect Chain

https://sync.aralego.com/idSync
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=NmY4MmY1OWUtMzk2Ny0zNDEzLWFiMTItNGY0ZTI5ZmVkODAy&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
https://cdn.aralego.net/img/1x1.png

68 B
656 B

83ms
38ms

Image
image/png

2606:4700:20::ac43:47fe

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aralego.net/img/1x1.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Server: 2606:4700:20::ac43:47fe -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4239
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68
cf-bgj: imgq:85,h2pri
last-modified: Wed, 12 Jun 2019 06:09:43 GMT
server: cloudflare
etag: "5d009727-44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rn4IkxDGNkXHnB8Mf2dU2Rsz9ptZLAYF%2FXs6WfR6sOa4GUpQYIJ8zQDcKzUG36DFl522uoi2LCtXHCXyP1khgPY0J7HdGgY%2FVIncZZzeC5Y86ZCA3xtp714UMzfwSOmq1PxETVoceoZOFxxhSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7b80f9f53b88ca4f-YUL

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cdn.aralego.net/img/1x1.png
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 884B 36 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14077
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 19:31:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 66CE 0
0 39ms
39ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304110101&jk=2203537247135992&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 72ms
24ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 15 Apr 2023 03:07:05 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 498566
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 24ms
24ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 15 Apr 2023 03:07:05 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 268993
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame A7E8
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=2STdZXx5TE0xZDRGZnlDNlp0TzRBQXVBYjN6ZHJ3R1djTWdCOWhaaTloQ2lMbG5ycjRtL3FKcVlCU3d2M3ZMTWtPcWFWdTVlZDgwRXpZY2xJOFBKSUNlK0l5VFZTcm5tZVBMMGZjdnl4L25VeHhKejFycFp1eWZoQUlOOV...

482 B
591 B

25ms
24ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=2STdZXx5TE0xZDRGZnlDNlp0TzRBQXVBYjN6ZHJ3R1djTWdCOWhaaTloQ2lMbG5ycjRtL3FKcVlCU3d2M3ZMTWtPcWFWdTVlZDgwRXpZY2xJOFBKSUNlK0l5VFZTcm5tZVBMMGZjdnl4L25VeHhKejFycFp1eWZoQUlOOVBrTlViSnNZNnhTcEwyclh0MWhNZDlCbklCTG9RVUh1RTJnb2xLN1YzZm1veGxLRm5jZUY2dXVDMTgzS2tjV3RtN29GUkZwUFB4cHlNNUZab2tVOGdieEY3cC9ZeUkxYlRiNUxUYVdGS3J3SWVLNG54NEZwZkJYNFRqcDFzRW1GM0I1eHo4ZUNzOEJHZWt6YlZJbWRIZTdmd2I2Nm1jNVQySFptNXE1dkx6SUxHVlNsRHNHdz18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9d3338b7d13e01c3eb731563bcabf5e14803ca3c81c0b26c57e0d5c105da72e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:05 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1110811
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=2STdZXx5TE0xZDRGZnlDNlp0TzRBQXVBYjN6ZHJ3R1djTWdCOWhaaTloQ2lMbG5ycjRtL3FKcVlCU3d2M3ZMTWtPcWFWdTVlZDgwRXpZY2xJOFBKSUNlK0l5VFZTcm5tZVBMMGZjdnl4L25VeHhKejFycFp1eWZoQUlOOVBrTlViSnNZNnhTcEwyclh0MWhNZDlCbklCTG9RVUh1RTJnb2xLN1YzZm1veGxLRm5jZUY2dXVDMTgzS2tjV3RtN29GUkZwUFB4cHlNNUZab2tVOGdieEY3cC9ZeUkxYlRiNUxUYVdGS3J3SWVLNG54NEZwZkJYNFRqcDFzRW1GM0I1eHo4ZUNzOEJHZWt6YlZJbWRIZTdmd2I2Nm1jNVQySFptNXE1dkx6SUxHVlNsRHNHdz18&cppv=2
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 679506
content-length: 0
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 22D8 0
20 B 42ms
41ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Boq3b2RQ6ZKncHc_LzwXHtLCoBwAAAAA4AeAEAg&bg=!QkGlQRXNAAZA7GLoYOw7ADkAdvg8Wt7EgJpTzelrUfnvW_lD0ghPKj64ZAkgtVa6aPm4YHJD0cAe-1GffiuWyvDKs2yDqifj36sCAAABElIAAAAEaAEHmQMPg0hVkU7OUAcF9tlfuHdlHmea2jKfxh-GzOve9_u-5NPISq-7URcCte3P8E4SVaqnp_Qx6V3sOrDp6zGvEaY8e7S-RJXTfEKUl9dqjRqZlIand-1k4kPr64u27UDlzj334lZdvIm2iPr4yf7dq9itlovcD5ZlNy69SzC7TbiRA0LMssDqlnHZg4Ij7lSnAqZkCnRuotnCI07DUMi1I8HD6eqGrBHi5vfzaprT_s0_12fB5QtgolHlUFAKn_ub7gh_JC1HaykcVsfP8yscDnw--_AoTx1VQtMVNJGMyCljM2gau1n5xjMYfhtyU-78rMvm4CJk5b_FNpF7OmKlZmo-lbTsP1Keq9PPUiY21chA19UhjdEAQcpaUaR7tFERQ__deXzpfWEer7CRatl17vWHqF8zHebC50o1wMUbMelpHfJP-btp6hHtDUx-MTbR9g_jc21-n4oIzDB2t2J4oFF-Hs1qTc6GNlWSM_9t5I8g9eJ5cWyHuYR-UsE1Maa7zxvYNC1SFWv1qubCaDNP6N5eARq-oezwa0s93kbgiJdd-udjRtQERKcNstkvNbdwq3-HrtI17CyFXuKqN_NwRpYg9gBtpREPcw0buIj73ZFk_X_OEFMqahsoElBXly2VM-o2O7qAOZ9qTSrCGr_cDJe1Q73tVIDTYCaQ2_LKWgTajtaax1UVuVe5nVmz5Hl9D6y7g_BFIInx8RecyeuJvwaF7eOTUSYQ-_s7CZOCBHV0gK6nnEr1SoO6Z0AqpEUoyWeVClY_Fh-2mYsw5TxWbgIRYhgL9b8TN7ytHeGU1UPi4IsIoZ8-nIkBSNQmBlyv_qYN_dwKmvJdhvLydDVB4c6MsiuIrdMB549Sr3UmWlySwDp2lYQV3M7F2K8uSo6DQPudwKC6r3_Upeztn3bCD9UDjQRAE_9vbN9ktiJgMyIeMuoDi8IOiBh7_NLv3fgsZgbcwUZLVrGS73srVouq6UbdNjhedDiBur2qtDMjEPMCRtkcMGPRh726YilBPmE68_i1LLD8ov1jvEzeW8Q242oG

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.png
cdn.aralego.net/img/ Frame A7E8
Redirect Chain

https://sync.aralego.com/idSync
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=NmY4MmY1OWUtMzk2Ny0zNDEzLWFiMTItNGY0ZTI5ZmVkODAy&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
https://cdn.aralego.net/img/1x1.png

68 B
352 B

32ms
31ms

Image
image/png

2606:4700:20::ac43:47fe

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aralego.net/img/1x1.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H2
Server: 2606:4700:20::ac43:47fe -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4239
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68
cf-bgj: imgq:85,h2pri
last-modified: Wed, 12 Jun 2019 06:09:43 GMT
server: cloudflare
etag: "5d009727-44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FIGayzn62hnFKSwkpIRl3MJGrvbVINvW14rq55whuTsupWlzhJm9owbKKA8J7wYcrKw9EAPM0Q8pJQWPERne0keUCggJCCIqDKfRM8bxu8ch5IUh9u024al7ehjddmWjdTzSRcCx0VA0P2qzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7b80f9f64da3ca4f-YUL

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cdn.aralego.net/img/1x1.png
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cm
c.holmesmind.com/ Frame A7E8 0
13 B 45ms
44ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:06 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304040531000/ Frame BB9E 222 KB
60 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61837
x-xss-protection: 0
server: sffe
etag: "4c71ce2fa24fb84d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame BB9E 15 KB
5 KB 43ms
41ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5234
x-xss-protection: 0
server: sffe
etag: "5c3964a98ed5c9e1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame BB9E 94 KB
28 KB 44ms
42ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28939
x-xss-protection: 0
server: sffe
etag: "55c7a8d78e6c0bd3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame BB9E 5 KB
2 KB 49ms
48ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "d57b42639333a446"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame BB9E 40 KB
13 KB 50ms
49ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Apr 2023 22:20:01 GMT
age: 103625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12940
x-xss-protection: 0
server: sffe
etag: "aa817619b4e21783"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 12 Apr 2024 22:20:01 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BB9E 3 KB
3 KB 29ms
27ms Image
image/png 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 12:01:25 GMT
x-content-type-options: nosniff
server: cafe
age: 54341
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 15 Apr 2023 12:01:25 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BB9E 344 B
368 B 29ms
28ms Image
image/png 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 17:23:59 GMT
x-content-type-options: nosniff
server: cafe
age: 34987
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 15 Apr 2023 17:23:59 GMT

GET
DATA 200
OK truncated
/ Frame BB9E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c4f432a30a63a2ec84b3840d9f21b762219a3c61dd568fe6e08ceff14470c06

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 10659570651333142169
tpc.googlesyndication.com/simgad/ Frame BB9E 39 KB
39 KB 33ms
32ms Image
image/gif 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10659570651333142169

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd27d79bb09370a12eff96c3313c993403f569fed18387634f8d24d2b070d522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 00:04:20 GMT
x-content-type-options: nosniff
age: 10966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39646
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 15:21:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Apr 2024 00:04:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BB9E 0
0 49ms
48ms Image
text/html 2607:f8b0:4004:c1b::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTp2nP_nquNaWxIpiONs9LHY_Ax4j21cjUWl2xqzrj2Fr7czh1AwybSpyWKAf-G7l8upvHrsP-rwnO5hHkw5hU22RkSjw
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BB9E 0
0 52ms
51ms Image
text/html 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNt-S2hQ6ZKLOAdXLzwXi2ZDIB7-XmYlwncaKnZcRr-rk8cgBEAEg0syBGmD96KKB8AOgAaHAmPEoyAED4AIAqAMByAMIqgTyAU_QB4HmkXSAVmrZ_z-xhLGXcSbVMZyy_jxyl6TZlyys8q6TG6s4_oOAet1Bm_Oqvyi-vIO96FvxADnvj6pkWicuFS0o6CJu7n-xpR3wB_AwJu2b_Mfri1va7n_xUf9QlmlU_F_68-SpSGAgW7sOB8JAwShsg_EvVAPqkPTJxYh7WjENhz33KXRkd0-4QeMN_ZmB9w2BK0g4YWMCb4JcBlNHNlzyA2exd0z7gnZoBWvatXS8kK_o1uXEuKs9Pp2UBtEUgt8LJUVArZ1-F9kmsA_YVCtHsGlCahnWCxyFmaOGgk2vf8TNdDlXkhDdeVXlVzZ5wASirdGzrQTgBAGSBQQIBBgBkgUECAUYBKAGA4AH3-e4ngSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD_qAzSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwvQFQGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=Nk_eGjDISl4&uach_m=[UACH]&cid=CAQSPABygQiDg5EPhhzckJQ4OqWfrw7NoinQ2b3Glj5yPBypKda9a1VJ5nMLyprCrTSNyYZDNpNpOF7Yqo8CTxgB
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 25ms
25ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 15 Apr 2023 03:07:06 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 594894
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E98B 42 B
64 B 49ms
48ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujX1XwhzSxIn9ql6ZYX8S8y6QOxL8uWOKPDuHMD-hwVRu6M7JD-NIconvP4nfaNLqUwlLstTM8pyIxO8Lyv6FreJkOR6LXOZQFB3lxt0jZ0V1dMrhQKi80787ptZ_VCXdWtOgLJc9sTBGChljjheV17XZSaeNqJg&sai=AMfl-YS3uTgUs_VJ-SlBQwkFbcM3E1pCHyfCjLX6JiUmluDHU9mjE9PAPeKIk1CK1_nzGYtaQ63Sj563Awc_urvb9IDf85BWYILmykDbJTRMEMyhEkYG0Ni_wwtVdV1x&sig=Cg0ArKJSzFHBqwUg3KfhEAE&cid=CAQSPABygQiD6N-aBzfhlz6lK7wpACg2QnGls1qgR7WXygwy8hrh_Hh2ng7HQth22g2FQtguQvFyYNoeWeCiVRgB&id=ampim&o=640,364&d=320,100&ss=1600,1200&bs=1600,1200&mcvt=1032&mtos=0,0,1032,1032,1032&tos=0,0,1032,0,0&tfs=563&tls=1595&g=100&h=100&tt=1595&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 884B 0
10 B 25ms
24ms Image
text/plain 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WTnpyA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 03:07:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 10659570651333142169
tpc.googlesyndication.com/simgad/ Frame BB9E 39 KB
39 KB 25ms
25ms Image
image/gif 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10659570651333142169

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd27d79bb09370a12eff96c3313c993403f569fed18387634f8d24d2b070d522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 00:04:20 GMT
x-content-type-options: nosniff
age: 10966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39646
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 15:21:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Apr 2024 00:04:20 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BB9E 3 KB
3 KB 33ms
33ms Image
image/png 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 12:01:25 GMT
x-content-type-options: nosniff
server: cafe
age: 54341
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 15 Apr 2023 12:01:25 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BB9E 344 B
368 B 33ms
33ms Image
image/png 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 17:23:59 GMT
x-content-type-options: nosniff
server: cafe
age: 34987
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 15 Apr 2023 17:23:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DEFD 0
0 42ms
42ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304100101&jk=4160504276391415&bg=!_P-l_6vNAAZA7GLoYOw7ADkAdvg8Wh8QNNJWA2pcwCK4dEkkLP1CzS-M6iuV8_Tg93hGuVQU1Qngqkxi06ytc26NP19rfu98Js0CAAAB_FIAAAAEaAEHmQMk-p-VvjELX7NBsRiz-7mp3rsti0R4QWJCO1Ow6WyqZaMxmBxDLRvAS0FGKUoF7-iIbNLSQykXl4oq17sh-iwYyIzY1w7Z3Lu961NjhQR1Gj6ewILCC3V3SRSFuVF61GamvvhtJkrhaDarPoxy9Of0HtBsrkrHHtPlY4HaXyzUpnyEw-s0qlLgMNYPDYvbeIXEliURdu6kO4_8vIoLCvLQg4eT8yLYeNtg75okjJhPhRx8u6xIpVUr-QZ1SpUt2yNyz8pGlHHrjVjKbT0gT1MQfiKLGTZA-3Qj3hP1iAiBEAgluOq1QKNxft6gKedFIpkWBorOQfonFgoVVX2BKjqNkCXAhFs7fc7xYxM6REuYuopQl4AJRVHv9bs--HqorAE3eKtQldk_f1lL-NOop1hvB8jBzKC2ZfJgQ7GMnX0cQuVseGLVLHiJEN7wpgDMqY6wFuunvqrfNw_pwCC93gXazBRuxEl1Hy_tnxBgNigu6I39W5cIIfv8dZgukkfPUgzPC_Oei7mFKXWjQ-LO95mDpMUQmKloSw7R3p8RyxAenjCpVKrSdsZVUakWHCRAJTJYVKqKPcsr2tG74xB7lD_yEAhHl64R1eLuJsZkeYCi79zmVqNAfeEucjv4I4X3PrPBjoE2RWyG0cP4999mkCfi5kFSpoz-CGCew6H-_hZuArhuIE-cGolUCLmOSrQp6RTe_dWlhO93kmwvuz6HgIrK8S9OsEL9Kcu75iTlhx4o3PgY89PKl_Jz28JQI2ZUvQxM9UVzuszRzMQtus2KgSL8ohW8VCVy0HF_KF5hfInRItv3DAR64kQ97zSdtoZr1-bAiTtW7U5IUa2QSK-7fzvqiLzftd7_3h92wX2Sqvvj43fkBJgiVfdcsiEDMJkF8yRyipX7gS6xQXrzyS_mZXpMm-fhv_pGrlEZwGm5Fy8S3a2AsqzarYRMfq1sRCsrcYZr3u9mRCZWzb47FOs0j3abS2QBv9l-EWRIoRAbMuE9pcqQFEG19Y5v3GgD0MT1E7LKtlXhSu79cwlr1eyMfJWiBUGXUbRx5O3waPtMovxKFHrj_kr_
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1C9C 0
0 43ms
42ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304110101&jk=2488601604662369&bg=!gYKlgtbNAAZA7GLoYOw7ADkAdvg8Wtoy_SoWkFyiFjGGOFH-tek2t7JqNos8zqYth_VLqQ8zg-1psk4ZgxdcGD0-aFJ91hvlVRsCAAACLFIAAAACaAEHCgBQo-ooo1zITMSRl5HYK6-G8MhYNogF01FgduDcFC9198bZ15_OnD-R5_AttQR3Twp8SQnIMd5x8iDDLmHSTM-vdYcTHc6lMzKQ4VZ5-EQ-WpyZAvqB74rF3vv4_WeVlFPE1HJxSRO-JuzTL8_AfAPFApwY7x6X60u_YIKVv0axIlaK9JMM5zue1idYm-Taq69OwGqnhOUNHn76fxC8FmgibMOWfhov-A7RU2PrHKWb9QLoUtEd_FjFumc_4_j0h5lX8FWi3HoN28BNmxB5_UAa13UllTiZzOod5WTDHNS-CgVhnF1dis6uzVkCqRK0dEEjqE3yD2e8F4TrHmffunKRpWZz51mvXCemyb1tJwqqJ3rz_N5Pyb4ioZLfxBQYKIo80PkuebNmyQgZgQWrlla0d6v6oe0v564UAr3nexcp_igkfTr7C_O5XECIbkGSAavYjAsV2U2WG-wxce5Z1kbBaXYWxQaqQTSCTE7aWLuXzqf29JWTU7MZM6qpWW978NoI4qX9VyKVF8lEHBfhsEm_lOTHFzCZLfxYEhcUvB1KBl4IpFrK1gj08rSnwIzus1IZhWZgA2qAB0RQBz-8YjvnKQCOE7QOjrhZJ1HdarZnZw5XDUX-P8rERmvtUraS0zjPJjlMX38h9cDt0S68oCj-0_VLxRENeMuX_dhoLNCnZGuutpV7ijH5722bQs1FSxV6PYprVw5YC1nhFiZYiB-QjzIl9-DA_1K6p5HJq8Q_CXwGeO6LkOAu9EnqQrgwvkJOwuogFu5HJyi1LEHg2jC29V4wqsKyCiESb4Z2W4anf9-PaqoySM6NMcgjYXd_iPZTM3Vv0d82BLWVQmUPIhQV5w2Tx6v5nGMh8J4zJsAq3h32vQx13gCB9fmZ-Elu58_TojBVI_TjaAkDIG5p68IqCu2RtE2tjux2qQ0xkelTzLvBvzWHL7h6YQPnq7h2jh_PiIR2J43HvwWMmCBKpGiSqWKBbBAk04RagML962E1UA_YqtbyiYsO3m3pY0Fx9d1ILIVLNeSLtheK5F8Pa_qJ4Y72lCMQPdPbBLGs0xGh-zberWF8_MJNsI1wPlCDOjV3kIrkuunVN2vF-IJQIp3-K53fZmo6GYQnvWj8sGA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C0BE 42 B
64 B 49ms
48ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNiblmSTCe0NZMgvF06z5Ho9JmSz0mWerq3p9bSSzO_KdO7BYLm40U3y77Z5k6FRYgUdG9mTVkRPjkcZafTl7dIJ4nWbr127fksYFneFTjBydnPwjFChVF4OA8ZYbtzolh2Bw&sai=AMfl-YTSZvpaBlGzqDG8dE7GrI1cmtR3XI5cxiuBYVO63Z9Lq1ufRIO__cEigmgR_dEvIj77mWfKmUAyO358aCoIx0q0X-sO7nAKItDrPLe4Q49Sl9HRuBilPF2f07AG&sig=Cg0ArKJSzLUW_U42g4s4EAE&cid=CAQSPABygQiDcjvnysSTyNYawB6yVxOTcFlCht5vkyzSAdRRDTmksDrqQmrzpzoks10NL8ILfF4dv78usJdIbRgB&id=ampim&o=315,567&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=438&tls=1438&g=100&h=100&tt=1438&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B3CC 0
0 43ms
42ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304110101&jk=2203537247135992&bg=!KimlKX3NAAZA7GLoYOw7ADkAdvg8Wpzo9uK4ARkk7xcrmJLtGygIemGWQ9u9e5oFISfonhA2yI7udMtL6A4fyexnm12m1ZplW_ACAAAA-VIAAAAIaAEHmQMst5Z4hK1WKrVKffUWyHVKeqdrad0sqSKO8LOzM4KKUE1BKtJnR5vYWGZf5wJxxv8vv8feMIGaANHnC41biZEMsGMNQhCotfLOdvWfVm3Kp-28IYZQu2xv36MWGmvTqzfuYQuG5W3qcQak2T4Ju7AWJ0DxP9aOvsk0vLYsmKn2l9m_6vApqeoMCzQTS-7EEgjs1cPGfCv8pAFfV5EQy-EYjHxjVhkQARflriTeTeOjonWpUDQOljDpujFP6Lx4w8Au2mt8nEuLhZwFT_iUWoN8Vcs3Sut7WTtCuBJc4nQd03fh4i556_PD3rLr_071RIz65TZOIkszqz6Kgn8XAwhaRnBrz9g3b7Z80HIMqm2iKygjsHEA7LWu5Dggs1QGy1o5ZCSdUAfr5CL07IS9bzfL-jIhWnaGIbwOsPyeWe-QjlN9qtFi9p69E1M7RSyVqczYWm3fKCDOazM_KD8nRXNbMyCqQgcuV2c9xuilLt6aqN3UaAWXkt8VdDFMqxsgrzTqAyNcQwan94ny1ux9BgVDUUumHaucGQPsOesjNN5MQu7WdUXxBmlGmxZv3z6ueBGtxaj0zdVelZdAiIPF9zETgmuWhk6PLeRvTP7keFsO7PgR6_AqwDNe_vKqQt2aUGDXyIExVUqadGeTyEiOxmxJZ0pFX8RR4Lf68pRj5LkfYV4fvHxTKTFJyKZwLCt_7cC7MrTygoCpdXOaH2CjwisJryWaV2gCWdvBRvW7Lcdt-bYJwt-61i78tt4-n-j442qTwVzq2Dml03aS6zUwRfVuHS2eMdXuTvxTorYTtGIMPVgrZt-H0mSMqCpJbdHf6CEqbjtunAPvy7c1pnQ89PNm5eu6VrjKfJEccvjdkavj8-ZGihMg7dYLB3MEs6enXrwgwqIiaDHFo-V5qUL20fKVW477FPZHNv_TRCqDmaxDlIkeGwKRgrpuv56SwEv8dff04oEpa85aNYsREU-b_isBDo3SpMJTUNZMgmlXetU4ESDkRUS86472888Hro3YdSUW1SHvvQGwXyAAUDTfFSccsq7ITAcT3L6mlBC4Zg6hwwi8SQJZtPnn6zhBf5M
Requested by: Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BB9E 42 B
64 B 48ms
47ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswYAdnq5-e77Em_Rf3StxFZWJs4oCj94feguT2m-1_3vKavBM390vSxLkaerKGo8sPEM0RK6M0_oLns6JZljyFEE3C4mCrnT5AzYP6NSOzIW8X4aF3wFZSzcIb-7djOKqvIro&sai=AMfl-YQkP7fsH2ZF3LdF_tyNckaKw1s5QmE9Mz88sjnv9S4WMmZ1dzrgpHUczowJg-JvfyCbs6-efFMt_hnwRjoqWJ_oACOsDhMdOk4JQMEc2pPKnf1SxKKNr--Bk70K&sig=Cg0ArKJSzKanmstCkuwhEAE&cid=CAQSPABygQiDg5EPhhzckJQ4OqWfrw7NoinQ2b3Glj5yPBypKda9a1VJ5nMLyprCrTSNyYZDNpNpOF7Yqo8CTxgB&id=ampim&o=270,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=189&tls=1189&g=100&h=100&tt=1189&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/gvjOLp?co=muj3e

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 75AB 15 KB
6 KB 29ms
28ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 03:07:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 1882897
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 75AB
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=9dfnt3wyanBmenhvQy92NjROcWR2NUhNQ2NSZTJ3UEZQdlEwRWNBWDNDSHdCbG5Ucy9HQXp0c0pUaEwrTG5XMW5WOThPZUVTOWtUVFY3QUJmNVJyVDA5R2t0VGQ0NXJQQUNwYTZHNGRMQ1IvSTBpOFN1TkVob0hWNGloRC...

431 B
649 B

25ms
24ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=9dfnt3wyanBmenhvQy92NjROcWR2NUhNQ2NSZTJ3UEZQdlEwRWNBWDNDSHdCbG5Ucy9HQXp0c0pUaEwrTG5XMW5WOThPZUVTOWtUVFY3QUJmNVJyVDA5R2t0VGQ0NXJQQUNwYTZHNGRMQ1IvSTBpOFN1TkVob0hWNGloRC84MjhhOUQvbUEyd0YyVTBPUUN6ajdOSDExN2RRalUvV0xFU3R5ZTdpZFJEeTZ1THU0Q1VCdC9nYnRxdlNSaVFqcDk3TFlsRWRhejVQdWNaZmNiZHRlbFVUS3dTb3RrS1IxOWJSV2FpN2pyZEV6cDVzMzVHSmRaUnZUTVRydUlUdXR5MVBLTG9tL3g1ckNnWE12ZmxlaUE0bll2akdIdz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d933555cfe15a931251b5c91226bbf52505d9b3d503ca6d9aff7a02042d63972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1145073
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=9dfnt3wyanBmenhvQy92NjROcWR2NUhNQ2NSZTJ3UEZQdlEwRWNBWDNDSHdCbG5Ucy9HQXp0c0pUaEwrTG5XMW5WOThPZUVTOWtUVFY3QUJmNVJyVDA5R2t0VGQ0NXJQQUNwYTZHNGRMQ1IvSTBpOFN1TkVob0hWNGloRC84MjhhOUQvbUEyd0YyVTBPUUN6ajdOSDExN2RRalUvV0xFU3R5ZTdpZFJEeTZ1THU0Q1VCdC9nYnRxdlNSaVFqcDk3TFlsRWRhejVQdWNaZmNiZHRlbFVUS3dTb3RrS1IxOWJSV2FpN2pyZEV6cDVzMzVHSmRaUnZUTVRydUlUdXR5MVBLTG9tL3g1ckNnWE12ZmxlaUE0bll2akdIdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 335960
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8AEE 15 KB
6 KB 30ms
29ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 03:07:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 2061685
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 028E 15 KB
6 KB 29ms
29ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Apr 2023 03:07:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 1874591
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid
mug.criteo.com/ Frame 8AEE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=GwDuzF9HSDZuUkZkSkdPYnpRMDZaWjU0M1FLTEJXd0NFZzlsJTJCaFpqQkJ0UkFLQXclMkJmOWJKSm15cm...
https://mug.criteo.com/sid?cpp=LJPLuXxwNGdhK250TWpzM3oxelF3ZzhmekVkTUVGVmxtTUpPUGx2cTRCU3g5b25WVDBOVDMvOHlLU1UxWlNYYWFlcUhCdUVaV1JjT0p1NTdNQnEvdHUyeWhYOWpkYmhUZWRxK3NkUnR1NkhzR1g0UnZoOEp6ZldTaWdGZj...

428 B
653 B

27ms
25ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=LJPLuXxwNGdhK250TWpzM3oxelF3ZzhmekVkTUVGVmxtTUpPUGx2cTRCU3g5b25WVDBOVDMvOHlLU1UxWlNYYWFlcUhCdUVaV1JjT0p1NTdNQnEvdHUyeWhYOWpkYmhUZWRxK3NkUnR1NkhzR1g0UnZoOEp6ZldTaWdGZjdLRmlJZGR5Uno5RHExcm9HU3lvbGlNdUZEaGpnSmJmTHYyZmIvcks0NWFXTm40dWYyYkRsWXRwMVpzVG1xZit1YkptYmlmSXlSRVQyM1V0RTRiRTU4bklabGYxeDBrdkFuYTF1aTVKMHFlL3B2d2I3eW9zSFlJSEtQT0RqbTJORDloVFozeDVOK1YxR1BxMDd0V2dWbC9ZcTkrb2xkQT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1000321
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 15 Apr 2023 03:07:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=LJPLuXxwNGdhK250TWpzM3oxelF3ZzhmekVkTUVGVmxtTUpPUGx2cTRCU3g5b25WVDBOVDMvOHlLU1UxWlNYYWFlcUhCdUVaV1JjT0p1NTdNQnEvdHUyeWhYOWpkYmhUZWRxK3NkUnR1NkhzR1g0UnZoOEp6ZldTaWdGZjdLRmlJZGR5Uno5RHExcm9HU3lvbGlNdUZEaGpnSmJmTHYyZmIvcks0NWFXTm40dWYyYkRsWXRwMVpzVG1xZit1YkptYmlmSXlSRVQyM1V0RTRiRTU4bklabGYxeDBrdkFuYTF1aTVKMHFlL3B2d2I3eW9zSFlJSEtQT0RqbTJORDloVFozeDVOK1YxR1BxMDd0V2dWbC9ZcTkrb2xkQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 354438
content-length: 0
expires: 0

GET

sid
mug.criteo.com/ Frame 028E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=GwDuzF9HSDZuUkZkSkdPYnpRMDZaWjU0M1FLTEJXd0NFZzlsJTJCaFpqQkJ0UkFLQXclMkJmOWJKSm15cm...
https://mug.criteo.com/sid?cpp=9wsaM3xKVWVCL3dmak52Snk2ZHllM1A0T3k4dlBORmVLVC8rck1mVWYyZ0JkS0pCbVVFNkRsYWZwMFlveVBsWGNRbzFQcWtjeGF4WE5PWkRIVW9NRGpQZ2sxMkJXUVl1ejhhOGNFcURrZ1Zob0xwcmZ0VGt4Y1dsRlhaeU...

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19462.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1007319763&__s=%3A%3A661zn3&__hsi=7222107859003635853&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5Zx61vw4iwBgK7o1yEfo2IzU2Xwdq1iwmE2ewnE2Lx-0iS1Axy0gq0Lo4K2e1FwbO0NE&__csr=&__sp=1

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5Zx61vw4iwBgK7o1yEfo2IzU2Xwdq1iwmE2ewnE2Lx-0iS1Axy0gq0Lo4K2e1FwbO0NE&__hs=19462.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7222107859003635853&__req=4&__rev=1007319763&__s=%3A%3A661zn3&__sp=1&__user=0&dpr=1&jazoest=21864&lsd=B9rtZ-jj7CqPaUFYPp9wBJ

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5Zx61vw4iwBgK7o1yEfo2IzU2Xwdq1iwmE2ewnE2Lx-0iS1Axy0gq0Lo4K2e1FwbO0NE&__hs=19462.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7222107859003635853&__req=5&__rev=1007319763&__s=%3A%3A661zn3&__sp=1&__user=0&dpr=1&jazoest=21864&lsd=B9rtZ-jj7CqPaUFYPp9wBJ

Domain: d26c72bf54bc1e5091b530d89cca601b.safeframe.googlesyndication.com
URL: https://d26c72bf54bc1e5091b530d89cca601b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=9wsaM3xKVWVCL3dmak52Snk2ZHllM1A0T3k4dlBORmVLVC8rck1mVWYyZ0JkS0pCbVVFNkRsYWZwMFlveVBsWGNRbzFQcWtjeGF4WE5PWkRIVW9NRGpQZ2sxMkJXUVl1ejhhOGNFcURrZ1Zob0xwcmZ0VGt4Y1dsRlhaeUtWdEtsUUdlQ2ZBUUliR1hoNTg2bmVNSXpEWkFLYW9XN2c5ekk2ZDJVK0tYTHA5ZmxjMi9ycVpmT1Q2NCtCUlRhMmNTU2QySS9WT0Y5VGh1NERKbFVubzZ1NU1HZldTMnJmNzc4MCtuZWdTeHgzWVhWUmRGdTR1SlRuNzhOWjdMQVZ1T2c0Qm5JMy85MFRlb21mYXZIUE05RzlOOWZjZz09fA&cppv=2

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reurl.cc/	1970-01-20 11:06:54	Name: _gid Value: GA1.2.1570841255.1681528022
.reurl.cc/	1970-01-20 11:05:28	Name: _gat Value: 1
.reurl.cc/	1970-01-20 20:41:28	Name: _ga_N394QBRGC0 Value: GS1.1.1681528021.1.0.1681528021.0.0.0
.reurl.cc/	1970-01-20 20:41:28	Name: _ga Value: GA1.1.1916364193.1681528022
.prnasia.com/	1970-01-20 11:05:29	Name: __cf_bm Value: t4fXE6keGKzff2vmqVMmauh5aCfPWgQqH9GqwMWMS2M-1681528022-0-AdwVOjdHHDXAAjTgvp6UWBxm3fntO9aWERe2a2gkWSHRQQLGHs4hPACqSl1Vzgrw2OHFNwsY/UgQHd7IKrs+95w=
.reurl.cc/	1970-01-20 13:15:04	Name: _fbp Value: fb.1.1681528022066.1471806994
reurl.cc/	1970-01-20 11:48:40	Name: CFFPCKUUID Value: 5431-i701ZadLDNp5A5TeiDSydTikvgpfjrU5
.reurl.cc/	1970-01-20 11:48:40	Name: CFFPCKUUIDMAIN Value: 3556-3L8fTBs8f3JPmjVfKePwFCvQSoyI6GZT
.reurl.cc/	1970-01-20 11:48:40	Name: FPUUID Value: 3556-ea26c5ea6856fdb93f62f576d5e2e58973424438c3001376f0c1047147cc0cdf
.holmesmind.com/	1970-01-20 20:41:28	Name: P Value: 922415-4x4kZzCwGyYZU82MyJz3EYJGdIAnJxAO
.holmesmind.com/	1970-01-20 11:26:35	Name: Vision Value: 20230415-23:59,20230415-14,20230415-14,20230415-23:59
.holmesmind.com/	1970-01-20 11:26:35	Name: C Value: null
.holmesmind.com/	1970-01-20 13:30:25	Name: RK Value: null
.reurl.cc/	1970-01-20 11:05:31	Name: _ht_em Value: 1
.hinet.net/	1970-01-20 20:41:28	Name: uuid Value: 9ab262ee-4ce5-4a79-b8de-e72fefcf7d96
.reurl.cc/	1970-01-20 11:06:54	Name: _ht_a546ca Value: 1
.reurl.cc/	1970-01-20 11:06:54	Name: _ht_50ef57 Value: 1
.c.appier.net/	1970-01-20 19:52:30	Name: _auid Value: R3rJXEsBBQemhJ4T1xQ6ZA
.holmesmind.com/	1970-01-20 11:06:54	Name: fcm Value: 1
.criteo.com/	1970-01-20 20:27:04	Name: uid Value: d6d0ece5-ce98-4682-9b07-f2cce712da72
.scupio.com/	1970-01-20 11:15:32	Name: fxc Value: 1
.doubleclick.net/	1970-01-20 20:41:28	Name: IDE Value: AHWqTUnhDuUwfWPFg1xdp3IPKsX11jvv7147CQIsf_vpPQKFd1sApDpYy-jbHSFG6cU
.scupio.com/	1970-01-20 19:52:30	Name: gx Value: H4sIAFiFOmQA%2fxNmYGDg4uZomf%2fh1oRb96wFWIVYOOwFmAB5qCb4FwAAAA%3d%3d
.scupio.com/	1970-01-20 19:52:30	Name: OrgKeyValue Value: CLA20230415110704933630
.scupio.com/	1970-01-20 11:15:32	Name: gxc Value: 1
.aralego.com/	1970-01-20 19:51:04	Name: sspid Value: 6f82f59e-3967-3413-ab12-4f4e29fed802
.reurl.cc/	1970-01-20 11:06:54	Name: _ht_hi Value: 1
.scupio.com/	1970-01-20 11:15:32	Name: uxc Value: 1
.holmesmind.com/	1970-01-20 11:26:35	Name: R Value: null
.holmesmind.com/	1970-01-20 13:30:25	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-20 20:41:28	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.reurl.cc/	1970-01-20 19:51:04	Name: __htid Value: 9ab262ee-4ce5-4a79-b8de-e72fefcf7d96
.doubleclick.net/	1970-01-20 11:05:31	Name: DSID Value: NO_DATA
.rubiconproject.com/	1970-01-20 19:51:04	Name: khaos Value: LGHEDC9E-1I-IUGE
.reurl.cc/	1970-01-20 20:27:04	Name: __gads Value: ID=e15706d378fe3dda:T=1681528024:S=ALNI_MYP5s-rAmaHFsapb0QHS2TK3j0X6A
.reurl.cc/	1970-01-20 20:27:04	Name: __gpi Value: UID=00000be2b6fd31d2:T=1681528024:RT=1681528024:S=ALNI_MaPr_u8lwTtRlkf7JXJR45gGA-hdQ
.yahoo.com/	1970-01-20 19:51:25	Name: A3 Value: d=AQABBNkUOmQCEMtRjBX0vqHG-r1DHh_pkXcFEgEBAQFmO2RDZAAAAAAA_eMAAA&S=AQAAAgfIegpAOo2wLbFMIl4FQOs
.amazon-adsystem.com/	1970-01-20 20:41:28	Name: ad-privacy Value: 0
.adsrvr.org/	1970-01-20 19:52:30	Name: TDID Value: e0155521-d663-465d-a8fc-68f85070a386
.linkedin.com/	1970-01-20 19:51:04	Name: bcookie Value: "v=2&ef8685e9-df2a-47f9-8b69-87b32ae33c3d"
.linkedin.com/	1970-01-20 11:06:54	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2915:u=1:x=1:i=1681528025:t=1681614425:v=2:sig=AQHC0vDiBSV_-r7r9ztA1IQQpsQNPNXv"
.adsrvr.org/	1970-01-20 19:52:30	Name: TDCPM Value: CAEYBSABKAIyCwiux-yXp9reOxAFOAE.
.amazon-adsystem.com/	1970-01-20 17:21:18	Name: ad-id Value: A-G9zIsGc0Q1olI_PCrg-bA
.rubiconproject.com/	1970-01-20 19:51:04	Name: audit Value: 1\|a+e+S8h+tk+rqF6AQRx4nxXtkk0FmelvpQnmfXl+gPceECEUBMhein9EoE4XFoKSWwKeGrzpTMPqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://fcm.holmesmind.com/cm.php Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9ab262ee-4ce5-4a79-b8de-e72fefcf7d96.t.ssp.hinet.net
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
adcdn.holmesmind.com
adservice.google.ca
adservice.google.com
ajax.googleapis.com
b30ccdf5-4162-4ff2-883b-6d9683522afe.t.ssp.hinet.net
bidder.criteo.com
bw.scupio.com
c.holmesmind.com
cdn.ampproject.org
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
connect.facebook.net
creditcards.com.tw
d26c72bf54bc1e5091b530d89cca601b.safeframe.googlesyndication.com
df2b8e11e7e94d8394ed0fa861efdd71.safeframe.googlesyndication.com
ed5b2eb7ca8e2d1abd0202636c61d37e.safeframe.googlesyndication.com
eus.rubiconproject.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i0.wp.com
img.gbyhn.com.tw
img.racingcharger.tw
img.scupio.com
m.holmesmind.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
pagead2.googlesyndication.com
pixel-apac.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
px.ads.linkedin.com
re-news.tw
rec.scupio.com
referer-log.holmesmind.com
reurl.cc
s.amazon-adsystem.com
s0.2mdn.net
scontent-yyz1-1.xx.fbcdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
sync.aralego.com
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.rayskyinvest.com
z.moatads.com
d26c72bf54bc1e5091b530d89cca601b.safeframe.googlesyndication.com
mug.criteo.com
www.facebook.com
103.132.192.30
142.250.65.162
142.251.167.149
172.105.235.90
18.179.127.135
192.0.77.2
192.0.78.244
192.96.203.13
203.75.214.136
210.59.219.175
210.59.219.180
210.59.219.181
23.193.121.161
23.3.115.102
2600:1f18:4e9:5a05:104e:317f:d99a:8776
2600:9000:24f0:3800:0:e06c:e940:93a1
2600:9000:2512:6000:3:1794:2540:93a1
2606:4700:20::ac43:47fe
2606:4700:3032::6815:43a6
2606:4700:3034::6815:6009
2606:4700::6810:fd04
2607:f8b0:4004:c06::95
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c06::9b
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::61
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1b::69
2607:f8b0:4004:c1b::9a
2607:f8b0:4004:c1b::9d
2607:f8b0:4004:c1d::5f
2607:f8b0:4004:c1d::71
2607:f8b0:4006:80b::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:824::2002
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:1ec:21::14
2a03:2880:f00e:13:face:b00c:0:3
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42::485
34.102.176.152
34.149.36.179
34.95.67.231
35.185.130.121
35.185.136.122
35.186.215.140
35.190.36.98
35.201.76.93
35.227.249.156
35.244.196.223
35.71.131.137
52.194.43.130
52.46.143.56
52.69.218.118
52.85.61.110
52.94.223.37
69.173.151.100
69.173.158.64
72.247.65.83
74.119.119.139
01ecf2059c1f90fe83dcf397cf242085b033983b34e788ebd2c99c037eec0f47
024e15d4b3131aaad2b4af84cd29aff20b9f53a931e76f5cfb3d8152e386845a
03b64bb0d20922746a87312330694e2031794c6816de8231a3d3f9fc10e39667
05e281469e11497e91db76b031ea480c6bca6ee601ec9b714115fc278c98c30b
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
06322fc8a6f8e63c959a7361f664450b4db0dbb9151f27a9e47f71c41e4871f6
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
0a3920a01c0dcd03e7617df96bcbd48fb4c6f9ef73ae02927bc9578b15918afd
0aa50482e0443a679a0e25093a5ab55e39f55da632e3fc5a89103d89f2b48472
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c16cc91a6b87a91cf466974b74b7618ded03bc511a0c8c2c0da803a6524855b
0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774
0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1519f65f0646c7ec878163cb3a7034c6db155f9243ae1208e3b3ad3bbd5ad503
16be4732369bed69d2ddb41d61adf1936cf47cd5f24b986b9769af99ad5bbe83
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
1757f85274e5852abf3473d640efe7c17691f915849fcd8808afdde646069659
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2
17c2bf10bca31e2a83cedd1d0b0766ced230ffa5f82bacc5338fe1c84efc4747
18bb0e90797ec6f226137169e5775aceac0cb1ede819c3526b431cc2034db84f
1a2dcbaa8da5e1459685453a48b20ad6d18fcc772cc45dffcc2c2c719fee8091
1a99c7dc79dd2b64ac281c5c9f9e470aa37b28bbb958ef7bc8eff508cded8e25
1bfc2e2068ee2ce434a9273fee1accffeeacdad69ce3c220d9daa5fbed639a62
1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
20b236770c01f9b8cd4ec9c927acb7f55e4fa559fd9b41a1b5c2bd9d39d7a277
2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b
22c18b5b72825a3d32935b8e5b3ba142a414e7f746e5c8699a539205e7186040
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721
22fbbaf575b934bf1c67b8750c4322500fb7da06a68c59e1e5347b7a138d5346
247660d21012b7eed855272f346d4f88a4075e347a51fac3aabcbeee922ec599
2551865dd99b97818b4d039219dc5c2c356c9de2f9d37ab39f8a7e95abd4989a
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
2c4f432a30a63a2ec84b3840d9f21b762219a3c61dd568fe6e08ceff14470c06
2d3b45a4be3864673801baea2c3f066e1c7320bab56d3c7818d7484cf1811696
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
30a288f4b8350f8121ceab4313aa78320d3a313c7425136323191ced5b6a0b65
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
35038446d0cae0d4cf68472310f8c4e3775f84d4a6c51036fb52c1276c8a5ef9
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
3cf0a027279a8c477ae06724a704afdae7bf0c3ea4ecca10bee308be1b149789
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
466a427994880eeb4f60a72e1ce472626ff6139258fcd724110f61d9fda983ad
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fbc87a75771407325342610ece2c80083d0b735dc7da625839fde08bcf66285
4fe2f1e10ad7169b07a1fa35579e12df94c80710f138fe2ceea62d047d4da43b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50928241be05b5a5c4932449c1bc580713bf68b2238db3d4d96648ce01631823
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
541aa8107ab5589ef7f8da4481836ffeef358d9dba7a3fad482d0bda1c7f9960
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d357e59e464329ea174ee6add3631078f821d8190ff89db5546999578310d88
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
5f4201e80c122e9316411e7b8629f712eb58ca9a2dc638d4496af43b286226ec
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62997ef9963dd71a8147b9a5a1c24e66464a245bff2390b479b144a6fcc3b94a
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6555491f41d86a583aae6e38394bfe911b4e774434a17a63df50d011270b392c
65b5cbb5228409a318a772e1431591f48da58d13ee8aa9b9e20e22de9cb9fa19
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6729563a7dcd413a09f819cbd4ed5f581a3d3ebd65c52ea411d85d77067f4526
67988687e1abdb7513a40ec60f8ed45c834949e86c1c9fa76983d00590ce0da4
693a43ba2993bd6945ee91c96cdc986d8db5db50dc67aa5c6c631164cb635333
697039e7a64e2e39ed080d5f0526af5314f9f1b81eda4b4b2a09dd94dcc33378
6b2e648e27c74470e73c88199b2d17ac6c6e9ed2a2cbd0d85e47299259d2f259
6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84
73e18bfe1a45f8cb774ec7f8526277d36a113618d90ed3b6d44c713962ff26b3
741e9864cc92729f93ac6f5ec564b2362816dd629517aa5761a5caf4d430514b
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7730b08f6c5794f9ee9395e4e0c816f885bdac041d4dc892d8b3bfa8b32f83b1
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7c7f27d9302d40b6ff1364536088d17c0d862580710f07e5344d469e0fe82781
7cdaaac8c42822a2f9a477aa766f51927caf17b354cf808397b73f5d24c90115
7fc0ad2c7249978b6cbfb8b5d2fead7f0d60116cdb47bc8516ff5cd7d0941e56
80860039f446459e6f34654d02cbf2e08a038f5ebea6ee6bda37a2730ea2c415
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
812fee8364370eb24b5e585558d3b0df4785cd95a76105c9e0ab987ff8d5cd84
81a83ad8c65b893ec909609444e653b7e0be9395ccf59016e03284e0d1a13844
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
858830a2570046f6876910c915a69c236f9f7cb8e586f772c3419af5f7f1d428
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671
89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a
8edea5a8a7606d1d58b0b448d8ce414a4c4a8da6f87e9fdaa81484f7c12ddf85
8fbc4d6db87655c070a74a1a787c657077a12214a8d85da2129cdc1a7bd5d7fa
922bbc618accfdaf35e193bb5b3b0b2ff4aa9b2820eb39d8b86e2fae3782516b
96ab2c962212f8af22ffc89817fe5094db6a0d27b8cbaacd34323aa9007ca7fa
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
9c52655c1e75a0878043d63b0dead220f6e0119b4648d8a4f1db5bf3674e0c82
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9c9f87285251bbcc9a701bc74e755b0c48e1321efdccafd33c28896b40aa3ff3
9d3338b7d13e01c3eb731563bcabf5e14803ca3c81c0b26c57e0d5c105da72e8
9d51d72a2290a7370b1fc4e4428422eb4098f64a8ab06a4c03f9f005f2253bf5
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6
a0f0c84d066058cf2d62319dcc1f80f6f71bc7faab03ffc4b9cb8f36fc024b46
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793
a891b3a84a972a5adadc493a1443ba559ced5e28b5ad34707b5f206fd2f9dfa0
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
acab16b9e28b18573f526a1358b8e77e2b30505ef69639f3c3f57eac2a050e4f
ad7d15812eaa6a06c1ba50fd4e12534afa72ef234e6263ddf5d633fe1ea7a9d0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee80027210ae75f2e8fb3327baa7cb67340c226af488b7aeba254096073e4e4
af6ba1c43cbb747c782cafa6d73dbcee9ceab96ae865144138380f8a935be96d
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
b3ac7e567de8f507f3f13592e80bfe050a9972fb038699427f4ed13d85bac38b
b4e8897f617acf8c561309a5d51674bc1cbef024b66acf21ceb35ddf76a0c16b
b53431caf6daca77bf5a250d12106c4138d3cb9e792708b1e5430199e8c9b644
b5631557d4a0e8f36801f90e601b47095e63bf30162b6e10e6fb87cd87fa7ecc
b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5
ba2c36be139c306c7eb602a1a16ba8d31f40cb0477393d1cdc04a6a56e113654
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd27d79bb09370a12eff96c3313c993403f569fed18387634f8d24d2b070d522
bd4643650ef1fd81194c8ca24134b7abf5bdafa2ac5c4f24292afc26a71b0da4
bdd0f418e7490689676049a2309f560c5e0b345e6c64e3707dd7a12ee13628cc
be4783efeb04d9e88319ad016bb8e7044723c832fa5e87dd1c02029ec045d644
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c11d35a13e3b520231154fd6b15153e2cf1b57c432c7223939d78fcd8efec2ed
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c7424d2a06fdc0dc2bbaa0fec9802f2ca34aed324f7d8960bb68748336d69d0d
c9988dc8b74734b23c6f8c9163b9fbd70c6fa1fde469b264de99fbf16500f928
cad8b167abd483998bc5688d0ad86b441889ecd5e6a26af4ef13dd754183524d
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cfb9efc885f20a99b4de4a37da33b3d25262b880f14df6b13aadd0c3e3754944
d09c7e9ab90fb033006b924de33631051bd6a39e6a409254cb756b63ee8863d8
d356266cbf28b090f7fa6ee9c515390bec1aa129686a1efe76d076690d4af611
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0
d933555cfe15a931251b5c91226bbf52505d9b3d503ca6d9aff7a02042d63972
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de2189900c580d964bcb40a316b12021be3b8cad1ffca4a536c3c22205297998
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
df9ccf06ec3dca085e5d3a6661a0cf8cb4ccf2cc886f2415ef4ebf60be9a628d
e023dff186832c6a9062473e5bbadbab1a9ba3b12654fc51235a13a407ae60b5
e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40fab19fb3fe7b54e20e095695aea442893df40ac66bfaa82e0453dbe66ea5d
e461a5448b3c86bc890703e35662fd164dc6e071423b8c435728d5c36938beb6
e7103ba18461b18abe7bf4f8e973116e62119e9c952dfe67dd6fab2e8e9f556d
e8bb12b252c7ba1b0862a3d288e9a22f635400ef16c87fdb62d1b3805f6ce60a
e95cae8d40d54a66307d061c442dd08b982292891e91a92be1cb21eec8a2d22d
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
ed74e72b416728f59f50d31d28e49a600686f2305a5e01b9345f7ca614101b63
ede20041bf104095302e63753987b35d2b4bd8c1761ca246df8d7350385de315
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0637711cd180a6cb50f2882d67a419ac556e21ad9ec02ade9f5e2df2bc063b2
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f61cd997410f3ab38e9b388aa872853d030608cc9857d88fe3d122007646fd4d
f65030722e49610453f4d7ab90d76b69f151001e1f1855443b7d8bea8daac94d
f71e473c0e38d24fde08a924c53c4c642dcd2341e1057ed0bf970ec3aab30ad8
f971cb967dcad04a8841f828a2de1be5c99abec685ce5dadb449b5e36c217dee
fa290c5bd698d78e1855a34a80955ab1ba962f08b452b7d65c01c12da0abe76a
fe3c06eeffb10add536e52ac60fb6cccc3ea545d6fa16231830de8c4630d4851

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

366 Requests

89 %HTTPS

48 %IPv6

39 Domains

73 Subdomains

61 IPs

5 Countries

4891 kBTransfer

10834 kBSize

44 Cookies

21 Outgoing links

Redirected requests

366 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

366
Requests

89 %
HTTPS

48 %
IPv6

39
Domains

73
Subdomains

61
IPs

5
Countries

4891 kB
Transfer

10834 kB
Size

44
Cookies

366 HTTP transactions
5 data transactions