urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/XV1QXD
Submission: On October 14 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 61 IPs in 5 countries across 57 domains to perform 370 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 254108.
TLS certificate: Issued by R3 on September 23rd 2022. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 35.185.130.121 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
34 203.75.214.136 3462 (HINET Dat...)
2 35.186.215.140 15169 (GOOGLE)
15 108.139.47.58 16509 (AMAZON-02)
40 2600:9000:24f... 16509 (AMAZON-02)
3 2a03:2880:f08... 32934 (FACEBOOK)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
5 210.59.219.180 3462 (HINET Dat...)
1 2001:4998:14:... 14777 (YAHOO)
1 104.196.162.239 396982 (GOOGLE-CL...)
1 192.0.78.244 2635 (AUTOMATTIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.102.176.152 396982 (GOOGLE-CL...)
1 192.0.77.2 2635 (AUTOMATTIC)
1 192.0.78.187 2635 (AUTOMATTIC)
2 34.95.67.231 396982 (GOOGLE-CL...)
1 6 35.201.76.93 15169 (GOOGLE)
5 2600:9000:23c... 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 74.6.138.64 26101 (YAHOO-BF1)
1 2001:4998:58:... 26101 (YAHOO-BF1)
7 52.198.19.32 16509 (AMAZON-02)
8 2620:100:a001::4 19750 (AS-CRITEO)
12 74.119.119.129 19750 (AS-CRITEO)
7 103.132.192.30 138552 (RTBHOUSE-...)
7 210.59.219.181 3462 (HINET Dat...)
2 6 192.96.200.41 30633 (LEASEWEB-...)
9 18 34.96.119.68 396982 (GOOGLE-CL...)
9 9 172.105.199.172 63949 (LINODE-AP...)
5 34.117.219.39 396982 (GOOGLE-CL...)
8 16 2620:100:a001::c 19750 (AS-CRITEO)
10 74.119.119.139 19750 (AS-CRITEO)
6 23 142.251.40.226 15169 (GOOGLE)
2 35.227.249.156 15169 (GOOGLE)
3 210.59.219.175 3462 (HINET Dat...)
2 2 23.3.125.24 16625 (AKAMAI-AS)
4 104.105.42.146 16625 (AKAMAI-AS)
4 11 162.210.196.208 30633 (LEASEWEB-...)
2 2 2600:1f18:4e9... 14618 (AMAZON-AES)
3 3 3.33.220.150 16509 (AMAZON-02)
3 3 35.211.178.172 15169 (GOOGLE)
3 3 35.190.90.30 15169 (GOOGLE)
2 2 107.178.246.49 15169 (GOOGLE)
1 1 13.225.214.84 16509 (AMAZON-02)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
6 11 69.173.151.100 26667 (RUBICONPR...)
1 1 69.173.158.64 ()
2 3 54.239.38.253 16509 (AMAZON-02)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 52.46.130.91 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
38 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
26 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... ()
2 142.251.32.102 ()
2 2 207.198.113.86 ()
2 2 15.235.43.132 ()
2 2 185.167.164.39 ()
1 1 23.52.167.93 ()
1 1 44.197.4.46 ()
1 1 199.38.167.131 ()
2 2607:f8b0:400... ()
4 142.250.80.66 ()
1 1 104.45.178.220 ()
1 34.192.159.16 ()
1 1 54.85.143.236 ()
2 2 35.227.252.103 ()
2 2 64.74.236.31 ()
2 2 44.199.127.73 ()
3 3 174.137.133.49 ()
370 61
7    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
34    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
8e67a25c-15d7-4123-867c-bcae61492d42.t.ssp.hinet.net
bedd9837-c12f-48b4-953f-f01adb33b669.t.ssp.hinet.net
2    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
15    108.139.47.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-58.jfk50.r.cloudfront.net
img.scupio.com
40    2600:9000:24f0:9000:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
3    2a03:2880:f082:9:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
4    2a03:2880:f175:81:face:b00c:0:25de (Chicago, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
3    2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    210.59.219.180 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
bw.scupio.com
1    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
s.yimg.com
1    104.196.162.239 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.162.196.104.bc.googleusercontent.com
www.rayskyinvest.com
1    192.0.78.244 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    2606:4700::6810:fc04 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    2606:4700:3034::6815:6009 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    2606:4700:3032::6815:43a6 (United States)

ASN13335 (CLOUDFLARENET, US)
img.racingcharger.tw
1    34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com
static.wixstatic.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
1    192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
2    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
6    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
5    2600:9000:23cb:a800:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
adcdn.holmesmind.com
2    2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
7    2607:f8b0:4006:808::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    74.6.138.64 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: media-router-flurry71.prod.media.vip.bf1.yahoo.com
ads.yap.yahoo.com
1    2001:4998:58:207::6000 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
geo.yahoo.com
7    52.198.19.32 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
8    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
12    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
7    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
7    210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
6    192.96.200.41 (Gaithersburg, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
ads.aralego.com
18    34.96.119.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
9    172.105.199.172 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1853-172.members.linode.com
gocm.c.appier.net
5    34.117.219.39 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 39.219.117.34.bc.googleusercontent.com
fp.holmesmind.com
16    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
10    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
23    142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
cm.g.doubleclick.net
2    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
3    210.59.219.175 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
rec.scupio.com
2    23.3.125.24 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-125-24.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.105.42.146 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-42-146.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
11    162.210.196.208 (Rockville, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
2    2600:1f18:4e9:5a07:612d:608:b2d3:fc51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
2    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
1    13.225.214.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-84.ewr50.r.cloudfront.net
aa.agkn.com
6    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
11    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    69.173.158.64 (None, )

ASN- ()
pixel-apac.rubiconproject.com
3    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
38    2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
2    2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
26    2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)
5de7fdd3b31bc574f06d24188c635e83.safeframe.googlesyndication.com
1b451d5a6dcfee83c04085fd86c08048.safeframe.googlesyndication.com
tpc.googlesyndication.com
2    2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
6    2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
googleads.g.doubleclick.net
8    2607:f8b0:4006:80a::2002 (None, )

ASN- ()
www.googletagservices.com
2    142.251.32.102 (None, )

ASN- ()
ad.doubleclick.net
2    207.198.113.86 (None, )

ASN- ()
pixel-sync.sitescout.com
2    15.235.43.132 (None, )

ASN- ()
c.us1.dyntrk.com
2    185.167.164.39 (None, )

ASN- ()
c1.adform.net
1    23.52.167.93 (None, )

ASN- ()
cs.media.net
1    44.197.4.46 (None, )

ASN- ()
cc.adingo.jp
1    199.38.167.131 (None, )

ASN- ()
a.rfihub.com
2    2607:f8b0:4006:820::2006 (None, )

ASN- ()
s0.2mdn.net
4    142.250.80.66 (None, )

ASN- ()
googleads4.g.doubleclick.net
1    104.45.178.220 (None, )

ASN- ()
mweb.ck.inmobi.com
1    34.192.159.16 (None, )

ASN- ()
rtb.adentifi.com
1    54.85.143.236 (None, )

ASN- ()
sync.extend.tv
2    35.227.252.103 (None, )

ASN- ()
rtb.openx.net
2    64.74.236.31 (None, )

ASN- ()
b1sync.zemanta.com
2    44.199.127.73 (None, )

ASN- ()
match.360yield.com
3    174.137.133.49 (None, )

ASN- ()
rtb2-useast.e-volution.ai
dsp.adkernel.com
Apex Domain
Subdomains		 Transfer
67 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 131737
fcm.holmesmind.com — Cisco Umbrella Rank: 143686
c.holmesmind.com — Cisco Umbrella Rank: 104067
adcdn.holmesmind.com — Cisco Umbrella Rank: 132436
ad.holmesmind.com — Cisco Umbrella Rank: 93703
fp.holmesmind.com — Cisco Umbrella Rank: 132976
m.holmesmind.com — Cisco Umbrella Rank: 256990
225 KB
60 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
5de7fdd3b31bc574f06d24188c635e83.safeframe.googlesyndication.com
1b451d5a6dcfee83c04085fd86c08048.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
675 KB
40 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
ad.doubleclick.net
googleads4.g.doubleclick.net
393 KB
38 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com — Cisco Umbrella Rank: 2786
49 KB
34 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 84153
8e67a25c-15d7-4123-867c-bcae61492d42.t.ssp.hinet.net
bedd9837-c12f-48b4-953f-f01adb33b669.t.ssp.hinet.net
27 KB
30 scupio.com
img.scupio.com — Cisco Umbrella Rank: 85081
bw.scupio.com — Cisco Umbrella Rank: 139779
prebid.scupio.com — Cisco Umbrella Rank: 71395
rec.scupio.com — Cisco Umbrella Rank: 148275
387 KB
27 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 40512
gocm.c.appier.net — Cisco Umbrella Rank: 2273
4 KB
18 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 929
eus.rubiconproject.com — Cisco Umbrella Rank: 596
token.rubiconproject.com — Cisco Umbrella Rank: 682
pixel-apac.rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
29 KB
17 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 18600
sync.aralego.com — Cisco Umbrella Rank: 2910
ads.aralego.com — Cisco Umbrella Rank: 28151
7 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 78
4 KB
8 googletagservices.com
www.googletagservices.com
254 KB
8 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
272 KB
7 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18573
1 KB
7 reurl.cc
reurl.cc — Cisco Umbrella Rank: 254108
5 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205
s.amazon-adsystem.com — Cisco Umbrella Rank: 296
4 KB
6 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8566
90 KB
5 google.ca
www.google.ca — Cisco Umbrella Rank: 9257
adservice.google.ca — Cisco Umbrella Rank: 15566
2 KB
4 yahoo.com
ads.yap.yahoo.com — Cisco Umbrella Rank: 9524
geo.yahoo.com — Cisco Umbrella Rank: 1432
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
9 KB
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 987
807 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 303
2 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 e-volution.ai
rtb2-useast.e-volution.ai
1 KB
2 360yield.com
match.360yield.com
875 B
2 zemanta.com
b1sync.zemanta.com
1 KB
2 openx.net
rtb.openx.net
627 B
2 2mdn.net
s0.2mdn.net
96 KB
2 adform.net
c1.adform.net
1 KB
2 dyntrk.com
c.us1.dyntrk.com
1 KB
2 sitescout.com
pixel-sync.sitescout.com
980 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
1013 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 456
630 B
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
67 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
34 KB
2 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 101776
11 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
57 KB
1 adkernel.com
dsp.adkernel.com
541 B
1 extend.tv
sync.extend.tv
663 B
1 adentifi.com
rtb.adentifi.com
35 B
1 inmobi.com
mweb.ck.inmobi.com
505 B
1 rfihub.com
a.rfihub.com
1 KB
1 adingo.jp
cc.adingo.jp
420 B
1 media.net
cs.media.net
1 KB
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 474
671 B
1 alphaloan.co
blog.alphaloan.co
133 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 2976
360 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5285
1 MB
1 racingcharger.tw
img.racingcharger.tw
119 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
100 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 469914
31 KB
1 creditcards.com.tw
creditcards.com.tw
58 KB
1 rayskyinvest.com
www.rayskyinvest.com
53 KB
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 494
30 KB
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 713
5 KB
1 re-news.tw
storage.re-news.tw
7 KB
370 57
Domain Requested by
40 cdn.holmesmind.com reurl.cc
cdn.holmesmind.com
ad.holmesmind.com
34 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
www.googletagservices.com
26 t.ssp.hinet.net reurl.cc
cdn.holmesmind.com
t.ssp.hinet.net
24 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
pagead2.googlesyndication.com
23 cm.g.doubleclick.net 6 redirects eus.rubiconproject.com
googleads.g.doubleclick.net
18 ad2.apx.appier.net 9 redirects reurl.cc
16 gum.criteo.com 8 redirects static.criteo.net
15 img.scupio.com reurl.cc
img.scupio.com
12 bidder.criteo.com img.scupio.com
static.criteo.net
11 sync.aralego.com 4 redirects img.scupio.com
ads.aralego.com
10 mug.criteo.com
9 gocm.c.appier.net 9 redirects
8 www.googletagservices.com googleads.g.doubleclick.net
www.googletagservices.com
ad.doubleclick.net
8 static.criteo.net cdn.holmesmind.com
img.scupio.com
static.criteo.net
7 prebid.scupio.com img.scupio.com
cdn.holmesmind.com
7 prebid-asia.creativecdn.com img.scupio.com
cdn.holmesmind.com
7 ad.holmesmind.com cdn.holmesmind.com
img.scupio.com
7 www.google.com reurl.cc
tpc.googlesyndication.com
googleads.g.doubleclick.net
7 reurl.cc 1 redirects reurl.cc
6 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
6 token.rubiconproject.com 4 redirects eus.rubiconproject.com
6 cdn.aralego.net reurl.cc
ads.aralego.com
6 c.holmesmind.com 1 redirects cdn.holmesmind.com
5 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
5 bedd9837-c12f-48b4-953f-f01adb33b669.t.ssp.hinet.net reurl.cc
t.ssp.hinet.net
5 fp.holmesmind.com cdn.holmesmind.com
5 adcdn.holmesmind.com cdn.holmesmind.com
5 bw.scupio.com img.scupio.com
ajax.googleapis.com
eus.rubiconproject.com
4 googleads4.g.doubleclick.net ad.doubleclick.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 adservice.google.ca securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 ads.aralego.com 2 redirects ads.aralego.com
4 eus.rubiconproject.com reurl.cc
eus.rubiconproject.com
4 www.facebook.com reurl.cc
img.scupio.com
3 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 odr.mookie1.com 3 redirects
3 x.bidswitch.net 3 redirects
3 match.adsrvr.org 3 redirects
3 rec.scupio.com img.scupio.com
3 8e67a25c-15d7-4123-867c-bcae61492d42.t.ssp.hinet.net reurl.cc
t.ssp.hinet.net
3 www.google-analytics.com reurl.cc
www.google-analytics.com
2 rtb2-useast.e-volution.ai 2 redirects
2 match.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 rtb.openx.net 2 redirects
2 s0.2mdn.net ad.doubleclick.net
2 c1.adform.net 2 redirects
2 c.us1.dyntrk.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 ad.doubleclick.net www.googletagservices.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 px.ads.linkedin.com 1 redirects eus.rubiconproject.com
2 pixel.tapad.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 m.holmesmind.com cdn.holmesmind.com
2 hb.aralego.com img.scupio.com
2 ajax.googleapis.com img.scupio.com
2 fcm.holmesmind.com cdn.holmesmind.com
2 connect.facebook.net reurl.cc
connect.facebook.net
2 ad.sitemaji.com reurl.cc
ad.sitemaji.com
2 cdn.jsdelivr.net reurl.cc
1 dsp.adkernel.com 1 redirects
1 sync.extend.tv 1 redirects
1 rtb.adentifi.com googleads.g.doubleclick.net
1 mweb.ck.inmobi.com 1 redirects
1 a.rfihub.com 1 redirects
1 cc.adingo.jp 1 redirects
1 cs.media.net 1 redirects
1 1b451d5a6dcfee83c04085fd86c08048.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 5de7fdd3b31bc574f06d24188c635e83.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel-apac.rubiconproject.com 1 redirects
1 aa.agkn.com 1 redirects
1 geo.yahoo.com reurl.cc
1 ads.yap.yahoo.com s.yimg.com
1 www.google.ca reurl.cc
1 blog.alphaloan.co reurl.cc
1 i0.wp.com reurl.cc
1 static.wixstatic.com reurl.cc
1 img.racingcharger.tw reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 creditcards.com.tw reurl.cc
1 www.rayskyinvest.com reurl.cc
1 s.yimg.com ad.sitemaji.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.xx.fbcdn.net www.facebook.com
1 storage.re-news.tw reurl.cc
370 90

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2022-09-23 -
2022-12-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
feebee.com.tw
R3		 2022-08-23 -
2022-11-21		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-27		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-23 -
2022-10-21		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2022-08-26 -
2022-11-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-05 -
2022-10-26		 2 months crt.sh
*.rayskyinvest.com
R3		 2022-09-10 -
2022-12-09		 3 months crt.sh
tls.automattic.com
R3		 2022-09-19 -
2022-12-18		 3 months crt.sh
*.prnasia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-08 -
2022-12-08		 a year crt.sh
*.gbyhn.com.tw
E1		 2022-10-02 -
2022-12-31		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-30 -
2022-10-27		 6 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
m.yap.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-07-05 -
2022-12-28		 6 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-07-12 -
2023-01-04		 6 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh

This page contains 62 frames:

Primary Page: https://reurl.cc/XV1QXD
Frame ID: 12D415BB5804DAF3CE48269165728FEE
Requests: 39 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: B4869E04F1DC581EB5A90370EAF77F01
Requests: 2 HTTP requests in this frame

Frame: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Frame ID: 9F2BB5251E0560066C27350112502BCA
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 72B279B1FF0A886C9D5D73A22D0F7B0F
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: BA664110DA4E2D3BF1ECF1168D5758DD
Requests: 21 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: BBF4A0E8850C5A1E818A6908AEFC7B7C
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: BBBCA0B7C08A341D186E1516504678DF
Requests: 19 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: D8FD4CF97CF027EB6961C060BEB11B2F
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: DE72D961BAB70CF94EEC37358C669614
Requests: 16 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 1B98BBC2E12769D9F3A160F249733C2E
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&CFFPCKUUID=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Frame ID: 4D36E3C7247F3B34DAC383CACD126D93
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&CFFPCKUUID=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Frame ID: F87E889F5F7C6A0A30944815F5B98B1F
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&CFFPCKUUID=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Frame ID: B2EBB459CC0D8ED444C060A699A2D102
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: A02E54BBC4FE130F3A16BCF1AFDBB712
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: 560008D76F4C33F516D783BCCB8FAF08
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: FA133E1508E8FE58FB5A9AF2612808B9
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 6B79D2013D6298328253F5B789C0D5C5
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 73F0F2E9ED2D9E586336417C3F495837
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 53ED11E47188DB06F934C44AEFAF626B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 263BC12F4A87182EE7DDD0253C0D18B7
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: EDAF5BB99E239D1F01C847477CD45EDA
Requests: 20 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 2FC2C9A67FDECAAE9A4F0A6C47250103
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 8B6AEC12841FF35F67EF10990A3C010A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 05BBC3F2EF716C87A0E9DA24B7A7E4CF
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: B425A023251960E5C5EE39C0EAD0709E
Requests: 19 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: A4CE9BCBF8B8C107DAE4E14C9B9818A3
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 007F11F7AC128EE88D399738D5601CA7
Requests: 2 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&CFFPCKUUID=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Frame ID: 91060C08A9D87EB2DE4626C774D6C04B
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: CBFFCEA952DC5B087F3098822AFDF996
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEC3IQXmQn9xNZNRnZLKgJZM&google_cver=1&google_ula=3918219,0
Frame ID: 3FD99521C1A870041306257D43198722
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: D2296C84878A635169EAD8BDFD06E9B9
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 1730DCE43CC6CE727B36F0A8A154211E
Requests: 2 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&CFFPCKUUID=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Frame ID: 28CF89AC105482979F7996FC1BA8E1A4
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 174A66771C6277E9E9F5007030C5750A
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEC3IQXmQn9xNZNRnZLKgJZM&google_cver=1&google_ula=3918219,0
Frame ID: F321198531E8214B3C965AED58CF143D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 3F457F28CC9A07E96A2FC3D71DFA351A
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: F7667A795A55584C204B551395DA94D0
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 1400CCC7E51EC11F362F36B44EBF3AED
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: EA2BD116F69009BD303E4178A0BE9681
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 9A3C8E4AD29EE0279B45998467BCC846
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 1970774F9C627E77F54BEC5325802DAF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 45CDF4AAEADACA1428C604431AF2CADE
Requests: 7 HTTP requests in this frame

Frame: https://5de7fdd3b31bc574f06d24188c635e83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: C1DC08EFC4CA54609F68E06DE2103531
Requests: 1 HTTP requests in this frame

Frame: https://1b451d5a6dcfee83c04085fd86c08048.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: DC862E011A07C66D50B488A331F9EE56
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394196&bpp=15&bdt=367&idt=254&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=2&ga_vid=1968788312.1665716389&ga_sid=1665716394&ga_hid=1702346906&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1487083813&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069972%2C44774292%2C31065825%2C31062930&oid=2&pvsid=4289689248345994&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.84mlsvcc88xn&fsb=1&dtd=275
Frame ID: 08D0E83D2D9B65640898968E9E52DB8D
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Frame ID: 85DAA00A382ED5AEC4CB6459C6AE57E1
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1FFA8B6D95C808809579BE3198573540
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 13395F296DDDBD7B9070F7C4A150DC19
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD610E5844FF95F3EB358CB3484B96C7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 16AD4C7D10D5272FD53450BFDB540403
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=4286046256;ord=38aemi;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCznA1qtBIY-GyI-HtxtYPzfOSoAnXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CbQ0HzQ4_uBeyXoj7UtLdZSsr98bnPOtDgkJ6gb-tdF_4SJ_7Vx0jtodPNMWUo_X_JRJNT16tYv41k3PrA4mPXTqXO2-g9p_qz5biqDzpFKrH1qxad4PYsqfpNHLkzGz1uXp-ISaqWnjRD0XApUUBJ3AuzVR4VOn8IVCjNkzuGRex3jdq9xjG1mxwSz51j7vP93BlSO4c5vmbOLhCjgmAAh95QQkk7Bnu821fH_tuvoxA6JyuqXSeOBLW2RAzSBtHnpka1ajJV7yIPv6erwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3GuLrmZgsPWCZvELZrajoL7ebRsA%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=83;prcl=s
Frame ID: A060D500729DE6E5952BB64C8C2D997F
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 388ED8D164225320B71F4672971CC09F
Requests: 9 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1117177279;ord=lv4s57;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DC8yScqtBIY8TmIYWZxtYP5Ne14AbXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CQlgBSohFzy2wXTo3pSSp8zUSbgDp2NowA4bCJYVc1AIu9V94cyUvblIMHB8-c9yBBylYtMCSvPldDoSc9XSt6VNj3Yn1sH870FhpasmmmGTXb1QU5t_RhYbmwMUOw_9hWllUTyrZTeD-g1QM4fpD7ZoOlcmq_mIJ_RwIaKGAgaX8DKPi_0LQl2yjHr3y-aeWbbXm7ujR5RoQPfMgE70SlPsoefxysY6vuGoY68XTKCSYPMm8bS8Tsn1EVPlrN6B1rUh4h1scoTFAjAksdwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3Xnrliu5if6exTBUaPPASGBf-WhQ%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=103;prcl=s
Frame ID: B401D862D6CAE3E9476995CD998774C3
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 48DF77EA15AD9CE7CB09828B98ACE56E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5B3DCA49BB88C5FC3098D2AB94AAD3FA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BC6D9A2A1AB0FA332473944836CDABA0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
Frame ID: D1B19F26817E563600E6DE4A7C149D3A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
Frame ID: D9CFD6D9D9B91F84CCE32B6649DF33EF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7A09727D9667CB566B1996BCDE3BC395
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 93444366153AB3FFE6F35FE623BA03ED
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EB1A16E2E570FFACB31F67198ED89DC8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5ACD2EB429E27BB8B272DC1F9B0A916F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ING

Page URL History Show full URLs

  1. https://reurl.cc/XV1QXD/ HTTP 301
    https://reurl.cc/XV1QXD Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

370
Requests

87 %
HTTPS

35 %
IPv6

57
Domains

90
Subdomains

61
IPs

5
Countries

5034 kB
Transfer

8954 kB
Size

58
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://reurl.cc/XV1QXD/ HTTP 301
    https://reurl.cc/XV1QXD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 87
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=1lFq8qQeB1WHz3hRp9BIYw
Request Chain 88
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=aqwms2NKByuGshwQp9BIYw
Request Chain 100
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
Request Chain 101
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=kjwRl5jUAF6IqB6Zp9BIYw
Request Chain 138
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=fNxwF3xDcER1ZlVtZm5IaU9PVUJtQlhTb0JTbGtiQ0RBSWdRenBvTlNQZUY5aTQyVis0Mzh0SHJMdkY0UW1NZFQ4NjZiNithSEhRYVR2bzhOS212VVhsYWx4aWlQeEQvamNLaFlQaEpSdmt2UFFLcWlkZUgzdUdCS2FLcWdDQjNhRzFDNHNVbGhOaFBYUFh6d3NwRWd1VnJFM0dtMnZkak5nOXdDUm04dWdJOXhKVEthSThqS2xCWS9PTEJTVWtIQ3NIMDdKN0UvbkczbUJXMFlRVDBnT0VpWFhjWkdQekVZMXI0cCttTm43SFk1ZTBxVWYyTG1ZcGt4Znl0dm1uZWEyZlpRT1YwMDgyS2RNMTBEUlpTa1F0VWYxQT09fA&cppv=2
Request Chain 139
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=wa1YN3x1U3NkWEU5bWZmV0pvN1dETy9DbVlhOGxqbUFkaE9pN0pYUi9ZbHVneVlwUDFrWFNFdW1Jd3FGd1pESXQ3MVFLTUJacCtSY3AvUTZheEFlQnlxMXNQa0w3YUkrT1Y4aERocHM1c1Z0TWRaU1ZZeTk5MlJVanRkMW1pbmpRSitZRkliSE5HbTRTZGh4QWtkUGtlOTR5N3FWeFNhUUwzdFZ0U2Ewa3NESHVnWjAyRXVEN2IvZVJvY1BmRmdYS2tVQ3ppMlcvZTFaWWJPai9ORlFZSVJKNDVTc3BYSGNaamJOOXJCTlEvRjBDRzIxek5IMm9MRkw1LzhZNWZHeUtaeWtGTmdpZnB1SjJuWWIzNFhDRmVPYWU4MzRpU0tRR2FFNitvWTVWM0psSEs2ST18&cppv=2
Request Chain 140
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=_9x12nx3SFlHQTBMUTgrU3htVmtEWTN5TWUvNWFGcUNhS3gvdDdMUVU4UmgwbzBNakRDL0RsRGJ5Nm5FUUxqaEx0QjdKWE9LcGtGMHJHZmttZGx2WDlQOGJBZEhNSDJlbTF3VldkMXAydXhjMVp5TTUxNllRbUN2UjNZaWlYUGJzdWRGUHZsNnhmR0tTTGdDc0RpTThOeHRSYnNqMUlpVmdld3lvdk8wRldWaTFkdE1Da0l3NDZDQklDQjRBeHpDbjJwbTkrVEdXUFl5ZG5BeTlJTzZRRUpFV3IvbGRuVWlkeFo5NEZ6QUtYQkdKTnpNS254dkhZdmRxWDhOS3JneWhPNzNXNVo3NFA1OERMeFpoTVhiWjJ0YzBlSmRCR0JIdFgxbVNSNEx4cHQ0cDNsbz18&cppv=2
Request Chain 147
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&uu_m=undefined HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&uu_m=undefined&google_tc= HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&uu_m=undefined&google_gid=CAESEK2k4dfSahIpWl2MC2gC8Oo&google_cver=1
Request Chain 162
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&uu_m=undefined&google_gid=CAESEFLHHkRLvjbNZdJFr7m0sek&google_cver=1
Request Chain 172
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=dUtqVF9rZSUyQkh4R0tQaXF1Q2Fxd2NHUEViODBVMllBVDBsZWZ0VVRGVDB6ZUlTTkdYR1N4JTJCbXozekdzQ3lHTERsejgwNnJmWnJGVE5PNnZoeW9CUVBlTXlCR0pvd2E5eENHQlFPSnU2SE9SVFBDbENaSjhraFBqR2ZKMTRmOWFkOVp3aTRxRDByN3olMkZTRDNOb1ZDdzNUZCUyRkhKZyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=7daSKHx2dFZlVTBlbWFvaVlFNG5lbEFESDBSMzVNcG5uRzNobDV4M2ppR01UeUpWVnMrSzBMVStIOEEzU2NWRTJ4WGljbm1ubnN5dzhicmVodkhUbThuaEtzdWtuZUZFUnhpeWRSRXhOa01VWGNHZ0k2MWtCUXVtd3pVY1hxRk5qSUh3blM5Mm9IS295QzFqbDExRWJ0akZQaVZUYnN5emxlNkU2ZERuZnhkZGQ4eG1ZR2RXQXF2dEJJY05oNjF1blNDTi9ybVkxdWxDdUo3VUZxR0Q2VXU5VjBLcGtVZlQ1dWVWd3VaZzByY2I2Rk13dEYxNE4rd0xYT1R1Yy96OGlQTDJuSTMvbU9zN3FGbVpCS1FlTlVHNXo4QT09fA&cppv=2
Request Chain 173
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=dUtqVF9rZSUyQkh4R0tQaXF1Q2Fxd2NHUEViODBVMllBVDBsZWZ0VVRGVDB6ZUlTTkdYR1N4JTJCbXozekdzQ3lHTERsejgwNnJmWnJGVE5PNnZoeW9CUVBlTXlCR0pvd2E5eENHQlFPSnU2SE9SVFBDbENaSjhraFBqR2ZKMTRmOWFkOVp3aTRxRDByN3olMkZTRDNOb1ZDdzNUZCUyRkhKZyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=qDCK2nxpU2dBMW5KT3FvWnNhYnd5QVpzRDllblYrSjBlell4WmYvaHNHRzJEcVVWajZkZEczZUxzN2s4WnRLeWU5TWNhTXZMMjIvTTFmTmdjQWRJMEdFdGVPYTh2aUE4aExZTGw5cXB5ZmZMY2dNc28rOU1RMXNLU0dZVU5JR3cxWG5MTVJaQzRlTy85a0EwczZxMnlRdVB2WDhJZGZXK09pcHg5RHlDTEMwS1liWkRBQ09GNG9zOUFIRXMxYmFYbXRITkpvUDdjUHdoZ0FmWHR1ZXJHZnVkRTBWQitnelpmcjdFTUdNdWRBY1lTZ2pCV3kvWmhiVFltTGkwSkhHM3VOakowL0VUMSt0S2J1VUR5b0tqQmh2VGJJQT09fA&cppv=2
Request Chain 188
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1RBMjAyMjEwMTQxMDU5NTI3MzgyMA%3d%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEC3IQXmQn9xNZNRnZLKgJZM&google_cver=1&google_ula=3918219,0
Request Chain 191
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 193
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CTA2022101410595273820 HTTP 302
  • https://rec.scupio.com/recweb/uxid.aspx?id=496989d7-73a9-365f-b6b4-74e9af5d1698
Request Chain 197
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=eyGpd19rZSUyQkh4R0tQaXF1Q2Fxd2NHUEViODVUUjNlVVpIcGclMkZmUTBsamhxJTJGeVZxY24lMkJuTWFENUlwSkI3MnZ6alBuazZaY0FOVnU5RnF3cVZJVDJWSnhiZnRkdTFWQ3dsVzgwNzBMJTJGR3Zmd0lnSm5aR29UWDM1a3kwcWRDTUkyN2hhUFdtJTJGNnd4VlQybzRESE1wUHNQJTJCRGR5USUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=0D4XTHxlbDFXZHU1WVV2TEJET3hRazg4TUZGeEViL2NVUi9uUU0rNXlFWXZWanl4ODh2azZkVlBGVTcxN0hHOFYwYnJDU3k1Z0JicW04dVJ0YytLYU1aTnBQMkEycDdaRHZsWW1NcXNScGxFUmNMdnZ4aGY4VEhvdnpFVTgrRm91OGRmcWl6ZXZxVzczcUF5WGpuK1RLamJpNlE2cjlTMXRxSGtFQ2FQQ0RpWVRlNnQvQit6Y3VmbTVWWTY0WTVoSnd1VnhqUFdwQjFNNnJrcGdxUzJIeHVBQ1dET1Y2Qm1NMFdnRGdKcmd2RUFidk5zVmM5OUp2bUhMWENOenJ0NWNpRm0yUEdXNmpOcXYwV3pRR2c2NXVWRlZpdz09fA&cppv=2
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0lBMjAyMjEwMTQxMDU5NTI5OTM3NTY%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEC3IQXmQn9xNZNRnZLKgJZM&google_cver=1&google_ula=3918219,0
Request Chain 202
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 204
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CIA20221014105952993756 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/496989d7-73a9-365f-b6b4-74e9af5d1698?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-V_7BGoFE2oXSu8il8viNSDlJ6z4lGgTrPf.qsrg-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=40119fd7-2a7c-4b79-8553-8cb8561cec75 HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=496989d7-73a9-365f-b6b4-74e9af5d1698&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=496989d7-73a9-365f-b6b4-74e9af5d1698&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=668a335e-574c-4de9-8572-33609c7eb8db&ssp=ucfunnel&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10610058510660471703&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Ducfunnel%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10610058510660471703&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Ducfunnel%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=e1872ca5-f179-4c9b-82f9-2a7fe20cbe64&ssp=ucfunnel&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10610058510660471703&ssp=ucfunnel&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213800604304002460190&ssp=ucfunnel&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10610058510660471703&ssp=ucfunnel&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=668a335e-574c-4de9-8572-33609c7eb8db
Request Chain 209
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
Request Chain 210
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
Request Chain 211
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
Request Chain 218
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 221
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=L97WJ767-1R-5CUJ HTTP 302
  • https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L97WJ767-1R-5CUJ
Request Chain 224
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 228
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=40119fd7-2a7c-4b79-8553-8cb8561cec75&gdpr=0&gdpr_consent=&expires=30
Request Chain 229
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Yzc3NTc1N2RjYTg2MGYwMDNhMmFhOGQ5MDY3OTE0ZTNkMzRiNzU3OQ
Request Chain 230
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3V0o3NjctMVItNUNVSg==
Request Chain 231
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=snSPEbYHTIWxkAsaW2yJDA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=snSPEbYHTIWxkAsaW2yJDA
Request Chain 232
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L97WJ767-1R-5CUJ
Request Chain 233
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/m4Jbp9Y3sS70fkSeUTyq-8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2556372363546193191
Request Chain 234
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO1zzr5EjZKQX4P313eSBOI&google_cver=1
Request Chain 235
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=voHoGQ2VQSG-v49K1dSdGg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=voHoGQ2VQSG-v49K1dSdGg
Request Chain 270
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ovdYWXxtNS9BYit5cXQ2WnoxaDJnT1p4amJnMWRkTDgzMXRWRWVsN25rNklEQzJ0OTFpWmE3a054Ly9LVXlXZUlnQzZSazFrVXJPbXViN3BXR2tCMVpxTHZ6UG5WRGhURjBmRFVGVVZrN1Qyc1ZTV2NCTEtLTVBDbi9mSnliR2R6cmxSTWk2NUxYS244NllFY1pMRmZsMDBWSVg4R0lucndKVEF5dUVnb3NuVEE1Y1FQQ3dRVWtlQzIrS0RuMTc3ZVdvSXRWYnp0OE43VGtnY0gxQWtFWFc5aTBJNjdiZm1oRk9VOTF3VGJURGRjK0tkYnpRUkpyYTRnM2c2ZisxVkNLVVB1OWQxVHVQMG53TkRSbzl1WHZlamVKSW1nVkRwT2pxRXgwWCtNblRqRURDbz18&cppv=2
Request Chain 288
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=YJiwT3w3U2dtTVhDMFRlZDJBRnVxVWQwaUFEVjFCc2I3dE92cm85VnR4c3A5T0tydWhxMVhLV3dSa3Rub3VIdVQyMDh6Q3ZBYlZPenFYejlWaXV1ODY3bjI0L0grUmpEY3BvbmVJVEh3cVRPMkJvL2I2REQ5bFdNMGlnclRRNEx1dFdubDhVeXh0V3J6WnNlUXk3d01ZODBVa0wrbVlVdzd1N0pPaENxeGhxelM4a0NwSFBBa0hZNTNUYU9saUlPYWVzdXN3VHZ1K1ZlQUFIYlRrUVdpMGhEOFNrUWliVWg4SUdRY0RwS1V0VmZMVFVDUk5EY1FBc1VWWS9naDBHSFJkZG1DMXl0VUlKSHBtTWRSS3E5WUtYc01WMUxVZy9uMmRLc2p5T0lqUkVVTU1Cbz18&cppv=2
Request Chain 313
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEAENQhFbD6_kmMIemAbo8Gw&google_cver=1&google_push=AZmPxg_WRKES_j3dX6DpQnGC17a6RlN1AXPdaEgD9derE0aq4tAkEs2LQVtMRAnjPiSyKWS2ZQHcp2mICBh-X74vVsRZWt-1bOINBw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_WRKES_j3dX6DpQnGC17a6RlN1AXPdaEgD9derE0aq4tAkEs2LQVtMRAnjPiSyKWS2ZQHcp2mICBh-X74vVsRZWt-1bOINBw
Request Chain 314
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJTZTXmESq_1M5GUpzL0Ufc&google_cver=1&google_push=AZmPxg_ExWbhOstDS9YegEAMDJXDc5Uz4rCo4urkab8l0mefAIGJjFMF_WAFQKPQJvw9nANx2xCvyak3SP4SA6bIS3QkcwXXeDyq2g HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEJTZTXmESq_1M5GUpzL0Ufc&google_cver=1&google_push=AZmPxg_ExWbhOstDS9YegEAMDJXDc5Uz4rCo4urkab8l0mefAIGJjFMF_WAFQKPQJvw9nANx2xCvyak3SP4SA6bIS3QkcwXXeDyq2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=wJVQhnwSTs6PK32CvfYEx2NI0Ks
Request Chain 315
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEO8AQqwabFapi2uEv-In4u4&google_cver=1&google_push=AZmPxg8hTx0-qvkeZ2LH15toFay6aOLNxbCaFE01Sz6bVkdSm3vOWfQf7ewUbvhbTLwxoodlO_fMxS4GzrkBMORreGfOrG0cV9flow HTTP 302
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEO8AQqwabFapi2uEv-In4u4&google_cver=1&google_push=AZmPxg8hTx0-qvkeZ2LH15toFay6aOLNxbCaFE01Sz6bVkdSm3vOWfQf7ewUbvhbTLwxoodlO_fMxS4GzrkBMORreGfOrG0cV9flow&prevuid=04030002_6348d0ab413bd&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AZmPxg8hTx0-qvkeZ2LH15toFay6aOLNxbCaFE01Sz6bVkdSm3vOWfQf7ewUbvhbTLwxoodlO_fMxS4GzrkBMORreGfOrG0cV9flow&google_hm=MDQwMzAwMDJfNjM0OGQwYWI0MTNiZA%3D%3D
Request Chain 316
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJRHnd8XxcJ4WOGU4UsD1wg&google_cver=1&google_push=AZmPxg_76cpo2HKCvE0F11SXUeKEhQp23N5qCvXTgW9CM_hFuZthiZrtqErz_lV8zqvVpUlHJhOqNGMmNfd50i5tcyyPKcpj31z5lA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJRHnd8XxcJ4WOGU4UsD1wg&google_cver=1&google_push=AZmPxg_76cpo2HKCvE0F11SXUeKEhQp23N5qCvXTgW9CM_hFuZthiZrtqErz_lV8zqvVpUlHJhOqNGMmNfd50i5tcyyPKcpj31z5lA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEwNDkzODEwNjc1MTAzMTAwNQ&google_push=AZmPxg_76cpo2HKCvE0F11SXUeKEhQp23N5qCvXTgW9CM_hFuZthiZrtqErz_lV8zqvVpUlHJhOqNGMmNfd50i5tcyyPKcpj31z5lA
Request Chain 317
  • https://cs.media.net/cksync?type=g&google_gid=CAESEO1ZwoQbLS7DF2J67NMj05w&google_cver=1&google_push=AZmPxg9KPu3oBjbEACDQWsbPwzosu7PRLWGdiPGM05vktpe7vhaoIf1zlrEJo8ypsbpBSVB1dq18jEVw5nk7RMSMBz4GfwufkwFBtw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4NzE3OTk1MTQ1NTQwNjAwMFYxMA%3d%3d&mn_hm=MzA4NzE3OTk1MTQ1NTQwNjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9KPu3oBjbEACDQWsbPwzosu7PRLWGdiPGM05vktpe7vhaoIf1zlrEJo8ypsbpBSVB1dq18jEVw5nk7RMSMBz4GfwufkwFBtw&gdpr=&gdpr_consent=
Request Chain 318
  • https://cc.adingo.jp/adx/push/?google_gid=CAESECnZkE68RBthug04M-yxEOM&google_cver=1&google_push=AZmPxg8-_ySveu1HnWSvkNbwQpay5xnhLTesWoBy5dVVi2Vt-bSxiJ0zFGEZHouUiHy0I2T4JY775VuIEuYHB6VrAcgGj4iYIPEiWQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg8-_ySveu1HnWSvkNbwQpay5xnhLTesWoBy5dVVi2Vt-bSxiJ0zFGEZHouUiHy0I2T4JY775VuIEuYHB6VrAcgGj4iYIPEiWQ&google_hm=def9a84b659e32e4b38edf76d41dd1b7
Request Chain 319
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEA5efQAgjFoTcl0brIe7Ca4&google_cver=1&google_push=AZmPxg9AIYyCB4ZImkO2Xv6sMlIYB8mW2EdteMG5-AugkkE1XXotX7LGUNUXgZREwPrIFDg8uAHEKjY5xzzyfhL00t7yNvD4O820Pg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg9AIYyCB4ZImkO2Xv6sMlIYB8mW2EdteMG5-AugkkE1XXotX7LGUNUXgZREwPrIFDg8uAHEKjY5xzzyfhL00t7yNvD4O820Pg&google_hm=NTYwNzk5NzM0MTY2ODQ4NzIyMA==
Request Chain 333
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEODY2vMGpgzx1sUzOzH6sKI&google_cver=1&google_push=AZmPxg95aiUfaqcTJ43Mqip70P8tkFXSgt5G2D9W-M_M68J16JfTf2UkJn2SIB4hkrxD3vQ3D_0_OQTHwp4Zlz6qeo52wmWVQSg2I35_rzDlAa939JdmHvtW3c60DwWZIQJ-AcKeJ6hwZm067qTjnDONLkI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NjY5OTg1MWUtYjU0Yi00YWZmLWFlM2MtYWIwYTkwNDZhNmYw&google_gid=CAESEODY2vMGpgzx1sUzOzH6sKI&google_cver=1&google_push=AZmPxg95aiUfaqcTJ43Mqip70P8tkFXSgt5G2D9W-M_M68J16JfTf2UkJn2SIB4hkrxD3vQ3D_0_OQTHwp4Zlz6qeo52wmWVQSg2I35_rzDlAa939JdmHvtW3c60DwWZIQJ-AcKeJ6hwZm067qTjnDONLkI
Request Chain 335
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEHYWso-8l9I-WQ0_zvi36uk&google_cver=1&google_push=AZmPxg84g7FJy6KVmxPVOCUnwgJ1BSS0O8pUhddpqBfkebTRkmtBqQqinY7xVknLT9V7q4l-hsN4GrbNbmZKMDJXKAb1zfrsb6JxfCxiVqwx39OqtUx3r_JymH2T60Dlkacb0Jx9Qdiwgee5Air6RiD13Lo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AZmPxg84g7FJy6KVmxPVOCUnwgJ1BSS0O8pUhddpqBfkebTRkmtBqQqinY7xVknLT9V7q4l-hsN4GrbNbmZKMDJXKAb1zfrsb6JxfCxiVqwx39OqtUx3r_JymH2T60Dlkacb0Jx9Qdiwgee5Air6RiD13Lo
Request Chain 336
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOBHmBzf0KmZBvOqQzlLtqY&google_cver=1&google_push=AZmPxg89fJuRGFlCFCSMmTodi4Eb7AJnmqP-k0xhtBtEX2Rvt4p2LiH_8y8Mp9aH1ZtShUHh7MimAJdqmrpC-vX6hPWXQsJTC6GKHWDB7XLt04x2S9uLbd8fFb0vzPgFDQ8X8FE0bZUiM8qQjvG1v8gU-A HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOBHmBzf0KmZBvOqQzlLtqY&google_cver=1&google_push=AZmPxg89fJuRGFlCFCSMmTodi4Eb7AJnmqP-k0xhtBtEX2Rvt4p2LiH_8y8Mp9aH1ZtShUHh7MimAJdqmrpC-vX6hPWXQsJTC6GKHWDB7XLt04x2S9uLbd8fFb0vzPgFDQ8X8FE0bZUiM8qQjvG1v8gU-A&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg89fJuRGFlCFCSMmTodi4Eb7AJnmqP-k0xhtBtEX2Rvt4p2LiH_8y8Mp9aH1ZtShUHh7MimAJdqmrpC-vX6hPWXQsJTC6GKHWDB7XLt04x2S9uLbd8fFb0vzPgFDQ8X8FE0bZUiM8qQjvG1v8gU-A&google_hm=FFBendpFzQQnVRrveO6g_A==
Request Chain 337
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEwt3zZxlN0k5J6qTc26kkw&google_cver=1&google_push=AZmPxg_hb0QuxGa7QRtyfRtdJnfJy--f5u0rj22wE_maFI2DIbxg3wowQOePppLgUOqmWcArEurQEjgPnz-AtEzmtN9htCKzaL4W6PTlec5_fWPgYygRV35SMhUnQAuCfb_fxZR1jAqMS5EEfuRu0sGntjE HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEwt3zZxlN0k5J6qTc26kkw&google_push=AZmPxg_hb0QuxGa7QRtyfRtdJnfJy--f5u0rj22wE_maFI2DIbxg3wowQOePppLgUOqmWcArEurQEjgPnz-AtEzmtN9htCKzaL4W6PTlec5_fWPgYygRV35SMhUnQAuCfb_fxZR1jAqMS5EEfuRu0sGntjE&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_hb0QuxGa7QRtyfRtdJnfJy--f5u0rj22wE_maFI2DIbxg3wowQOePppLgUOqmWcArEurQEjgPnz-AtEzmtN9htCKzaL4W6PTlec5_fWPgYygRV35SMhUnQAuCfb_fxZR1jAqMS5EEfuRu0sGntjE&google_hm=VTRfTS1PaHo3ejFNQ1FSUlRYMXo=
Request Chain 338
  • https://match.360yield.com/match/ebda?google_gid=CAESEGjNs3C6dhRCIz5zBNND_qc&google_cver=1&google_push=AZmPxg9SOpqqddONR6ro9IxKazKBTLa4rE8irWIjKv4OFT3HRY6JS3WWIG3dqpEgcnEgSidOI9dQSKv53NghZU6S4gGRVKLDiiA-NEU3iGQfN40Ju6edse1kn0YaJAcoapCjITT5jsQwdYCZsj1-468aQg HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGjNs3C6dhRCIz5zBNND_qc&google_cver=1&google_push=AZmPxg9SOpqqddONR6ro9IxKazKBTLa4rE8irWIjKv4OFT3HRY6JS3WWIG3dqpEgcnEgSidOI9dQSKv53NghZU6S4gGRVKLDiiA-NEU3iGQfN40Ju6edse1kn0YaJAcoapCjITT5jsQwdYCZsj1-468aQg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=tADezQi5SiiKlZ-t7E6ymg&google_push=AZmPxg9SOpqqddONR6ro9IxKazKBTLa4rE8irWIjKv4OFT3HRY6JS3WWIG3dqpEgcnEgSidOI9dQSKv53NghZU6S4gGRVKLDiiA-NEU3iGQfN40Ju6edse1kn0YaJAcoapCjITT5jsQwdYCZsj1-468aQg
Request Chain 339
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEJsyFjLYTe0KLEHPGepzFSA&google_cver=1&google_push=AZmPxg-vy4vryqbwKki9tQq2mjZWpsjjcXDbNXKJcHkCEoQZ3G5-xXaIO5lWOPtmtGgRCAFh0Cf5tTy5B6Xnt1_lkXJdumdIxx_6N1QYkMPFCxMjWr2RDcemlU0sTdfRAx6VKiNtKgzvRXVijmPNCjdMzj_H HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEJsyFjLYTe0KLEHPGepzFSA%26google_cver%3D1%26google_push%3DAZmPxg-vy4vryqbwKki9tQq2mjZWpsjjcXDbNXKJcHkCEoQZ3G5-xXaIO5lWOPtmtGgRCAFh0Cf5tTy5B6Xnt1_lkXJdumdIxx_6N1QYkMPFCxMjWr2RDcemlU0sTdfRAx6VKiNtKgzvRXVijmPNCjdMzj_H HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A1418115485428064156&exchange=193&google_gid=CAESEJsyFjLYTe0KLEHPGepzFSA&google_cver=1&google_push=AZmPxg-vy4vryqbwKki9tQq2mjZWpsjjcXDbNXKJcHkCEoQZ3G5-xXaIO5lWOPtmtGgRCAFh0Cf5tTy5B6Xnt1_lkXJdumdIxx_6N1QYkMPFCxMjWr2RDcemlU0sTdfRAx6VKiNtKgzvRXVijmPNCjdMzj_H HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE0MTgxMTU0ODU0MjgwNjQxNTY&google_push=AZmPxg-vy4vryqbwKki9tQq2mjZWpsjjcXDbNXKJcHkCEoQZ3G5-xXaIO5lWOPtmtGgRCAFh0Cf5tTy5B6Xnt1_lkXJdumdIxx_6N1QYkMPFCxMjWr2RDcemlU0sTdfRAx6VKiNtKgzvRXVijmPNCjdMzj_H

370 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request XV1QXD
reurl.cc/
Redirect Chain
  • https://reurl.cc/XV1QXD/
  • https://reurl.cc/XV1QXD
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0b6c3e5df8388146496673ee845ff72c55c2ee26fa131e0e21f08608165d5eb5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 02:59:48 GMT
server
nginx/1.18.0 (Ubuntu)
target
https://mustardinkstudios.com/wp-content/plugins/wp/
vary
Accept-Encoding

Redirect headers

content-length
42
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 02:59:48 GMT
location
/XV1QXD
server
nginx/1.18.0 (Ubuntu)
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17861864
x-jsd-version
4.3.1
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19143-FRA, cache-yyz4530-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzVWAhh18Yi7JQq7i7CqLlAHdZEmkPCwKTTNsjGnnURtImRuJRw2qShAgCFVAUx3Cb4LCiq4ZGdZenh2u%2FWbqps9evDl2dAgImHvOT5tgDbOkM9GyJ2FMkv76r0S08JXHsm2xvTi4K%2F%2Fa%2FwQIXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
759d0fa73ffca217-YYZ
style.css
reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/XV1QXD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:48 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-9f6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Sat, 14 Oct 2023 02:59:48 GMT
pixel.js
reurl.cc/javascripts/ 		429 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/XV1QXD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:48 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-1ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 14 Oct 2023 02:59:48 GMT
utag.js
t.ssp.hinet.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 14 Oct 2022 03:09:50 GMT
ysm_reurl.js
ad.sitemaji.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_reurl.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 20:24:28 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 20 Jun 2019 08:48:16 GMT
server
nginx/1.12.1 (Ubuntu)
age
23721
etag
W/"5d0b4850-4488"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5880
expires
Fri, 14 Oct 2022 20:24:28 GMT
ad.js
img.scupio.com/js/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:55:41 GMT
content-encoding
gzip
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Sep 2022 02:16:55 GMT
server
nginx/1.12.1
x-amz-cf-pop
JFK50-P1
age
249
etag
W/"6327d117-12f95"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=900
x-amz-cf-id
ZL2jqibegRiU_EIIKB3xu0qTTwAgV5N9Q5wW-wdZ6eh4jKDTtjKH0Q==
expires
Fri, 14 Oct 2022 03:10:40 GMT
init.js
cdn.holmesmind.com/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Fri, 14 Oct 2022 02:59:22 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
28
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
3UVOeWbYcKtyeb1CWpNOSe1iaTRatywd6cVLWaXfHMd2-aaNDGWPnQ==
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17861768
x-jsd-version
2.5.16
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19174-FRA, cache-yyz4525-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiZXaf8SGFwrej%2BHiri98nQgyPx30xhn6iaTKet%2BLFNIG2W%2FGuroYbKVMFe2DNalGKBgdsMrnMoFB0zmoyXU%2F7fcqinfnzEtayBzRlv1wwVJ%2BjtG%2FOf879%2BwcWRZwxCYUufIBXiiZddtJHfmdH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
759d0fa73fffa217-YYZ
renews.js
reurl.cc/javascripts/ 		412 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/XV1QXD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:48 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-19c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 14 Oct 2023 02:59:48 GMT
loading.js
reurl.cc/javascripts/ 		134 B
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/XV1QXD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:48 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-86"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 14 Oct 2023 02:59:48 GMT
ga2.js
reurl.cc/javascripts/ 		536 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/ga2.js?v=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/XV1QXD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:48 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-218"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 14 Oct 2023 02:59:48 GMT
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f082:9:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Oct 2022 02:59:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26852
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
FZIh5Y9Qo6l+1t20VnCeAoH+NGHVeOaipfoH0QQsPgNytECFPxHvmBaM4mDamKHuwivk8bstIk/ZzzwqKSV5dw==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
page.php
www.facebook.com/plugins/ Frame B486 		15 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f175:81:face:b00c:0:25de Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e0f09bd69cf2420bd8c91961c8e640a042147b6ee30743d4a6f85d8295c1d0a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 14 Oct 2022 02:59:49 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
o2ES1Uy0Wt0khZ9kJ3IDthWYRjPo8dPtUrmaL7QMhRQoXmvtlGbdMo2bCXZZUzp0Wj/twszEoMOtmMShUYaeOQ==
x-fb-rlafr
0
x-xss-protection
0
feeds
storage.re-news.tw/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
1e88e98b803a49d814cbc4542c3ef86093415402b54a746e0386540ab4cb2564

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:49 GMT
via
1.1 google
x-powered-by
Express
etag
W/"195c-Ldx/K1MTMo2Tok+GvcZGFGFOMTU"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6492
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 14 Oct 2022 01:02:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
7049
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 14 Oct 2022 03:02:20 GMT
mZj-PE3i9Hd.css
static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/ Frame B486 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/mZj-PE3i9Hd.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f082:9:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
57aec6038deeabe42f0415c9d043262210bd4105c59c0535fe0261f23eb68359
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:49 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5DWwZixy0DAyMzKABSGhAA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4953
x-fb-rlafr
0
x-fb-debug
UIEZnzR4YVrPBUmxR8OBlmO4XSeKkHnt6gvqHbsK057KvHzQ3bIkywSmjagKIPe7PB3V5/+QmacFT0Ngfm3f6Q==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 12 Oct 2023 22:53:46 GMT
collect
www.google-analytics.com/j/ 		4 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1122040380&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FXV1QXD&ul=en-us&de=UTF-8&dt=ING&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1212867934&gjid=1568151983&cid=1968788312.1665716389&tid=UA-102456694-1&_gid=704163967.1665716389&_r=1&_slc=1&z=1852487241
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1122040380&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FXV1QXD&ul=en-us&de=UTF-8&dt=ING&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MTQ5LjU2LjE1My4xODY&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1968788312.1665716389&tid=UA-102456694-1&_gid=704163967.1665716389&z=869725270
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 07:43:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69383
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
reurl_passback.js
ad.sitemaji.com/native/ Frame 9F2B 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_reurl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 17:07:56 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 29 Aug 2019 10:21:10 GMT
server
nginx/1.12.1 (Ubuntu)
age
35513
etag
W/"5d67a716-3bbe"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5256
expires
Fri, 14 Oct 2022 17:07:56 GMT
1675200226052423
connect.facebook.net/signals/config/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f082:9:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7bfffe9be1e7c2d90e1ae44ca4fc7adc56b8f150edcc6cd23a00a521a625e006
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Oct 2022 02:59:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
jVkzeUO6zPMxxPoNSEZfxA3kKRwSTV1GfzPOyTkSBNHcxsRjg1qb969ZEngAthmTThTU7AOcSEJ+eQfYbSBQYg==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 72B2 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
5
content-length
4730
content-type
text/html
date
Fri, 14 Oct 2022 02:59:49 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
x-amz-cf-id
4sf3PVfGlc_fjRIbt8rOiId87Zt4yl6kwWWviPLVJ2ilf_wkAbOqDA==
x-amz-cf-pop
JFK50-P3
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ 		662 B
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:29 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
20
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
Hc5ZDwtv1RYlgzMubWkwToCbsXfebLXRBdIDTMEE3cGHxgeoVkvvpA==
presetfn.js
cdn.holmesmind.com/js/ Frame BA66 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Fri, 14 Oct 2022 02:59:29 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
20
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
yQudEBAO68bGj5geLZDtd4aNOvtHtGxBNelBaCDHOaVV7ZGKsuBn7A==
presetfn.js
cdn.holmesmind.com/js/ Frame BBF4 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Fri, 14 Oct 2022 02:59:29 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
20
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
BJ-3eKR1WtG2DaU0FQ55CJDnJVxHs-u5Qt1yr3NRjpViv-LaF3LrYQ==
presetfn.js
cdn.holmesmind.com/js/ Frame BBBC 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Fri, 14 Oct 2022 02:59:29 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
20
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
T6hwxipRS7WE02JyjHzvRpPs7DPC-Qd1MwENfZ5ZH55cW_Z-Zbd0qA==
collect
stats.g.doubleclick.net/j/ 		4 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-102456694-1&cid=1968788312.1665716389&jid=1212867934&gjid=1568151983&_gid=704163967.1665716389&_u=IEBAAEAAAAAAACAAI~&z=119703588
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 14 Oct 2022 02:59:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
17229.json
img.scupio.com/js/config/ 		461 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
b089858662086aaf29d4f37d5cbd92faf267e7f9db55d13df5ec21229d2eb1b0

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 14 Oct 2022 02:57:47 GMT
via
1.1 9742cc93d29468c392785667fe23ee68.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
age
125
x-cache
Hit from cloudfront
content-length
461
last-modified
Fri, 14 Oct 2022 02:20:47 GMT
server
nginx/1.12.1
etag
"6348c77f-1cd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
Rq7tNzXRdEo0hX-QNCVL5oN_rJfHbCCJ8NKooES4YpRex0-s_WcCgQ==
expires
Fri, 14 Oct 2022 05:57:44 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.5125582285742973
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 14 Oct 2022 02:59:50 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json
Access-Control-Allow-Origin
https://reurl.cc
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
0
ad.html
img.scupio.com/html/ Frame D8FD 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.65
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2381
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 02:20:16 GMT
etag
W/"62fdf772-14d93"
expires
Sun, 13 Nov 2022 02:20:08 GMT
last-modified
Thu, 18 Aug 2022 08:25:22 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
x-amz-cf-id
9rRgMsojLvYcJBlmM1Iv7FdqNRsqJOD4MAluHFspCfLAirC0-VMsgQ==
x-amz-cf-pop
JFK50-P1
x-cache
Hit from cloudfront
17253.json
img.scupio.com/js/config/ 		461 B
854 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
b1cbb0a3fc338c889779e2fb023e61a1e039d238f5e42b3920413c83a0e3b71a

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 14 Oct 2022 02:55:19 GMT
via
1.1 9742cc93d29468c392785667fe23ee68.cloudfront.net (CloudFront)
last-modified
Fri, 14 Oct 2022 02:20:48 GMT
server
nginx/1.12.1
x-amz-cf-pop
JFK50-P1
age
287
etag
"6348c780-1cd"
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
461
x-amz-cf-id
-wjCVf2bqOOM9tNFZgOnUXnpgQIt7EgsFYYnuWEWOPQ3ZroqUc2BSA==
expires
Fri, 14 Oct 2022 05:55:01 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.3339136429095484
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 14 Oct 2022 02:59:50 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json
Access-Control-Allow-Origin
https://reurl.cc
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
0
ad.html
img.scupio.com/html/ Frame DE72 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.65
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2381
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 02:20:16 GMT
etag
W/"62fdf772-14d93"
expires
Sun, 13 Nov 2022 02:20:08 GMT
last-modified
Thu, 18 Aug 2022 08:25:22 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
x-amz-cf-id
r3aAF9fPBl7iG3dUqiTvFA0HixxDQuEe3scCU5LKOpmOo58x1pL4bQ==
x-amz-cf-pop
JFK50-P1
x-cache
Hit from cloudfront
native.js
s.yimg.com/dy/ads/ Frame 9F2B 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
x-amz-request-id
018PRD34WB6RS3Z9
age
80
x-amz-server-side-encryption
AES256
x-amz-id-2
xDoa2tg8PywqEvgS2tg8J6kt6d1d1GF7K00RFg7ZPtwYwaWj/GqIkAkj3N29FfWnKuk346Gsl0k=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 12:02:57 GMT
server
ATS
etag
"7e002e241fddeeb8dd76383206c47a3d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
310860634_8871039309580199_5421517767888468271_n-750x375.jpg
www.rayskyinvest.com/wp-content/uploads/2022/10/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/2022/10/310860634_8871039309580199_5421517767888468271_n-750x375.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.162.239 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.162.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
dc95b707466a913bd2f81dbe53c697e7250dc314ee4178555b831b42ed1dec71

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Fri, 14 Oct 2022 02:59:50 GMT
expires
Fri, 13 Oct 2023 20:08:44 GMT
last-modified
Thu, 13 Oct 2022 12:49:32 GMT
server
nginx
etag
"6348095c-d291"
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
53905
x-cdn-c
static
x-sg-cdn
1
2022-%E5%9B%9B%E5%A4%A7%E8%B6%85%E5%95%86%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2022/01/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2022/01/2022-%E5%9B%9B%E5%A4%A7%E8%B6%85%E5%95%86%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.244 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
00629ef727c6c2f00185d9f431d757ffe961a78ec9296f04bde3245b0e56ecf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
2.yyz _atomic_dca BYPASS
content-length
58804
x-nc
HIT bur 1
last-modified
Thu, 03 Feb 2022 15:18:40 GMT
server
nginx
etag
"94c8191a1b717f18"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Sun, 04 Feb 2024 03:18:40 GMT
The_Talented_Music_Producer_Kurt_Hugo_Schneider_Produced_An_Optical.jpg
mma.prnasia.com/media2/1905779/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/1905779/The_Talented_Music_Producer_Kurt_Hugo_Schneider_Produced_An_Optical.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:fc04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b558b7f14e7021dc92bb4995333c9c19fa03f01d9ae12876e2d7a52d9153b22e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
cf-cache-status
HIT
age
43544
x-powered-by
ASP.NET
server-timing
intid;desc=d87d6a9c64e8a1d1
content-length
30713
cf-bgj
h2pri
last-modified
Thu, 13 Oct 2022 14:53:46 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
759d0fae5abe3fd8-YYZ
access-control-allow-headers
Content-Type
expires
Thu, 13 Oct 2022 14:53:47 GMT
1665662422-5d6f69640e71e67481817b09e6e8792e-840x525.jpg
img.gbyhn.com.tw/2022/10/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2022/10/1665662422-5d6f69640e71e67481817b09e6e8792e-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:6009 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5de9039d18b59423c307972d26de6d415ef3c9fef1b16ff18a2c7503107b31bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53702
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
101419
last-modified
Thu, 13 Oct 2022 12:00:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tA4WGia9%2B10O%2B2bxRJ3gkm1nuGk6CBJK9CK%2FOCCSzVX1cXHe7F5GgMctaABi4AVf%2ByhBMlsf1HvR7hZ3%2FwBaC423fvA1E9xyShVoAzUbzcS8PudiTFzCRX%2FF%2Bqf6yHB5JfeOPOrorPaHUSKNH7tt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
759d0fae6ed717f5-EWR
expires
Thu, 20 Oct 2022 12:01:43 GMT
2022101309433212.jpg
img.racingcharger.tw/wp-content/uploads/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2022101309433212.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:43a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6e200357195c3695af491665c7682549c80ccaef9b1a4709983f584d89ead68

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Oct 2022 09:43:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
26764
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkgivoEeAPINTtbwBCcWYPjblq%2Bs4kq3VbGtsyzwMq9KCsKGCpEN6pi6bswAYD1eDjNjGjecpiPEM6KYmwYrX9XuZbIOMiU%2FB70wCQQEVYmS1Xyx1LOeGXFj6Lbn1AHH0OiMUP07sMsek3QGkM6pkWCuoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
759d0fae4bda182d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
121071
file.png
static.wixstatic.com/media/08c74d_e8861568593b4c8485dd592e1ec6aa4e~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_e8861568593b4c8485dd592e1ec6aa4e~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
23b56d8e72e99dcdb222d8a27949b10a2c4c9cefdfd6eed21373f10b62599183

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 12:00:59 GMT
via
1.1 google
server
openresty/1.21.4.1
age
140331
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1466146
wix-tracer
2G29xlJj0SF0a6V1aLr5tekW0Bt
x-seen-by
image-manipulator-5cdc794f79-blg45
img_9445-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2022/09/ 		359 KB
360 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2022/09/img_9445-scaled.jpg?fit=2560%2C1920&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ebc9d9a64fe0dcc52fe330bb52ea9701a4cf717dbd18b4e6f4e736fe5e45f872
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc
HIT yyz 3
date
Fri, 14 Oct 2022 02:59:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 10 Oct 2022 10:58:06 GMT
server
nginx
etag
"17d6665814a54c68"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2022/09/img_9445-scaled.jpg>; rel="canonical"
content-length
367546
expires
Wed, 09 Oct 2024 22:58:06 GMT
%E4%BF%A1%E7%94%A8%E8%B2%B8%E6%AC%BE%E5%8F%AF%E4%BB%A5%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E5%97%8E%EF%BC%9F%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E7%AB%9F%E7%84%B6%E8%A6%81%E4%BB%98%E9%81%95%E7%B4%8...
blog.alphaloan.co/wp-content/uploads/2022/10/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2022/10/%E4%BF%A1%E7%94%A8%E8%B2%B8%E6%AC%BE%E5%8F%AF%E4%BB%A5%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E5%97%8E%EF%BC%9F%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E7%AB%9F%E7%84%B6%E8%A6%81%E4%BB%98%E9%81%95%E7%B4%84%E9%87%91%EF%BC%9F%E5%85%8D%E4%BB%98%E9%81%95%E7%B4%84%E9%87%91%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E6%96%B9%E5%BC%8F%E5%A4%A7%E5%85%AC%E9%96%8B%EF%BC%81.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b3105908d85e5136b409669ee0615fcd3b289a8cef67dc3e2fd77fe7481775e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=31536000
x-ac
2.yyz _atomic_dca BYPASS
last-modified
Mon, 03 Oct 2022 04:45:24 GMT
server
nginx
etag
"633a68e4-213ff"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
136191
expires
Fri, 21 Oct 2022 02:59:50 GMT
cm.php
fcm.holmesmind.com/ Frame 1B98 		39 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 02:59:50 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 72B2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 14 Oct 2022 03:09:50 GMT
cm
c.holmesmind.com/ Frame 72B2
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Fri, 14 Oct 2022 02:59:50 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame BA66 		756 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13847
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:a800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:24 GMT
content-encoding
gzip
via
1.1 b0e346c8169b4f8b2ad260265d95ff1a.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
JFK50-P1
age
26
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
rqswjILPK1GEs5KQKm5qeszrc_wTOLXNUdAEkc4nodrhdAWIqsCjJA==
Preset.js
adcdn.holmesmind.com/adserver/ Frame BBF4 		575 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:a800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:24 GMT
content-encoding
gzip
via
1.1 b0e346c8169b4f8b2ad260265d95ff1a.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
JFK50-P1
age
26
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
CCPWAzUzWaji28674fPeYsxqovtr7cBvmSe0FWID8X9CjKVXg-ltGg==
Preset.js
adcdn.holmesmind.com/adserver/ Frame BBBC 		760 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13848
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:a800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8f85e51a2f3c094fe6816857f185ca3f81647b4a74c6b06dd0df82e1d7455771

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:51:11 GMT
content-encoding
gzip
via
1.1 b0e346c8169b4f8b2ad260265d95ff1a.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
JFK50-P1
age
519
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
c_ugQe27UmvsgGUNjZKiFpTBNmrzkqYNMml2XiNE52J4Uiq20x7y4g==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame D8FD 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:24:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 16:24:07 GMT
prebid.js
img.scupio.com/js/ Frame D8FD 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:56:14 GMT
content-encoding
gzip
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
x-amz-cf-pop
JFK50-P1
age
215
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
fwPWGIq_U-ygfpUUbUGfjN_5zvJb7zf8si6RwSoPDyb84Md7-4GEVg==
expires
Sun, 13 Nov 2022 02:56:14 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame DE72 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 16:24:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 16:24:07 GMT
prebid.js
img.scupio.com/js/ Frame DE72 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:56:14 GMT
content-encoding
gzip
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
x-amz-cf-pop
JFK50-P1
age
215
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
UdMCSBrHFuZrCJTjCba8RCDnTaogUW9b2rCyel0iQ-bPm5sqwkpOXQ==
expires
Sun, 13 Nov 2022 02:56:14 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FXV1QXD&rl=&if=false&ts=1665716389916&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1665716389915.1987427224&it=1665716389578&coo=false&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f175:81:face:b00c:0:25de Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 14 Oct 2022 02:59:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102456694-1&cid=1968788312.1665716389&jid=1212867934&_u=IEBAAEAAAAAAACAAI~&z=18676151
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102456694-1&cid=1968788312.1665716389&jid=1212867934&_u=IEBAAEAAAAAAACAAI~&z=18676151
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.ssp.hinet.net/ 		37 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
81dc79d8174680d83cd8dbaa18fc6233df8e080a4b811ed6458ab031b6528c28
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 72B2 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
52309d688bd29a70f66f7be695e8102378879174ab293c9a3d0f07b9a04340f0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 9F2B 		290 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=64d289b9-de9a-443b-a2c0-d45680807e46&apiKey=M2G62KV2NBNXKBPVHWQN&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Freurl.cc%2FXV1QXD&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.6.138.64 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
media-router-flurry71.prod.media.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
b
geo.yahoo.com/ Frame 9F2B 		43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:58:207::6000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-length
43
ads.js
ad.holmesmind.com/adserver/ Frame BBF4 		2 KB
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=380&o=1&d=1&b=2&ts=1&ii=3&FPCK=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
74b402543d509c35f3a8cb78978adaba1f54ef4c0654d0cdff69a929a398749b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 14 Oct 2022 02:59:51 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame BBF4 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:50 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
5
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
3k3xxH7f54IohDeZDbhmr9aHoKEnsD1hZIHwsfvlOh-w0WID4sJtAQ==
appierV2.js
cdn.holmesmind.com/js/ Frame BBF4 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:58:52 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
58
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
CuHPi0IK8XCZqxrt9fBGZl2T6JHkfq0xOMF9D8q5YPZ8RDIqAjBdNw==
ads.js
ad.holmesmind.com/adserver/ Frame BA66 		0
215 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=185&o=1&d=1&b=2&ts=1&ii=3&FPCK=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 14 Oct 2022 02:59:51 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame BA66 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:50 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
5
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
kO6w2D_B7CXJy11qQo-_a6elK2okoScDZAJFpT0UFriCH_oPzxrZkA==
publishertag.js
static.criteo.net/js/ld/ Frame BA66 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-1e358"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Oct 2022 02:59:50 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame BA66 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:58:52 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
58
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
lcwtLcQJoOnrvnJ9vLbzr_9RVmrnQ0U0Z_K7vLRR-RJLtxcQs3UAwg==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame BA66 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:51 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
ofYLDeo1vE67qfbeWxAshKQF1WfbdLp0FNkHjZoY0H_f1dzGaWNMwQ==
appierV2.js
cdn.holmesmind.com/js/ Frame BA66 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:58:52 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
58
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
mfMIJJPxSp6w0F1iHppvoJlTZTT6bsXRzVkx0kTVNjYBayY7EBMRBA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame BA66 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13d69b634ceeee6647713a2568ba53d7f956abaf734f3cfad0ad1e35d1e988c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
fIQgLpkPc8Xa6hWRKpG2InO.92XkfeB1
date
Fri, 14 Oct 2022 02:59:42 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 08:48:47 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
9
etag
"945b888de0f0e51f6997f84814931271"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5760
x-amz-cf-id
1P2nOs_v5_koemZE5bxArL6-FqFHeDDYXRF_1EVAkDS6wSXnTSAtaQ==
ads.js
ad.holmesmind.com/adserver/ Frame BBBC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=336&o=1&d=1&b=2&ts=1&ii=3&FPCK=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c8c19556af7bbc2e8b05b19b0209734aeab1c1e6651b7583fdd0b73830ed799c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 14 Oct 2022 02:59:51 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame BBBC 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:50 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
5
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
e7Mge3Ye249D7ailvyIQX9hUBApsPma8chCKBRZ0H8kvbVpYTsEhAw==
publishertag.js
static.criteo.net/js/ld/ Frame BBBC 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-1e358"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Oct 2022 02:59:50 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame BBBC 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:58:52 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
58
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
hK23fRtPICCDSXQGKXEJjeI8OJa1_s_8e_Ujuiu5C1zuKLS9gZLKZg==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame BBBC 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:51 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
uIGiwo4QRjL11UxvAnDBbjdgLz8KzjT5C_-IrRvd2rEJtCEx29SaLw==
appierV2.js
cdn.holmesmind.com/js/ Frame BBBC 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:58:52 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
58
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
QcAaEMmEMWs4xU9epPAWH4smSXechdGhiD5l72XYJSuaYxZz9qu5gA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame BBBC 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13d69b634ceeee6647713a2568ba53d7f956abaf734f3cfad0ad1e35d1e988c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
fIQgLpkPc8Xa6hWRKpG2InO.92XkfeB1
date
Fri, 14 Oct 2022 02:59:42 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 08:48:47 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
9
etag
"945b888de0f0e51f6997f84814931271"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5760
x-amz-cf-id
KEAgoDmzpDxa4hjrj2uqffJ8YlFRWo4jCSYymmgx-Yhh2RQJsom8Sg==
currency.json
img.scupio.com/js/config/ Frame D8FD 		108 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
dafd0e1a677a84abf3626d7123b1bcdf332d233f8be42b22577ac2383b095d4b

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Oct 2022 02:56:07 GMT
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
last-modified
Thu, 13 Oct 2022 19:15:05 GMT
server
nginx/1.12.1
x-amz-cf-pop
JFK50-P1
age
225
etag
"634863b9-6c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
accept-ranges
bytes
content-length
108
x-amz-cf-id
IM0WignMHOkApw2jQ0IGN04zrTg-4PSoLhQQCxgJOgUUVj1cBgz1aw==
expires
Fri, 14 Oct 2022 05:56:05 GMT
cdb
bidder.criteo.com/ Frame D8FD 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=53257927158
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame D8FD 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Fri, 14 Oct 2022 02:59:51 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.json
ad.holmesmind.com/adserver/ Frame D8FD 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1665716390361&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Fri, 14 Oct 2022 02:59:51 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
prebid.aspx
prebid.scupio.com/recweb/ Frame D8FD 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8927134610626999
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 14 Oct 2022 02:59:51 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
header
hb.aralego.com/ Frame D8FD 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=360bbaf3-8b11-4ffb-9fa6-43ab59c6b260&u=https%3A%2F%2Freurl.cc%2FXV1QXD&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=a441c9fd-34f5-4626-9906-f861f3d3d01a&w=300&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Gaithersburg, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://img.scupio.com
Date
Fri, 14 Oct 2022 02:59:50 GMT
Access-Control-Allow-Credentials
true
Connection
close
currency.json
img.scupio.com/js/config/ Frame DE72 		108 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
dafd0e1a677a84abf3626d7123b1bcdf332d233f8be42b22577ac2383b095d4b

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Oct 2022 02:56:07 GMT
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
last-modified
Thu, 13 Oct 2022 19:15:05 GMT
server
nginx/1.12.1
x-amz-cf-pop
JFK50-P1
age
225
etag
"634863b9-6c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
accept-ranges
bytes
content-length
108
x-amz-cf-id
9d9zzpAtf2JhpFGKrW7JdLY6NjylxQslY1QTIhIuznMi0zfnN8qB8w==
expires
Fri, 14 Oct 2022 05:56:05 GMT
cdb
bidder.criteo.com/ Frame DE72 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=6982183447
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Oct 2022 02:59:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid.json
ad.holmesmind.com/adserver/ Frame DE72 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1665716390419&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Fri, 14 Oct 2022 02:59:51 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
prebid.aspx
prebid.scupio.com/recweb/ Frame DE72 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.3158469314251513
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 14 Oct 2022 02:59:50 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
header
hb.aralego.com/ Frame DE72 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=360bbaf3-8b11-4ffb-9fa6-43ab59c6b260&u=https%3A%2F%2Freurl.cc%2FXV1QXD&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=32c92e93-7463-48c6-8bb4-46b6c90a6bbb&w=970&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Gaithersburg, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://img.scupio.com
Date
Fri, 14 Oct 2022 02:59:50 GMT
Access-Control-Allow-Credentials
true
Connection
close
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame DE72 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Fri, 14 Oct 2022 02:59:51 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame BA66
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=1lFq8qQeB1WHz3hRp9BIYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=1lFq8qQeB1WHz3hRp9BIYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 14 Oct 2022 02:59:51 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=1lFq8qQeB1WHz3hRp9BIYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame BA66
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=aqwms2NKByuGshwQp9BIYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=aqwms2NKByuGshwQp9BIYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 14 Oct 2022 02:59:51 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=aqwms2NKByuGshwQp9BIYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame BA66 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 14 Oct 2022 02:59:51 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame BBF4 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 14 Oct 2022 02:59:51 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame BBBC 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 14 Oct 2022 02:59:51 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
landing.php
fp.holmesmind.com/ Frame 4D36 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&CFFPCKUUID=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 02:59:51 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame BBF4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 14 Oct 2022 03:09:50 GMT
landing.php
fp.holmesmind.com/ Frame F87E 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&CFFPCKUUID=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 02:59:51 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame BA66 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 14 Oct 2022 03:09:50 GMT
landing.php
fp.holmesmind.com/ Frame B2EB 		0
249 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&CFFPCKUUID=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 02:59:51 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame BBBC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 14 Oct 2022 03:09:50 GMT
emome2
t.ssp.hinet.net/ 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=8e67a25c-15d7-4123-867c-bcae61492d42
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 72B2 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=bedd9837-c12f-48b4-953f-f01adb33b669
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame BBBC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 14 Oct 2022 02:59:51 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame BBBC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=kjwRl5jUAF6IqB6Zp9BIYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=kjwRl5jUAF6IqB6Zp9BIYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 14 Oct 2022 02:59:51 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=kjwRl5jUAF6IqB6Zp9BIYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cm
t.ssp.hinet.net/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=8e67a25c-15d7-4123-867c-bcae61492d42
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
8e67a25c-15d7-4123-867c-bcae61492d42.t.ssp.hinet.net/ 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8e67a25c-15d7-4123-867c-bcae61492d42.t.ssp.hinet.net/pixel?bd=8e67a25c-15d7-4123-867c-bcae61492d42&t=a546ca&referrer=%25%25%20referrer%20%25%25
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cdb
bidder.criteo.com/ Frame BA66 		177 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=57733000972
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6045a4f7de7542296daa6709d1e59d2a0ed3dd438856840569382034f05f1698
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
162
cdb
bidder.criteo.com/ Frame BA66 		177 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=68226450453
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b168a74c7264118b890dce3466227bc6ed1cc862c671efc28ea9f0883bf7f43d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
/
t.ssp.hinet.net/ Frame BBF4 		36 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
c74748e6c731263fad6adb78170a9bc690c4e0f717db075c4722e9124b928dc9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame BBBC 		177 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=93418120687
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
557ea0952cd055cb70b0566ce50340993098aa68f511de418091cd8ce5ef8a16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
164
prebid.aspx
prebid.scupio.com/recweb/ Frame BBBC 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.74806691647583
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 14 Oct 2022 02:59:50 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame BA66 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.43697379658307445
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 14 Oct 2022 02:59:51 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame BA66 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.45401629307782065
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 14 Oct 2022 02:59:50 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
events
bidder.criteo.com/csm/ Frame BA66 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame BA66 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 14 Oct 2022 02:59:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame BBBC 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
cm
t.ssp.hinet.net/ Frame BBF4 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&mp=bedd9837-c12f-48b4-953f-f01adb33b669
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
bedd9837-c12f-48b4-953f-f01adb33b669.t.ssp.hinet.net/ Frame BBF4 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bedd9837-c12f-48b4-953f-f01adb33b669.t.ssp.hinet.net/pixel?bd=bedd9837-c12f-48b4-953f-f01adb33b669&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame BA66 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&mp=8e67a25c-15d7-4123-867c-bcae61492d42
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
8e67a25c-15d7-4123-867c-bcae61492d42.t.ssp.hinet.net/ Frame BA66 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8e67a25c-15d7-4123-867c-bcae61492d42.t.ssp.hinet.net/pixel?bd=8e67a25c-15d7-4123-867c-bcae61492d42&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
pixel
8e67a25c-15d7-4123-867c-bcae61492d42.t.ssp.hinet.net/ Frame BBBC 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8e67a25c-15d7-4123-867c-bcae61492d42.t.ssp.hinet.net/pixel?bd=8e67a25c-15d7-4123-867c-bcae61492d42&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame BBBC 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&mp=8e67a25c-15d7-4123-867c-bcae61492d42
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
drawV2.js
cdn.holmesmind.com/js/ Frame BBBC 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=336&o=1&d=1&b=2&ts=1&ii=3&FPCK=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:26 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
35
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
Gsb-wlqStve6AYEuwI-w64D8YlXfYWYzWgIk-j8lfvvCkkrXSpZa_w==
adsbyscupio.js
img.scupio.com/js/ Frame A02E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:41 GMT
content-encoding
gzip
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:30:31 GMT
server
nginx/1.12.1
x-amz-cf-pop
JFK50-P1
age
12
etag
W/"607cf957-11ab"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=10800
x-amz-cf-id
YHkqBWCJcSunpSVg4Po1nOjbYlaJIUJ87vrv3bYNnsj6bWmgIvRLog==
expires
Fri, 14 Oct 2022 05:59:39 GMT
bidinfo.aspx
bw.scupio.com/adpinline/ Frame DE72 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.4403174293147245
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
153cd42b615aab62f3878478b7f729e92a3138a30e45b12586b540ea664440d7

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 14 Oct 2022 02:59:52 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1476
truncated
/ Frame DE72 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
970x250.png
img.scupio.com/img/2011_gym/ Frame A02E 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/img/2011_gym/970x250.png
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
5c4e555f2cdb1d2c4bc4bd48cf25afb9944c1faed58be0725a8222e9fe2dd67e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:07 GMT
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:31:40 GMT
server
nginx/1.12.1
x-amz-cf-pop
JFK50-P1
age
44
etag
"607cf99c-156c7"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
87751
x-amz-cf-id
sNkLf5Ip0mMxy64_Ja9BgYiC9fz_64USbRMkejktgkkJFzSJZhlaeg==
expires
Sat, 14 Oct 2023 02:59:07 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame BBF4 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=380&o=1&d=1&b=2&ts=1&ii=3&FPCK=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:26 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
35
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
Fyh3vsCS_hlWWBoyq-S9jJqiwg-r9sQnBKaJDPYvSpPvR94413bg2A==
adsbyscupio.js
img.scupio.com/js/ Frame 5600 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:41 GMT
content-encoding
gzip
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:30:31 GMT
server
nginx/1.12.1
x-amz-cf-pop
JFK50-P1
age
12
etag
W/"607cf957-11ab"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=10800
x-amz-cf-id
EpQr1at2bBOjMb2x49DjyiRRJy3PanWQko4At3fr3Sk4DucT4ZliaA==
expires
Fri, 14 Oct 2022 05:59:39 GMT
bidinfo.aspx
bw.scupio.com/adpinline/ Frame D8FD 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.161304459481854
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
611e247c78a0d6a596487a2f763a03f357afd47a07dcba9f5a3f3142c50e9bb6

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 14 Oct 2022 02:59:52 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1480
truncated
/ Frame D8FD 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
300x250.png
img.scupio.com/img/2011_gym/ Frame 5600 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/img/2011_gym/300x250.png
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:46:59 GMT
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:31:40 GMT
server
nginx/1.12.1
x-amz-cf-pop
JFK50-P1
age
772
etag
"607cf99c-bcf6"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
48374
x-amz-cf-id
Wvp9oGVPjo666e4JHmEXKowr-yXdO_wdIF1bxKWcnMjnfBdd7UELpA==
expires
Sat, 14 Oct 2023 02:46:59 GMT
syncframe
gum.criteo.com/ Frame FA13 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:51 GMT
server
Kestrel
server-processing-duration-in-ticks
455864
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame D8FD 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Oct 2022 02:59:52 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame DE72 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Oct 2022 02:59:52 GMT
syncframe
gum.criteo.com/ Frame 6B79 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:51 GMT
server
Kestrel
server-processing-duration-in-ticks
842373
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D8FD 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Oct 2022 02:59:52 GMT
syncframe
gum.criteo.com/ Frame 73F0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:52 GMT
server
Kestrel
server-processing-duration-in-ticks
861110
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame DE72 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Oct 2022 02:59:52 GMT
init.js
cdn.holmesmind.com/js/ Frame 53ED 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Fri, 14 Oct 2022 02:59:22 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
31
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
w9z0LanjAel4mCbJJohPnUL_h1IszBBED6JYaFgNozyk1g9p31nfGw==
sid
mug.criteo.com/ Frame FA13
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=fNxwF3xDcER1ZlVtZm5IaU9PVUJtQlhTb0JTbGtiQ0RBSWdRenBvTlNQZUY5aTQyVis0Mzh0SHJMdkY0UW1NZFQ4NjZiNithSEhRYVR2bzhOS212VVhsYWx4aWlQeEQvamNLaFlQaEpSdmt2UFFLcWlkZUgzdUdCS2FLcW...
428 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=fNxwF3xDcER1ZlVtZm5IaU9PVUJtQlhTb0JTbGtiQ0RBSWdRenBvTlNQZUY5aTQyVis0Mzh0SHJMdkY0UW1NZFQ4NjZiNithSEhRYVR2bzhOS212VVhsYWx4aWlQeEQvamNLaFlQaEpSdmt2UFFLcWlkZUgzdUdCS2FLcWdDQjNhRzFDNHNVbGhOaFBYUFh6d3NwRWd1VnJFM0dtMnZkak5nOXdDUm04dWdJOXhKVEthSThqS2xCWS9PTEJTVWtIQ3NIMDdKN0UvbkczbUJXMFlRVDBnT0VpWFhjWkdQekVZMXI0cCttTm43SFk1ZTBxVWYyTG1ZcGt4Znl0dm1uZWEyZlpRT1YwMDgyS2RNMTBEUlpTa1F0VWYxQT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a1c43b830a8fd34278607de3974d75ccbe7a852896223ca9cf00bb708239ba17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2246594
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=fNxwF3xDcER1ZlVtZm5IaU9PVUJtQlhTb0JTbGtiQ0RBSWdRenBvTlNQZUY5aTQyVis0Mzh0SHJMdkY0UW1NZFQ4NjZiNithSEhRYVR2bzhOS212VVhsYWx4aWlQeEQvamNLaFlQaEpSdmt2UFFLcWlkZUgzdUdCS2FLcWdDQjNhRzFDNHNVbGhOaFBYUFh6d3NwRWd1VnJFM0dtMnZkak5nOXdDUm04dWdJOXhKVEthSThqS2xCWS9PTEJTVWtIQ3NIMDdKN0UvbkczbUJXMFlRVDBnT0VpWFhjWkdQekVZMXI0cCttTm43SFk1ZTBxVWYyTG1ZcGt4Znl0dm1uZWEyZlpRT1YwMDgyS2RNMTBEUlpTa1F0VWYxQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
602566
content-length
0
expires
0
sid
mug.criteo.com/ Frame 73F0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=wa1YN3x1U3NkWEU5bWZmV0pvN1dETy9DbVlhOGxqbUFkaE9pN0pYUi9ZbHVneVlwUDFrWFNFdW1Jd3FGd1pESXQ3MVFLTUJacCtSY3AvUTZheEFlQnlxMXNQa0w3YUkrT1Y4aERocHM1c1Z0TWRaU1ZZeTk5MlJVanRkMW...
430 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=wa1YN3x1U3NkWEU5bWZmV0pvN1dETy9DbVlhOGxqbUFkaE9pN0pYUi9ZbHVneVlwUDFrWFNFdW1Jd3FGd1pESXQ3MVFLTUJacCtSY3AvUTZheEFlQnlxMXNQa0w3YUkrT1Y4aERocHM1c1Z0TWRaU1ZZeTk5MlJVanRkMW1pbmpRSitZRkliSE5HbTRTZGh4QWtkUGtlOTR5N3FWeFNhUUwzdFZ0U2Ewa3NESHVnWjAyRXVEN2IvZVJvY1BmRmdYS2tVQ3ppMlcvZTFaWWJPai9ORlFZSVJKNDVTc3BYSGNaamJOOXJCTlEvRjBDRzIxek5IMm9MRkw1LzhZNWZHeUtaeWtGTmdpZnB1SjJuWWIzNFhDRmVPYWU4MzRpU0tRR2FFNitvWTVWM0psSEs2ST18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
38359490fa9225b2a8fc864edd59a31beb5a8f011545d54840d15c04729c08a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2460940
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=wa1YN3x1U3NkWEU5bWZmV0pvN1dETy9DbVlhOGxqbUFkaE9pN0pYUi9ZbHVneVlwUDFrWFNFdW1Jd3FGd1pESXQ3MVFLTUJacCtSY3AvUTZheEFlQnlxMXNQa0w3YUkrT1Y4aERocHM1c1Z0TWRaU1ZZeTk5MlJVanRkMW1pbmpRSitZRkliSE5HbTRTZGh4QWtkUGtlOTR5N3FWeFNhUUwzdFZ0U2Ewa3NESHVnWjAyRXVEN2IvZVJvY1BmRmdYS2tVQ3ppMlcvZTFaWWJPai9ORlFZSVJKNDVTc3BYSGNaamJOOXJCTlEvRjBDRzIxek5IMm9MRkw1LzhZNWZHeUtaeWtGTmdpZnB1SjJuWWIzNFhDRmVPYWU4MzRpU0tRR2FFNitvWTVWM0psSEs2ST18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
749482
content-length
0
expires
0
sid
mug.criteo.com/ Frame 6B79
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=_9x12nx3SFlHQTBMUTgrU3htVmtEWTN5TWUvNWFGcUNhS3gvdDdMUVU4UmgwbzBNakRDL0RsRGJ5Nm5FUUxqaEx0QjdKWE9LcGtGMHJHZmttZGx2WDlQOGJBZEhNSDJlbTF3VldkMXAydXhjMVp5TTUxNllRbUN2UjNZaW...
422 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_9x12nx3SFlHQTBMUTgrU3htVmtEWTN5TWUvNWFGcUNhS3gvdDdMUVU4UmgwbzBNakRDL0RsRGJ5Nm5FUUxqaEx0QjdKWE9LcGtGMHJHZmttZGx2WDlQOGJBZEhNSDJlbTF3VldkMXAydXhjMVp5TTUxNllRbUN2UjNZaWlYUGJzdWRGUHZsNnhmR0tTTGdDc0RpTThOeHRSYnNqMUlpVmdld3lvdk8wRldWaTFkdE1Da0l3NDZDQklDQjRBeHpDbjJwbTkrVEdXUFl5ZG5BeTlJTzZRRUpFV3IvbGRuVWlkeFo5NEZ6QUtYQkdKTnpNS254dkhZdmRxWDhOS3JneWhPNzNXNVo3NFA1OERMeFpoTVhiWjJ0YzBlSmRCR0JIdFgxbVNSNEx4cHQ0cDNsbz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a51026d600a8f477b6e66d7e6312a8a7e7b3f23fae6a4e8890ec84366a52ada3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2773578
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=_9x12nx3SFlHQTBMUTgrU3htVmtEWTN5TWUvNWFGcUNhS3gvdDdMUVU4UmgwbzBNakRDL0RsRGJ5Nm5FUUxqaEx0QjdKWE9LcGtGMHJHZmttZGx2WDlQOGJBZEhNSDJlbTF3VldkMXAydXhjMVp5TTUxNllRbUN2UjNZaWlYUGJzdWRGUHZsNnhmR0tTTGdDc0RpTThOeHRSYnNqMUlpVmdld3lvdk8wRldWaTFkdE1Da0l3NDZDQklDQjRBeHpDbjJwbTkrVEdXUFl5ZG5BeTlJTzZRRUpFV3IvbGRuVWlkeFo5NEZ6QUtYQkdKTnpNS254dkhZdmRxWDhOS3JneWhPNzNXNVo3NFA1OERMeFpoTVhiWjJ0YzBlSmRCR0JIdFgxbVNSNEx4cHQ0cDNsbz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
543397
content-length
0
expires
0
capmapping.htm
cdn.holmesmind.com/js/ Frame 263B 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
8
content-length
4730
content-type
text/html
date
Fri, 14 Oct 2022 02:59:49 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
x-amz-cf-id
oyQdwkSte8gZMc5QF4qcYx19s0KPyIC8wwm0tA20XEn-7mse9yK0QA==
x-amz-cf-pop
JFK50-P3
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 53ED 		662 B
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:29 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
23
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
8oDR-tjuZnNf38hzBjmgKBXxvGTuPxAIYMiFRrmy87e-IbZiTgA6OA==
presetfn.js
cdn.holmesmind.com/js/ Frame EDAF 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Fri, 14 Oct 2022 02:59:29 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
23
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
uerrZzIAOofcdyNFy78WuVDrpAH-MVLXVIMli9A0cap3lO-4J_GW5g==
cm.php
fcm.holmesmind.com/ Frame 2FC2 		95 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
86
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 02:59:52 GMT
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 263B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 14 Oct 2022 03:09:52 GMT
cm
c.holmesmind.com/ Frame 263B 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 263B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&uu_m=undefined
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&uu_m=undefined&google_tc=
  • https://m.holmesmind.com/ml/google?cf_uid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&uu_m=undefined&google_gid=CAESEK2k4dfSahIpWl2MC2gC8Oo&google_cver=1
0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&uu_m=undefined&google_gid=CAESEK2k4dfSahIpWl2MC2gC8Oo&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
x-guploader-uploadid
ADPycdtLhmYhkp8DyG6ye3oYziw4Md7QoPQuARkPneSoh3AgRAy6Y3-WZIkHeFCUaSCKG95uB2l-bzzWOohFbr8Vk5jmkw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Fri, 14 Oct 2022 03:59:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&uu_m=undefined&google_gid=CAESEK2k4dfSahIpWl2MC2gC8Oo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame EDAF 		1 KB
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13849
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:a800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:54:49 GMT
content-encoding
gzip
via
1.1 b0e346c8169b4f8b2ad260265d95ff1a.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
JFK50-P1
age
303
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
3dAElmdCr2AP-Poq-Gc81yBTas6A4Ew7Pa8tPRkZlVqUVTAhVsoH8g==
init.js
cdn.holmesmind.com/js/ Frame 8B6A 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Fri, 14 Oct 2022 02:59:22 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
31
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
KNp6w9MWKcGyPJ11LnFu_YfY84J3y0NgRMtMAY3-n4kBtWQlCke1lw==
ads.js
ad.holmesmind.com/adserver/ Frame EDAF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=63&o=1&d=1&b=2&ts=1&ii=2&FPCK=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b7ef6d445bd990e0a48201c084c8605a266a171c434a08460d2e00a729c580a8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 14 Oct 2022 02:59:52 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame EDAF 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:50 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
7
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
Uny4STutG9rOQie5-Cz3kwsKDmDmCY_PR8X06OMmv5boE3qpyf5ZHQ==
publishertag.js
static.criteo.net/js/ld/ Frame EDAF 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-1e358"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Oct 2022 02:59:52 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame EDAF 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:58:52 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
60
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
kRYpAfK4ulA75ypV1MH4alFFewYatS-CvqoIEcuv28T-Mm78qBmDvA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame EDAF 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:51 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
1
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
5uXVWz_DYOzZVcAUTbEgDiYvn9OxvvrywB6S8Dr3kEBEVat6c3nNLA==
appierV2.js
cdn.holmesmind.com/js/ Frame EDAF 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:54 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
"548ed610a8571343fb3022f543174735"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
bLbm7IDHW6RtWwDnBMtP78Wecv0OMgIzJcAGichRqgK5wEZrAG-5jg==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame EDAF 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13d69b634ceeee6647713a2568ba53d7f956abaf734f3cfad0ad1e35d1e988c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
fIQgLpkPc8Xa6hWRKpG2InO.92XkfeB1
date
Fri, 14 Oct 2022 02:59:42 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 08:48:47 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
11
etag
"945b888de0f0e51f6997f84814931271"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5760
x-amz-cf-id
m5IuuJWNxbS_MMNSnbZQrmiTz4OlkpFC9QbyICxyagkC9n6cgS9Tbw==
capmapping.htm
cdn.holmesmind.com/js/ Frame 05BB 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
8
content-length
4730
content-type
text/html
date
Fri, 14 Oct 2022 02:59:49 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
x-amz-cf-id
eKGPlg1WUfDH-e6As0ESTz5mmBNIeApg1vlO6dTfYSRYjoZTgnvF2g==
x-amz-cf-pop
JFK50-P3
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 8B6A 		662 B
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:29 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
23
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
6JThKFzMwzP4zDDGLr7F2TUdUPN52LBXH-lwvgC0JjT1b6LksqP_yQ==
presetfn.js
cdn.holmesmind.com/js/ Frame B425 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Fri, 14 Oct 2022 02:59:29 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
23
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
XVzefoEuLpXmbQpZ9fQb6tyuHCgmKuI3s9uIhZU6yT56E7oMhcjQ8A==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame EDAF 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 14 Oct 2022 02:59:52 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame EDAF 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.02550797672209759
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 14 Oct 2022 02:59:51 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame EDAF
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 14 Oct 2022 02:59:52 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame EDAF 		177 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=9738030197
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b75b554360eb277f4494dfcab2a8e6e69f168b03eba2e3d6645f6ff63e73658c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
syncframe
gum.criteo.com/ Frame A4CE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:51 GMT
server
Kestrel
server-processing-duration-in-ticks
1090733
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame 007F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:52 GMT
server
Kestrel
server-processing-duration-in-ticks
1911317
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cm
c.holmesmind.com/ Frame 05BB 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
utag.js
t.ssp.hinet.net/ Frame 05BB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 14 Oct 2022 03:09:52 GMT
google
m.holmesmind.com/ml/ Frame 05BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&uu_m=undefined&google_gid=CAESEFLHHkRLvjbNZdJFr7m0sek&google_cver=1
0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&uu_m=undefined&google_gid=CAESEFLHHkRLvjbNZdJFr7m0sek&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
x-guploader-uploadid
ADPycdvryIMj4Y_qq0Xust51qX14IlJfds3o1cWS6l_2glVYj0JB-jchdm21JuS1ti2eih_u-95KIt0_zVP6onRwlzz49Q
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Fri, 14 Oct 2022 03:59:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&uu_m=undefined&google_gid=CAESEFLHHkRLvjbNZdJFr7m0sek&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame B425 		1 KB
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:a800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
content-encoding
gzip
via
1.1 b0e346c8169b4f8b2ad260265d95ff1a.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
JFK50-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
pzkg-Q0mxoPMjDE2GCUhSMivHXGj4NT18-Jnm2v5Px3Sr-aM3ye2bg==
/
t.ssp.hinet.net/ Frame 263B 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
c74748e6c731263fad6adb78170a9bc690c4e0f717db075c4722e9124b928dc9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
events
bidder.criteo.com/csm/ Frame EDAF 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
sid
mug.criteo.com/ Frame A4CE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=dUtqVF9rZSUyQkh4R0tQaXF1Q2Fxd2NHUEViODBVMllBVDBsZWZ0VVRGVDB6ZUlTTkdYR1N4JTJCbXozek...
  • https://mug.criteo.com/sid?cpp=7daSKHx2dFZlVTBlbWFvaVlFNG5lbEFESDBSMzVNcG5uRzNobDV4M2ppR01UeUpWVnMrSzBMVStIOEEzU2NWRTJ4WGljbm1ubnN5dzhicmVodkhUbThuaEtzdWtuZUZFUnhpeWRSRXhOa01VWGNHZ0k2MWtCUXVtd3pVY1...
441 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=7daSKHx2dFZlVTBlbWFvaVlFNG5lbEFESDBSMzVNcG5uRzNobDV4M2ppR01UeUpWVnMrSzBMVStIOEEzU2NWRTJ4WGljbm1ubnN5dzhicmVodkhUbThuaEtzdWtuZUZFUnhpeWRSRXhOa01VWGNHZ0k2MWtCUXVtd3pVY1hxRk5qSUh3blM5Mm9IS295QzFqbDExRWJ0akZQaVZUYnN5emxlNkU2ZERuZnhkZGQ4eG1ZR2RXQXF2dEJJY05oNjF1blNDTi9ybVkxdWxDdUo3VUZxR0Q2VXU5VjBLcGtVZlQ1dWVWd3VaZzByY2I2Rk13dEYxNE4rd0xYT1R1Yy96OGlQTDJuSTMvbU9zN3FGbVpCS1FlTlVHNXo4QT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3fb0623b5aee602d59d69fe9a3005da073c1ef7c54832658bccc7db1a356bd44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1783439
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=7daSKHx2dFZlVTBlbWFvaVlFNG5lbEFESDBSMzVNcG5uRzNobDV4M2ppR01UeUpWVnMrSzBMVStIOEEzU2NWRTJ4WGljbm1ubnN5dzhicmVodkhUbThuaEtzdWtuZUZFUnhpeWRSRXhOa01VWGNHZ0k2MWtCUXVtd3pVY1hxRk5qSUh3blM5Mm9IS295QzFqbDExRWJ0akZQaVZUYnN5emxlNkU2ZERuZnhkZGQ4eG1ZR2RXQXF2dEJJY05oNjF1blNDTi9ybVkxdWxDdUo3VUZxR0Q2VXU5VjBLcGtVZlQ1dWVWd3VaZzByY2I2Rk13dEYxNE4rd0xYT1R1Yy96OGlQTDJuSTMvbU9zN3FGbVpCS1FlTlVHNXo4QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
362660
content-length
0
expires
0
sid
mug.criteo.com/ Frame 007F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=dUtqVF9rZSUyQkh4R0tQaXF1Q2Fxd2NHUEViODBVMllBVDBsZWZ0VVRGVDB6ZUlTTkdYR1N4JTJCbXozek...
  • https://mug.criteo.com/sid?cpp=qDCK2nxpU2dBMW5KT3FvWnNhYnd5QVpzRDllblYrSjBlell4WmYvaHNHRzJEcVVWajZkZEczZUxzN2s4WnRLeWU5TWNhTXZMMjIvTTFmTmdjQWRJMEdFdGVPYTh2aUE4aExZTGw5cXB5ZmZMY2dNc28rOU1RMXNLU0dZVU...
422 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=qDCK2nxpU2dBMW5KT3FvWnNhYnd5QVpzRDllblYrSjBlell4WmYvaHNHRzJEcVVWajZkZEczZUxzN2s4WnRLeWU5TWNhTXZMMjIvTTFmTmdjQWRJMEdFdGVPYTh2aUE4aExZTGw5cXB5ZmZMY2dNc28rOU1RMXNLU0dZVU5JR3cxWG5MTVJaQzRlTy85a0EwczZxMnlRdVB2WDhJZGZXK09pcHg5RHlDTEMwS1liWkRBQ09GNG9zOUFIRXMxYmFYbXRITkpvUDdjUHdoZ0FmWHR1ZXJHZnVkRTBWQitnelpmcjdFTUdNdWRBY1lTZ2pCV3kvWmhiVFltTGkwSkhHM3VOakowL0VUMSt0S2J1VUR5b0tqQmh2VGJJQT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
afe822e1b3800c6629b396996004fd1ce80c6ed2dd3957343960f6472c2a02b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
906077
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=qDCK2nxpU2dBMW5KT3FvWnNhYnd5QVpzRDllblYrSjBlell4WmYvaHNHRzJEcVVWajZkZEczZUxzN2s4WnRLeWU5TWNhTXZMMjIvTTFmTmdjQWRJMEdFdGVPYTh2aUE4aExZTGw5cXB5ZmZMY2dNc28rOU1RMXNLU0dZVU5JR3cxWG5MTVJaQzRlTy85a0EwczZxMnlRdVB2WDhJZGZXK09pcHg5RHlDTEMwS1liWkRBQ09GNG9zOUFIRXMxYmFYbXRITkpvUDdjUHdoZ0FmWHR1ZXJHZnVkRTBWQitnelpmcjdFTUdNdWRBY1lTZ2pCV3kvWmhiVFltTGkwSkhHM3VOakowL0VUMSt0S2J1VUR5b0tqQmh2VGJJQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
487995
content-length
0
expires
0
landing.php
fp.holmesmind.com/ Frame 9106 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&CFFPCKUUID=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 02:59:52 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame EDAF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 14 Oct 2022 03:09:52 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame EDAF 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=63&o=1&d=1&b=2&ts=1&ii=2&FPCK=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:26 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
36
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
rDomAZyzKET7g3zj4tGNtP2m6xDTNEAInDm4IlbodJeUJPHQqpq7WQ==
ads.js
ad.holmesmind.com/adserver/ Frame B425 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=56&o=1&d=1&b=2&ts=1&ii=2&FPCK=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.19.32 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-19-32.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
832bda454a85e22546832559154f47f5fc41a9298bece3fc2057fa59e542bf1e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 14 Oct 2022 02:59:52 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame B425 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:50 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
7
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
W9sTzrmR5232jw-7Qg1OB16Qn7zbdmJspAI5Z6eOn2smw1wu5kbCYw==
publishertag.js
static.criteo.net/js/ld/ Frame B425 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-1e358"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 15 Oct 2022 02:59:52 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame B425 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:58:52 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
60
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
ltDthyLubTfzEKnqgbulhB8V4oC5vfBOtgA_XxRSYKDtrAu6g7JrcQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame B425 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:51 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
1
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
hOdTF6ZosZPfgIfITd_S2gbeYr0DFtuYRAj6QGu9xs4twuToEOmh8A==
appierV2.js
cdn.holmesmind.com/js/ Frame B425 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:53 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
Jcekk_h-I9kAMnJMePU3Zy2fX9G9PHNRWLfYH1tmFJzKBwdlwo8_Lg==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame B425 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13d69b634ceeee6647713a2568ba53d7f956abaf734f3cfad0ad1e35d1e988c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
fIQgLpkPc8Xa6hWRKpG2InO.92XkfeB1
date
Fri, 14 Oct 2022 02:59:42 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 08:48:47 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
11
etag
"945b888de0f0e51f6997f84814931271"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5760
x-amz-cf-id
MBDV3XUUevCZztWN95-c8QAfUSMR6zcPPKhXsMHEE5AubRbk67-vXQ==
/
t.ssp.hinet.net/ Frame 05BB 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
c74748e6c731263fad6adb78170a9bc690c4e0f717db075c4722e9124b928dc9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 263B 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=bedd9837-c12f-48b4-953f-f01adb33b669
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame B425 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 14 Oct 2022 02:59:53 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame B425 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7388698200997421
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 14 Oct 2022 02:59:52 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame B425
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 14 Oct 2022 02:59:53 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
ls.html
img.scupio.com/html/ Frame CBFF 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2458
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 02:18:58 GMT
etag
W/"583295c9-4dc"
expires
Fri, 21 Oct 2022 02:18:54 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
x-amz-cf-id
kug1xUzb08kj5DF6NXmHCTAjwd54BUb_dE43MgZzIhLH6jx7ZBagHg==
x-amz-cf-pop
JFK50-P1
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame 3FD9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1RBMjAyMjEwMTQxMDU5NTI3MzgyMA%3d%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEC3IQXmQn9xNZNRnZLKgJZM&google_cver=1&google_ula=3918219,0
0
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEC3IQXmQn9xNZNRnZLKgJZM&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 02:59:53 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEC3IQXmQn9xNZNRnZLKgJZM&google_cver=1&google_ula=3918219,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame D229
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 14 Oct 2022 02:59:53 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 14 Oct 2022 02:59:53 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame 3FD9 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1665716392924&cd[SBST]=17&cd[PuID]=reurl
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f175:81:face:b00c:0:25de Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 14 Oct 2022 02:59:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
uxid.aspx
rec.scupio.com/recweb/ Frame 3FD9
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CTA2022101410595273820
  • https://rec.scupio.com/recweb/uxid.aspx?id=496989d7-73a9-365f-b6b4-74e9af5d1698
35 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rec.scupio.com/recweb/uxid.aspx?id=496989d7-73a9-365f-b6b4-74e9af5d1698
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 02:59:53 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
35

Redirect headers

location
https://rec.scupio.com/recweb/uxid.aspx?id=496989d7-73a9-365f-b6b4-74e9af5d1698
date
Fri, 14 Oct 2022 02:59:53 GMT
connection
close
content-length
101
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
syncframe
gum.criteo.com/ Frame 1730 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:52 GMT
server
Kestrel
server-processing-duration-in-ticks
2003702
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame B425 		177 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=131&profileId=184&bundle=eyGpd19rZSUyQkh4R0tQaXF1Q2Fxd2NHUEViODVUUjNlVVpIcGclMkZmUTBsamhxJTJGeVZxY24lMkJuTWFENUlwSkI3MnZ6alBuazZaY0FOVnU5RnF3cVZJVDJWSnhiZnRkdTFWQ3dsVzgwNzBMJTJGR3Zmd0lnSm5aR29UWDM1a3kwcWRDTUkyN2hhUFdtJTJGNnd4VlQybzRESE1wUHNQJTJCRGR5USUzRCUzRA&cb=78443271769
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9f523e2dbff592abe89d6ae5253ce449edcdc2969dda954958fd572debcd4ac3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
events
bidder.criteo.com/csm/ Frame B425 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 14 Oct 2022 02:59:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
sid
mug.criteo.com/ Frame 1730
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=eyGpd19rZSUyQkh4R0tQaXF1Q2Fxd2NHUEViODVUUjNlVVpIcGclMkZmUTBsamhxJTJGeVZxY24lMkJuTW...
  • https://mug.criteo.com/sid?cpp=0D4XTHxlbDFXZHU1WVV2TEJET3hRazg4TUZGeEViL2NVUi9uUU0rNXlFWXZWanl4ODh2azZkVlBGVTcxN0hHOFYwYnJDU3k1Z0JicW04dVJ0YytLYU1aTnBQMkEycDdaRHZsWW1NcXNScGxFUmNMdnZ4aGY4VEhvdnpFVT...
422 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=0D4XTHxlbDFXZHU1WVV2TEJET3hRazg4TUZGeEViL2NVUi9uUU0rNXlFWXZWanl4ODh2azZkVlBGVTcxN0hHOFYwYnJDU3k1Z0JicW04dVJ0YytLYU1aTnBQMkEycDdaRHZsWW1NcXNScGxFUmNMdnZ4aGY4VEhvdnpFVTgrRm91OGRmcWl6ZXZxVzczcUF5WGpuK1RLamJpNlE2cjlTMXRxSGtFQ2FQQ0RpWVRlNnQvQit6Y3VmbTVWWTY0WTVoSnd1VnhqUFdwQjFNNnJrcGdxUzJIeHVBQ1dET1Y2Qm1NMFdnRGdKcmd2RUFidk5zVmM5OUp2bUhMWENOenJ0NWNpRm0yUEdXNmpOcXYwV3pRR2c2NXVWRlZpdz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ca53d65ce23787a386c9a36ea624216f5da24c1553fbc6c53fb5526830b8fb5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1694297
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=0D4XTHxlbDFXZHU1WVV2TEJET3hRazg4TUZGeEViL2NVUi9uUU0rNXlFWXZWanl4ODh2azZkVlBGVTcxN0hHOFYwYnJDU3k1Z0JicW04dVJ0YytLYU1aTnBQMkEycDdaRHZsWW1NcXNScGxFUmNMdnZ4aGY4VEhvdnpFVTgrRm91OGRmcWl6ZXZxVzczcUF5WGpuK1RLamJpNlE2cjlTMXRxSGtFQ2FQQ0RpWVRlNnQvQit6Y3VmbTVWWTY0WTVoSnd1VnhqUFdwQjFNNnJrcGdxUzJIeHVBQ1dET1Y2Qm1NMFdnRGdKcmd2RUFidk5zVmM5OUp2bUhMWENOenJ0NWNpRm0yUEdXNmpOcXYwV3pRR2c2NXVWRlZpdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
773308
content-length
0
expires
0
landing.php
fp.holmesmind.com/ Frame 28CF 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&CFFPCKUUID=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&url=https%3A%2F%2Freurl.cc%2FXV1QXD&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 14 Oct 2022 02:59:53 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame B425 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 14 Oct 2022 03:09:53 GMT
ls.html
img.scupio.com/html/ Frame 174A 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-58.jfk50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2459
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 14 Oct 2022 02:18:58 GMT
etag
W/"583295c9-4dc"
expires
Fri, 21 Oct 2022 02:18:54 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
x-amz-cf-id
BnDos1bjKwFzCvIT-t1DUDUeNOEnXAXY56ottScpdzIfFGEDc9M9zw==
x-amz-cf-pop
JFK50-P1
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame F321
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0lBMjAyMjEwMTQxMDU5NTI5OTM3NTY%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEC3IQXmQn9xNZNRnZLKgJZM&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEC3IQXmQn9xNZNRnZLKgJZM&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 02:59:53 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEC3IQXmQn9xNZNRnZLKgJZM&google_cver=1&google_ula=3918219,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 3F45
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 14 Oct 2022 02:59:53 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 14 Oct 2022 02:59:53 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame F321 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1665716393081&cd[SBST]=17&cd[PuID]=reurl
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f175:81:face:b00c:0:25de Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 14 Oct 2022 02:59:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
idSync
sync.aralego.com/ Frame F321
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CIA20221014105952993756
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/496989d7-73a9-365f-b6b4-74e9af5d1698?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-V_7BGoFE2oXSu8il8viNSDlJ6z4lGgTrPf.qsrg-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=40119fd7-2a7c-4b79-8553-8cb8561cec75
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=496989d7-73a9-365f-b6b4-74e9af5d1698&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=496989d7-73a9-365f-b6b4-74e9af5d1698&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=668a335e-574c-4de9-8572-33609c7eb8db&ssp=ucfunnel&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10610058510660471703&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10610058510660471703&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=e1872ca5-f179-4c9b-82f9-2a7fe20cbe64&ssp=ucfunnel&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10610058510660471703&ssp=ucfunnel&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213800604304002460190&ssp=ucfunnel&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10610058510660471703&ssp=ucfunnel&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=668a335e-574c-4de9-8572-33609c7eb8db
35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=668a335e-574c-4de9-8572-33609c7eb8db
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
connection
close
content-length
35
content-type
image/gif

Redirect headers

Location
//sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=668a335e-574c-4de9-8572-33609c7eb8db
Date
Fri, 14 Oct 2022 02:59:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
emome2
t.ssp.hinet.net/ Frame 05BB 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=bedd9837-c12f-48b4-953f-f01adb33b669
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
cm
t.ssp.hinet.net/ Frame 263B 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&mp=bedd9837-c12f-48b4-953f-f01adb33b669
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
bedd9837-c12f-48b4-953f-f01adb33b669.t.ssp.hinet.net/ Frame 263B 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bedd9837-c12f-48b4-953f-f01adb33b669.t.ssp.hinet.net/pixel?bd=bedd9837-c12f-48b4-953f-f01adb33b669&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
drawV2.js
cdn.holmesmind.com/js/ Frame B425 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FXV1QXD&n=56&o=1&d=1&b=2&ts=1&ii=2&FPCK=154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:9000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 14 Oct 2022 02:59:26 GMT
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
37
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
7pxrxBOd2NQbCnT-7IBu5d-57SMYRonGaQzNqx5Tmi5nN8wPtaocOA==
bid
ad2.apx.appier.net/v1/prebid/ Frame EDAF
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 14 Oct 2022 02:59:53 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame EDAF
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 14 Oct 2022 02:59:53 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame B425
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Fri, 14 Oct 2022 02:59:53 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=zcamCGp6CKaos3IKp9BIYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
pixel
bedd9837-c12f-48b4-953f-f01adb33b669.t.ssp.hinet.net/ Frame 05BB 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bedd9837-c12f-48b4-953f-f01adb33b669.t.ssp.hinet.net/pixel?bd=bedd9837-c12f-48b4-953f-f01adb33b669&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 05BB 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD&mp=bedd9837-c12f-48b4-953f-f01adb33b669
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame D229 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef55b97b394f016fc1b7385ec2b1f3dfa95929292a8200379d9bcfdeffc22964

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 02:59:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57887
Connection
keep-alive
Content-Length
9421
Expires
Fri, 14 Oct 2022 19:04:40 GMT
usync.js
eus.rubiconproject.com/ Frame 3F45 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ef55b97b394f016fc1b7385ec2b1f3dfa95929292a8200379d9bcfdeffc22964

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 02:59:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57887
Connection
keep-alive
Content-Length
9421
Expires
Fri, 14 Oct 2022 19:04:40 GMT
cm
t.ssp.hinet.net/ Frame EDAF 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&mp=bedd9837-c12f-48b4-953f-f01adb33b669
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
bedd9837-c12f-48b4-953f-f01adb33b669.t.ssp.hinet.net/ Frame EDAF 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bedd9837-c12f-48b4-953f-f01adb33b669.t.ssp.hinet.net/pixel?bd=bedd9837-c12f-48b4-953f-f01adb33b669&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame F766
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H2
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
last-modified
Thu, 22 Sep 2022 10:05:53 GMT
server
cloudflare
etag
"632c3381-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3UPoVFPO%2BJSoQfF8K7GNomYDjo%2F7D06d06n4Eom7LpoMDUlScXuz7g3AkSZsa96rek8QzCqDpKIF41L98h4xoimFqsgfFYgvIIJcY4D8AGXUTpteLg3C9flZpnce0WGHUlApqFcXFPym0VYGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
759d0fc529dea23a-YYZ

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
khaos.jpg
token.rubiconproject.com/ Frame D229 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 3F45 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
f69a50991384d09413b97a37bb74928b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubiconid.aspx
bw.scupio.com/adpinline/ Frame D229
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=L97WJ767-1R-5CUJ
  • https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L97WJ767-1R-5CUJ
0
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L97WJ767-1R-5CUJ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 02:59:54 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/javascript
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L97WJ767-1R-5CUJ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
cm
t.ssp.hinet.net/ Frame B425 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD&mp=bedd9837-c12f-48b4-953f-f01adb33b669
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
bedd9837-c12f-48b4-953f-f01adb33b669.t.ssp.hinet.net/ Frame B425 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bedd9837-c12f-48b4-953f-f01adb33b669.t.ssp.hinet.net/pixel?bd=bedd9837-c12f-48b4-953f-f01adb33b669&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 1400
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/XV1QXD
Protocol
H3
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
last-modified
Thu, 22 Sep 2022 10:05:53 GMT
server
cloudflare
etag
"632c3381-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTyEE1%2FMeKf2FUXAnKV5QkkpdeLeMM5N9j639s6wSJ9e%2FU4NAYMmyahnARBxdluXKZirE80Nhdh40hfPPCq5fb0HAIyvU12VjQqe6S9Qm%2F1Cdr2kJaO3fJAL51Qr3OCm4Z0OG751Mxy5kI1DUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
759d0fc67affa1f2-YYZ

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame F766 		975 B
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BIaSI9GR%2BFt5mBIZLMimVh69dA4JLXDWkW1iuUNNW4RFc5LfvcTawfIr%2FAJ7wllWgwf1iu%2Bo10MSmCXpQNFH5HgJyZzJ30ZYR7BwTHmr59r64pO%2BM2MEF2dLzYHLixkeYsL8hH3ZCo3Bu%2FDtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
759d0fc5c9eea1f2-YYZ
idRequest
sync.aralego.com/ Frame F766 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6543da076768544dc2e1cea03247d97301886f77687572e35fb7df2613b820c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ Frame F766 		555 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FXV1QXD&adid=ad-BE78DB396979B34E17BE3B66A3E7D76B&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7949014007285795&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Gaithersburg, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 02:59:54 GMT
X-Width
300
X-Height
250
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-SspId
496989d7-73a9-365f-b6b4-74e9af5d1698
X-Adtype
html
Connection
close
Content-Length
555
tap.php
pixel.rubiconproject.com/ Frame D229
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=40119fd7-2a7c-4b79-8553-8cb8561cec75&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=40119fd7-2a7c-4b79-8553-8cb8561cec75&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=40119fd7-2a7c-4b79-8553-8cb8561cec75&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame D229
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Yzc3NTc1N2RjYTg2MGYwMDNhMmFhOGQ5MDY3OTE0ZTNkMzRiNzU3OQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Yzc3NTc1N2RjYTg2MGYwMDNhMmFhOGQ5MDY3OTE0ZTNkMzRiNzU3OQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Yzc3NTc1N2RjYTg2MGYwMDNhMmFhOGQ5MDY3OTE0ZTNkMzRiNzU3OQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D229
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3V0o3NjctMVItNUNVSg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3V0o3NjctMVItNUNVSg==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3V0o3NjctMVItNUNVSg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D229
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=snSPEbYHTIWxkAsaW2yJDA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=snSPEbYHTIWxkAsaW2yJDA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=snSPEbYHTIWxkAsaW2yJDA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 02:59:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SFWBXTX3W63TY6F82HJJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=snSPEbYHTIWxkAsaW2yJDA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame D229
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L97WJ767-1R-5CUJ
0
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L97WJ767-1R-5CUJ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:53 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D060A73DDE024654931801E724F2765E Ref B: YTO01EDGE0512 Ref C: 2022-10-14T02:59:54Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXq9dH3Ov4EG04Mikgmtw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L97WJ767-1R-5CUJ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D229
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/m4Jbp9Y3sS70fkSeUTyq-8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2556372363546193191
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2556372363546193191
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 14 Oct 2022 02:59:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2556372363546193191
content-length
0
tap.php
pixel.rubiconproject.com/ Frame D229
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO1zzr5EjZKQX4P313eSBOI&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO1zzr5EjZKQX4P313eSBOI&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO1zzr5EjZKQX4P313eSBOI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame D229
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=voHoGQ2VQSG-v49K1dSdGg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=voHoGQ2VQSG-v49K1dSdGg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=voHoGQ2VQSG-v49K1dSdGg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 02:59:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
44DENRHKC52B2RW8BX6Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=voHoGQ2VQSG-v49K1dSdGg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame EA2B 		714 B
774 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
age
95
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
759d0fc67afca1f2-YYZ
content-encoding
br
content-type
text/html
date
Fri, 14 Oct 2022 02:59:53 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i62mdKixiL5ynzA1pY4XekYUhaQrDuRpRtNaWsqMpXv13trUeeRdHeDsxbFZHKd2LLJokF5q%2Fcxm9tZlB0NfVNolAaGHraXY37rDrki2P0%2BD5aStVFV0wN3nipfptlqf%2B%2FGnFDGM%2Fzv%2BjFSfIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame F766 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
connection
close
content-length
35
content-type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EA2B 		79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73ef08f67b3ec61613bbabf5fb22c8598ffa29a84820991c21af27e9bdb65647
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27649
x-xss-protection
0
server
sffe
etag
"1363 / 419 of 1000 / last-modified: 1665698703"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 14 Oct 2022 02:59:54 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 9A3C 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
037d5428331935629d0b9b5f64a70d12510d90a8eec4a43020e546f6caf83d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38105
x-xss-protection
0
server
cafe
etag
13838646689851384264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 02:59:54 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 1400 		975 B
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLp5rNSTqd1rZuxlfKwsLAh7%2FRPxMr1FFeh7NVYcySQOm6dAhQOsQG3GTwzlaOypNRNQF2zpVa9WtshJuiIzV%2BTGsqA4UH1IpV8ksnCHHqK8skRLP0MR9MhR8n5Kb9dd206Bq5ib6Wy6mTckWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
759d0fc73c48a1f2-YYZ
idRequest
sync.aralego.com/ Frame 1400 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?ucfUid=496989d7-73a9-365f-b6b4-74e9af5d1698&lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6543da076768544dc2e1cea03247d97301886f77687572e35fb7df2613b820c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ Frame 1400 		552 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FXV1QXD&adid=ad-BE7A8D43E47B3D23C77A9993A9B8A778&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.07782531481671184&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ucfUid=496989d7-73a9-365f-b6b4-74e9af5d1698&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Gaithersburg, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 02:59:54 GMT
X-Width
300
X-Height
250
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-SspId
496989d7-73a9-365f-b6b4-74e9af5d1698
X-Adtype
html
Connection
close
Content-Length
552
pubads_impl_2022101002.js
securepubads.g.doubleclick.net/gpt/ Frame EA2B 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2baa53d54f1cafc4897d96567e68ee120b016c92218d09c331d70c6b7f4bc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:42:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131337
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 16:09:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 12 Oct 2023 17:42:49 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 1970 		714 B
777 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
age
96
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
759d0fc7cd38a1f2-YYZ
content-encoding
br
content-type
text/html
date
Fri, 14 Oct 2022 02:59:54 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxKCK98nhDqTiXrNPM4IFV1MTdUgwlKP96LyH8uwMubb9uYVqe0sf%2F0KL%2B%2FU1iOl4sDMX39ybkWM1l%2FouWecOzRT73ulNmCfqd131vWz%2FtOf%2BxzQPiUzFWHG%2B5xrY4eQ7d2l6VkezcoJyozbsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 1400 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
connection
close
content-length
35
content-type
image/gif
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ Frame 9A3C 		352 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3189ab4d630eaa25532f3237e4963bce1f0b4084795826001f3b3013d3d0e385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127395
x-xss-protection
0
server
cafe
etag
14817837738247389317
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 02:59:54 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1970 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c25bea91ebe3705228605bb2dcbc17815ce89d38c4d2ebef472b869ade473d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27651
x-xss-protection
0
server
sffe
etag
"1363 / 840 of 1000 / last-modified: 1665698735"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 14 Oct 2022 02:59:54 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 45CD 		113 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45b4f34e8f4435a45eeb521da04a936876432f13165e74ec4aede4456946b812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38105
x-xss-protection
0
server
cafe
etag
18020518282815495653
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 02:59:54 GMT
pubads_impl_2022101002.js
securepubads.g.doubleclick.net/gpt/ Frame 1970 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js?cb=31070339
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2baa53d54f1cafc4897d96567e68ee120b016c92218d09c331d70c6b7f4bc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116155
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131337
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 16:09:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 12 Oct 2023 18:43:59 GMT
integrator.js
adservice.google.ca/adsid/ Frame EA2B 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EA2B 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame EA2B 		498 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3832864619656622&correlator=4038622894755747&eid=31069353&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1665716394349&lmt=1644386353&dlt=1665716394011&idt=310&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=g2ddue47vf0l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1516936719.1665716394&ga_sid=1665716394&ga_hid=142979579&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f132a973ea704b2d682ff2073bf31224b7519d3e0ef262a7ebbecfe6083c4733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
243
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5de7fdd3b31bc574f06d24188c635e83.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C1DC 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5de7fdd3b31bc574f06d24188c635e83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:54 GMT
expires
Sat, 14 Oct 2023 02:59:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ Frame 45CD 		352 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e970382e02d531521354405d9d3692f50e9bd0cbd5bb9b5e624129311820e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127395
x-xss-protection
0
server
cafe
etag
2508583159567755208
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Oct 2022 02:59:54 GMT
integrator.js
adservice.google.ca/adsid/ Frame 1970 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js?cb=31070339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1970 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js?cb=31070339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1970 		498 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4335230392098650&correlator=2793857776484055&eid=31068457%2C31070044%2C31070339&output=ldjh&gdfp_req=1&vrg=2022101002&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1665716394417&lmt=1644386353&dlt=1665716394225&idt=167&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=7wuvpz9hhfiw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2083004244.1665716394&ga_sid=1665716394&ga_hid=1744660786&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js?cb=31070339
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a91de114f6d3db0cee656b2caccb5835628782703dde6646cd1d6ce24b35381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
242
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1b451d5a6dcfee83c04085fd86c08048.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DC86 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1b451d5a6dcfee83c04085fd86c08048.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js?cb=31070339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:54 GMT
expires
Sat, 14 Oct 2023 02:59:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 9A3C 		383 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e632965cc15b9c1628e699b787633bab843f6f2ae034163e6b7581ab36a5700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ Frame 9A3C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9A3C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 08D0 		29 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394196&bpp=15&bdt=367&idt=254&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=2&ga_vid=1968788312.1665716389&ga_sid=1665716394&ga_hid=1702346906&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1487083813&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069972%2C44774292%2C31065825%2C31062930&oid=2&pvsid=4289689248345994&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.84mlsvcc88xn&fsb=1&dtd=275
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56591090d1e78778d8684a4b89aeff425aebd56127829d9bce64e117dc9fb065
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
13014
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 45CD 		383 B
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44685477318ab440b91414cd68b9686594148888b068d37213fedfcbb3b393f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
251
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ Frame 45CD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 45CD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 85DA 		28 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98ad33e187bcedb13bc46cdbfddb8890726d6666fbdf6f1d7043e811e04b84a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12534
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame EA2B 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101002&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3a50c61a47ace8c4e0cbf12fa00c17e69b430318d9613811ecc54368619fb8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11229
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1970 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101002&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js?cb=31070339
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
affa01b992a4b9ae9b35dae39848c8d83bbd73bb6cbcaed4be80c29ea0bad6b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11308
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 14 Oct 2022 02:59:54 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
392957
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame DE72
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ovdYWXxtNS9BYit5cXQ2WnoxaDJnT1p4amJnMWRkTDgzMXRWRWVsN25rNklEQzJ0OTFpWmE3a054Ly9LVXlXZUlnQzZSazFrVXJPbXViN3BXR2tCMVpxTHZ6UG5WRGhURjBmRFVGVVZrN1Qyc1ZTV2NCTEtLTVBDbi9mSn...
424 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ovdYWXxtNS9BYit5cXQ2WnoxaDJnT1p4amJnMWRkTDgzMXRWRWVsN25rNklEQzJ0OTFpWmE3a054Ly9LVXlXZUlnQzZSazFrVXJPbXViN3BXR2tCMVpxTHZ6UG5WRGhURjBmRFVGVVZrN1Qyc1ZTV2NCTEtLTVBDbi9mSnliR2R6cmxSTWk2NUxYS244NllFY1pMRmZsMDBWSVg4R0lucndKVEF5dUVnb3NuVEE1Y1FQQ3dRVWtlQzIrS0RuMTc3ZVdvSXRWYnp0OE43VGtnY0gxQWtFWFc5aTBJNjdiZm1oRk9VOTF3VGJURGRjK0tkYnpRUkpyYTRnM2c2ZisxVkNLVVB1OWQxVHVQMG53TkRSbzl1WHZlamVKSW1nVkRwT2pxRXgwWCtNblRqRURDbz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0c5d78d25212058f8eefa1f198348c51787a8640e3e7cc9c9305f80ccaabf0ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1131909
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=ovdYWXxtNS9BYit5cXQ2WnoxaDJnT1p4amJnMWRkTDgzMXRWRWVsN25rNklEQzJ0OTFpWmE3a054Ly9LVXlXZUlnQzZSazFrVXJPbXViN3BXR2tCMVpxTHZ6UG5WRGhURjBmRFVGVVZrN1Qyc1ZTV2NCTEtLTVBDbi9mSnliR2R6cmxSTWk2NUxYS244NllFY1pMRmZsMDBWSVg4R0lucndKVEF5dUVnb3NuVEE1Y1FQQ3dRVWtlQzIrS0RuMTc3ZVdvSXRWYnp0OE43VGtnY0gxQWtFWFc5aTBJNjdiZm1oRk9VOTF3VGJURGRjK0tkYnpRUkpyYTRnM2c2ZisxVkNLVVB1OWQxVHVQMG53TkRSbzl1WHZlamVKSW1nVkRwT2pxRXgwWCtNblRqRURDbz18&cppv=2
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
581275
content-length
0
expires
0
cm
c.holmesmind.com/ Frame DE72 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
idSync
sync.aralego.com/ Frame DE72 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
connection
close
content-length
35
content-type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1970 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js?cb=31070339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 02:59:54 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EA2B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 02:59:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1FFA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
48145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 13:37:29 GMT
expires
Fri, 13 Oct 2023 13:37:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1339 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bf23c559d6f26279c232474dac2d56c65355263311c2a944b9c1bc7a7f26c7a3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lAXb8PTgofT_W4v1hivC1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-lAXb8PTgofT_W4v1hivC1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:54 GMT
expires
Fri, 14 Oct 2022 02:59:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ovdYWXxtNS9BYit5cXQ2WnoxaDJnT1p4amJnMWRkTDgzMXRWRWVsN25rNklEQzJ0OTFpWmE3a054Ly9LVXlXZUlnQzZSazFrVXJPbXViN3BXR2tCMVpxTHZ6UG5WRGhURjBmRFVGVVZrN1Qyc1ZTV2NCTEtLTVBDbi9mSnliR2R6cmxSTWk2NUxYS244NllFY1pMRmZsMDBWSVg4R0lucndKVEF5dUVnb3NuVEE1Y1FQQ3dRVWtlQzIrS0RuMTc3ZVdvSXRWYnp0OE43VGtnY0gxQWtFWFc5aTBJNjdiZm1oRk9VOTF3VGJURGRjK0tkYnpRUkpyYTRnM2c2ZisxVkNLVVB1OWQxVHVQMG53TkRSbzl1WHZlamVKSW1nVkRwT2pxRXgwWCtNblRqRURDbz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 14 Oct 2022 02:59:54 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
253104
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD61 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
48145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 13:37:29 GMT
expires
Fri, 13 Oct 2023 13:37:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 16AD 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
52f6ef56d44988aa55901c57c20c53322a3d56e6bff17de864f240c5e5cd2b80
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6AQ2gZ40MYoMalsHrBtMqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-6AQ2gZ40MYoMalsHrBtMqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:54 GMT
expires
Fri, 14 Oct 2022 02:59:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dcmads.js
www.googletagservices.com/dcm/ Frame 85DA 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:20:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 14 Oct 2022 03:20:39 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 85DA 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7108d3f9dc1ec6513e64bc020ac3e3f3262b2b2685a0c93431faa601fa0fdfa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28303
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14245
x-xss-protection
0
server
cafe
etag
192306719259198832
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 19:08:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 85DA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 18:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 18:53:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 85DA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 18:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 18:53:41 GMT
l
www.google.com/ads/measurement/ Frame 85DA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQhSF7_Zo5vD_SAGSOkNxThEeOcF9hJzl6SVP1GNlK-KMzkDxSy7sa4Iwl4YzxxHt6H_8v1rm6dSySHz_dqE0uwE0udw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 85DA 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 02:59:54 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 85DA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZSZ0qtBIY-GyI-HtxtYPzfOSoAnXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBMwBT9CbQ0HzQ4_uBeyXoj7UtLdZSsr98bnPOtDgkJ6gb-tdF_4SJ_7Vx0jtodPNMWUo_X_JRJNT16tYv41k3PrA4mPXTqXO2-g9p_qz5biqDzpFKrH1qxad4PYsqfpNHLkzGz1uXp-ISaqWnjRD0XApUUBJ3AuzVR4VOn8IVCjNkzuGRex3jdq9xjG1mxwSz51j7vP93BlSO4c5vmbOLhCjgmAAxdxx0MTA1TB4CC4fT7NLOjMbLd2jcz8zxBzeoJ8HLv3_KZh-IfYGMPyPwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ2aYL0ggPCIBhEAEYHTICigI6AoBAgAoDyAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=rUhvof96XyM&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 14 Oct 2022 02:59:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 14 Oct 2022 02:59:54 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
281178
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame D8FD
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=YJiwT3w3U2dtTVhDMFRlZDJBRnVxVWQwaUFEVjFCc2I3dE92cm85VnR4c3A5T0tydWhxMVhLV3dSa3Rub3VIdVQyMDh6Q3ZBYlZPenFYejlWaXV1ODY3bjI0L0grUmpEY3BvbmVJVEh3cVRPMkJvL2I2REQ5bFdNMGlncl...
437 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=YJiwT3w3U2dtTVhDMFRlZDJBRnVxVWQwaUFEVjFCc2I3dE92cm85VnR4c3A5T0tydWhxMVhLV3dSa3Rub3VIdVQyMDh6Q3ZBYlZPenFYejlWaXV1ODY3bjI0L0grUmpEY3BvbmVJVEh3cVRPMkJvL2I2REQ5bFdNMGlnclRRNEx1dFdubDhVeXh0V3J6WnNlUXk3d01ZODBVa0wrbVlVdzd1N0pPaENxeGhxelM4a0NwSFBBa0hZNTNUYU9saUlPYWVzdXN3VHZ1K1ZlQUFIYlRrUVdpMGhEOFNrUWliVWg4SUdRY0RwS1V0VmZMVFVDUk5EY1FBc1VWWS9naDBHSFJkZG1DMXl0VUlKSHBtTWRSS3E5WUtYc01WMUxVZy9uMmRLc2p5T0lqUkVVTU1Cbz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
63e9ede37dbadd00ddc07e44d82b921a75e9e37887702c59f9f368c4e92a108e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1056969
expires
0

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=YJiwT3w3U2dtTVhDMFRlZDJBRnVxVWQwaUFEVjFCc2I3dE92cm85VnR4c3A5T0tydWhxMVhLV3dSa3Rub3VIdVQyMDh6Q3ZBYlZPenFYejlWaXV1ODY3bjI0L0grUmpEY3BvbmVJVEh3cVRPMkJvL2I2REQ5bFdNMGlnclRRNEx1dFdubDhVeXh0V3J6WnNlUXk3d01ZODBVa0wrbVlVdzd1N0pPaENxeGhxelM4a0NwSFBBa0hZNTNUYU9saUlPYWVzdXN3VHZ1K1ZlQUFIYlRrUVdpMGhEOFNrUWliVWg4SUdRY0RwS1V0VmZMVFVDUk5EY1FBc1VWWS9naDBHSFJkZG1DMXl0VUlKSHBtTWRSS3E5WUtYc01WMUxVZy9uMmRLc2p5T0lqUkVVTU1Cbz18&cppv=2
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
358452
content-length
0
expires
0
idSync
sync.aralego.com/ Frame D8FD 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
connection
close
content-length
35
content-type
image/gif
cm
c.holmesmind.com/ Frame D8FD 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:54 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
pagead2.googlesyndication.com/bg/ Frame 1FFA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:57:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15922
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:57:02 GMT
gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
pagead2.googlesyndication.com/bg/ Frame BD61 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:57:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15922
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:57:02 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=YJiwT3w3U2dtTVhDMFRlZDJBRnVxVWQwaUFEVjFCc2I3dE92cm85VnR4c3A5T0tydWhxMVhLV3dSa3Rub3VIdVQyMDh6Q3ZBYlZPenFYejlWaXV1ODY3bjI0L0grUmpEY3BvbmVJVEh3cVRPMkJvL2I2REQ5bFdNMGlnclRRNEx1dFdubDhVeXh0V3J6WnNlUXk3d01ZODBVa0wrbVlVdzd1N0pPaENxeGhxelM4a0NwSFBBa0hZNTNUYU9saUlPYWVzdXN3VHZ1K1ZlQUFIYlRrUVdpMGhEOFNrUWliVWg4SUdRY0RwS1V0VmZMVFVDUk5EY1FBc1VWWS9naDBHSFJkZG1DMXl0VUlKSHBtTWRSS3E5WUtYc01WMUxVZy9uMmRLc2p5T0lqUkVVTU1Cbz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 14 Oct 2022 02:59:54 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
259849
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame 1339 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101002&jk=3832864619656622&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 16AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101002&jk=4335230392098650&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
dcmads.js
www.googletagservices.com/dcm/ Frame 08D0 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394196&bpp=15&bdt=367&idt=254&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=2&ga_vid=1968788312.1665716389&ga_sid=1665716394&ga_hid=1702346906&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1487083813&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069972%2C44774292%2C31065825%2C31062930&oid=2&pvsid=4289689248345994&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.84mlsvcc88xn&fsb=1&dtd=275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:20:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 14 Oct 2022 03:20:39 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 08D0 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394196&bpp=15&bdt=367&idt=254&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=2&ga_vid=1968788312.1665716389&ga_sid=1665716394&ga_hid=1702346906&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1487083813&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069972%2C44774292%2C31065825%2C31062930&oid=2&pvsid=4289689248345994&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.84mlsvcc88xn&fsb=1&dtd=275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7108d3f9dc1ec6513e64bc020ac3e3f3262b2b2685a0c93431faa601fa0fdfa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28303
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14245
x-xss-protection
0
server
cafe
etag
192306719259198832
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 19:08:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 08D0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394196&bpp=15&bdt=367&idt=254&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=2&ga_vid=1968788312.1665716389&ga_sid=1665716394&ga_hid=1702346906&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1487083813&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069972%2C44774292%2C31065825%2C31062930&oid=2&pvsid=4289689248345994&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.84mlsvcc88xn&fsb=1&dtd=275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 18:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 18:53:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 08D0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394196&bpp=15&bdt=367&idt=254&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=2&ga_vid=1968788312.1665716389&ga_sid=1665716394&ga_hid=1702346906&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1487083813&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069972%2C44774292%2C31065825%2C31062930&oid=2&pvsid=4289689248345994&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.84mlsvcc88xn&fsb=1&dtd=275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 18:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 18:53:41 GMT
l
www.google.com/ads/measurement/ Frame 08D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpRA6JyEPMIP4azvU0m3B8rE3jU3Q3_n38_Btg2FX52vOAWQH6iQdf1nQLWToAiDQzPL1Uvf5z61jxOeidSV5HZn6S2Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394196&bpp=15&bdt=367&idt=254&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=2&ga_vid=1968788312.1665716389&ga_sid=1665716394&ga_hid=1702346906&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1487083813&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069972%2C44774292%2C31065825%2C31062930&oid=2&pvsid=4289689248345994&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.84mlsvcc88xn&fsb=1&dtd=275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 08D0 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394196&bpp=15&bdt=367&idt=254&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=2&ga_vid=1968788312.1665716389&ga_sid=1665716394&ga_hid=1702346906&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1487083813&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069972%2C44774292%2C31065825%2C31062930&oid=2&pvsid=4289689248345994&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.84mlsvcc88xn&fsb=1&dtd=275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 02:59:55 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 08D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cd7ETqtBIY8TmIYWZxtYP5Ne14AbXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBMwBT9CQlgBSohFzy2wXTo3pSSp8zUSbgDp2NowA4bCJYVc1AIu9V94cyUvblIMHB8-c9yBBylYtMCSvPldDoSc9XSt6VNj3Yn1sH870FhpasmmmGTXb1QU5t_RhYbmwMUOw_9hWllUTyrZTeD-g1QM4fpD7ZoOlcmq_mIJ_RwIaKGAgaX8DKPi_0LQl2yjHr3y-aeWbbXm7ujR5RoQPfMgE70SlfMg_7ZFXsOAqyf_iQBwukAUuOJkSZdxRX_h92skYwDFz3cDqnQN7k-iswAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQl-UP0ggPCIBhEAEYHTICigI6AoBAgAoDyAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=on8b--o4SJY&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394196&bpp=15&bdt=367&idt=254&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=2&ga_vid=1968788312.1665716389&ga_sid=1665716394&ga_hid=1702346906&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1487083813&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069972%2C44774292%2C31065825%2C31062930&oid=2&pvsid=4289689248345994&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.84mlsvcc88xn&fsb=1&dtd=275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394196&bpp=15&bdt=367&idt=254&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=2&ga_vid=1968788312.1665716389&ga_sid=1665716394&ga_hid=1702346906&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1487083813&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069972%2C44774292%2C31065825%2C31062930&oid=2&pvsid=4289689248345994&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.84mlsvcc88xn&fsb=1&dtd=275
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 14 Oct 2022 02:59:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
impl_v91.js
www.googletagservices.com/dcm/ Frame 85DA 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:57:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 01:57:34 GMT
B28652088.347319954;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=4286046256;ord=38aemi;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCznA1qtBIY-GyI-HtxtYPzfOSoAnXh8...
ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/ Frame A060 		55 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=4286046256;ord=38aemi;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCznA1qtBIY-GyI-HtxtYPzfOSoAnXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CbQ0HzQ4_uBeyXoj7UtLdZSsr98bnPOtDgkJ6gb-tdF_4SJ_7Vx0jtodPNMWUo_X_JRJNT16tYv41k3PrA4mPXTqXO2-g9p_qz5biqDzpFKrH1qxad4PYsqfpNHLkzGz1uXp-ISaqWnjRD0XApUUBJ3AuzVR4VOn8IVCjNkzuGRex3jdq9xjG1mxwSz51j7vP93BlSO4c5vmbOLhCjgmAAh95QQkk7Bnu821fH_tuvoxA6JyuqXSeOBLW2RAzSBtHnpka1ajJV7yIPv6erwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3GuLrmZgsPWCZvELZrajoL7ebRsA%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=83;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.102 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
af8391653468b8f1a1566ada1e215c582ed1d7b2ad0bdaef95eb2b2fedbe847c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
26017
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 1FFA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SSHGRw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
impl_v91.js
www.googletagservices.com/dcm/ Frame 08D0 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:57:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 01:57:34 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 388E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
31515
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 18:14:40 GMT
etag
48472445140208031
expires
Fri, 14 Oct 2022 18:14:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 85DA 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
267c7336efa0ab2734218b98193b758e3209fe6dc5b58ebb754928d5726df86d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame BD61 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?z4u0Rg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
B28652088.347319954;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1117177279;ord=lv4s57;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DC8yScqtBIY8TmIYWZxtYP5Ne14AbXh8...
ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/ Frame B401 		55 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1117177279;ord=lv4s57;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DC8yScqtBIY8TmIYWZxtYP5Ne14AbXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CQlgBSohFzy2wXTo3pSSp8zUSbgDp2NowA4bCJYVc1AIu9V94cyUvblIMHB8-c9yBBylYtMCSvPldDoSc9XSt6VNj3Yn1sH870FhpasmmmGTXb1QU5t_RhYbmwMUOw_9hWllUTyrZTeD-g1QM4fpD7ZoOlcmq_mIJ_RwIaKGAgaX8DKPi_0LQl2yjHr3y-aeWbbXm7ujR5RoQPfMgE70SlPsoefxysY6vuGoY68XTKCSYPMm8bS8Tsn1EVPlrN6B1rUh4h1scoTFAjAksdwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3Xnrliu5if6exTBUaPPASGBf-WhQ%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=103;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.102 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
d657641956d6c2a087f535ecfbdfedd0f540c4b41549320e63ec46b3976c9f4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
26056
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 48DF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394196&bpp=15&bdt=367&idt=254&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=2&ga_vid=1968788312.1665716389&ga_sid=1665716394&ga_hid=1702346906&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1487083813&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069972%2C44774292%2C31065825%2C31062930&oid=2&pvsid=4289689248345994&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.84mlsvcc88xn&fsb=1&dtd=275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
31515
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 18:14:40 GMT
etag
48472445140208031
expires
Fri, 14 Oct 2022 18:14:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 08D0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
533baa9aa02deae3579e121163671ec1e62b7cea91a9793e912264a9794102f6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 388E
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEAENQhFbD6_kmMIemAbo8Gw&google_cver=1&google_push=AZmPxg_WRKES_j3dX6DpQnGC17a6RlN1AXPdaEgD9derE0aq4tAkEs2LQVtMRAnjPiSyKWS2ZQHcp...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_WRKES_j3dX6DpQnGC17a6RlN1AXPdaEgD9derE0aq4tAkEs2LQVtMRAnjPiSyKWS2ZQHcp2mICBh-X74vVsRZWt-1bOINBw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_WRKES_j3dX6DpQnGC17a6RlN1AXPdaEgD9derE0aq4tAkEs2LQVtMRAnjPiSyKWS2ZQHcp2mICBh-X74vVsRZWt-1bOINBw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 14 Oct 2022 02:59:54 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: DDF7E75D7FC5470199D07E75360EFDC5 Ref B: YTO01EDGE0512 Ref C: 2022-10-14T02:59:55Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_WRKES_j3dX6DpQnGC17a6RlN1AXPdaEgD9derE0aq4tAkEs2LQVtMRAnjPiSyKWS2ZQHcp2mICBh-X74vVsRZWt-1bOINBw
x-li-proto
http/2
content-length
0
x-li-uuid
AAXq9dII/s3eR0LSlEE8Qg==
pixel
cm.g.doubleclick.net/ Frame 388E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJTZTXmESq_1M5GUpzL0Ufc&google_cver=1&google_push=AZmPxg_ExWbhOstDS9YegEAMDJXDc5Uz4rCo4urkab8l0mefAIGJjFMF_WAFQKPQJvw9nANx2xCvyak...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEJTZTXmESq_1M5GUpzL0Ufc&google_cver=1&google_push=AZmPxg_ExWbhOstDS9YegEAMDJXDc5Uz4rCo4urkab8l0mefAIGJjFMF_WAFQKPQJvw9n...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=wJVQhnwSTs6PK32CvfYEx2NI0Ks
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=wJVQhnwSTs6PK32CvfYEx2NI0Ks
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:54 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=wJVQhnwSTs6PK32CvfYEx2NI0Ks
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 388E
Redirect Chain
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEO8AQqwabFapi2uEv-In4u4&google_cver=1&google_push=AZmPxg8hTx0-qvkeZ2LH15toFay6aOLNxbCaFE01Sz6bVkdSm...
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEO8AQqwabFapi2uEv-In4u4&google_cver=1&google_push=AZmPxg8hTx0-qvkeZ2LH15toFay6aOLNxbCaFE01Sz6bVkdSm...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AZmPxg8hTx0-qvkeZ2LH15toFay6aOLNxbCaFE01Sz6bVkdSm3vOWfQf7ewUbvhbTLwxoodlO_fMxS4GzrkBMORreGfOrG0cV9flow&google_hm=MDQwMzAwMD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AZmPxg8hTx0-qvkeZ2LH15toFay6aOLNxbCaFE01Sz6bVkdSm3vOWfQf7ewUbvhbTLwxoodlO_fMxS4GzrkBMORreGfOrG0cV9flow&google_hm=MDQwMzAwMDJfNjM0OGQwYWI0MTNiZA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 14 Oct 2022 02:59:55 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AZmPxg8hTx0-qvkeZ2LH15toFay6aOLNxbCaFE01Sz6bVkdSm3vOWfQf7ewUbvhbTLwxoodlO_fMxS4GzrkBMORreGfOrG0cV9flow&google_hm=MDQwMzAwMDJfNjM0OGQwYWI0MTNiZA%3D%3D
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
pixel
cm.g.doubleclick.net/ Frame 388E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJRHnd8XxcJ4WOGU4UsD1wg&google_cver=1&google_push=AZmPxg_76cpo2HKCvE0F11SXUeKEhQp23N5qCvXTgW9CM_hFuZthiZrtqErz_lV8zqvVpUlHJhOqNGMm...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJRHnd8XxcJ4WOGU4UsD1wg&google_cver=1&google_push=AZmPxg_76cpo2HKCvE0F11SXUeKEhQp23N5qCvXTgW9CM_hFuZthiZrtqErz_lV8zqvVpUlHJhO...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEwNDkzODEwNjc1MTAzMTAwNQ&google_push=AZmPxg_76cpo2HKCvE0F11SXUeKEhQp23N5qCvXTgW9CM_hFuZthiZrtqErz_lV8zqvVpUlHJhOqNG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEwNDkzODEwNjc1MTAzMTAwNQ&google_push=AZmPxg_76cpo2HKCvE0F11SXUeKEhQp23N5qCvXTgW9CM_hFuZthiZrtqErz_lV8zqvVpUlHJhOqNGMmNfd50i5tcyyPKcpj31z5lA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEwNDkzODEwNjc1MTAzMTAwNQ&google_push=AZmPxg_76cpo2HKCvE0F11SXUeKEhQp23N5qCvXTgW9CM_hFuZthiZrtqErz_lV8zqvVpUlHJhOqNGMmNfd50i5tcyyPKcpj31z5lA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 388E
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEO1ZwoQbLS7DF2J67NMj05w&google_cver=1&google_push=AZmPxg9KPu3oBjbEACDQWsbPwzosu7PRLWGdiPGM05vktpe7vhaoIf1zlrEJo8ypsbpBSVB1dq18jEVw5nk7RMSMBz4Gfwufk...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4NzE3OTk1MTQ1NTQwNjAwMFYxMA%3d%3d&mn_hm=MzA4NzE3OTk1MTQ1NTQwNjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9KPu3oBjbEACDQWsbPwzosu7P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4NzE3OTk1MTQ1NTQwNjAwMFYxMA%3d%3d&mn_hm=MzA4NzE3OTk1MTQ1NTQwNjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9KPu3oBjbEACDQWsbPwzosu7PRLWGdiPGM05vktpe7vhaoIf1zlrEJo8ypsbpBSVB1dq18jEVw5nk7RMSMBz4GfwufkwFBtw&gdpr=&gdpr_consent=
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 02:59:55 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4NzE3OTk1MTQ1NTQwNjAwMFYxMA%3d%3d&mn_hm=MzA4NzE3OTk1MTQ1NTQwNjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg9KPu3oBjbEACDQWsbPwzosu7PRLWGdiPGM05vktpe7vhaoIf1zlrEJo8ypsbpBSVB1dq18jEVw5nk7RMSMBz4GfwufkwFBtw&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Fri, 14 Oct 2022 02:59:55 GMT
pixel
cm.g.doubleclick.net/ Frame 388E
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESECnZkE68RBthug04M-yxEOM&google_cver=1&google_push=AZmPxg8-_ySveu1HnWSvkNbwQpay5xnhLTesWoBy5dVVi2Vt-bSxiJ0zFGEZHouUiHy0I2T4JY775VuIEuYHB6VrAcgGj4iYIPEiWQ
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg8-_ySveu1HnWSvkNbwQpay5xnhLTesWoBy5dVVi2Vt-bSxiJ0zFGEZHouUiHy0I2T4JY775VuIEuYHB6VrAcgGj4iYIPEiWQ&google_hm=def9a84b659e32e4b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg8-_ySveu1HnWSvkNbwQpay5xnhLTesWoBy5dVVi2Vt-bSxiJ0zFGEZHouUiHy0I2T4JY775VuIEuYHB6VrAcgGj4iYIPEiWQ&google_hm=def9a84b659e32e4b38edf76d41dd1b7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg8-_ySveu1HnWSvkNbwQpay5xnhLTesWoBy5dVVi2Vt-bSxiJ0zFGEZHouUiHy0I2T4JY775VuIEuYHB6VrAcgGj4iYIPEiWQ&google_hm=def9a84b659e32e4b38edf76d41dd1b7
date
Fri, 14 Oct 2022 02:59:55 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame 388E
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEA5efQAgjFoTcl0brIe7Ca4&google_cver=1&google_push=AZmPxg9AIYyCB4ZImkO2Xv6sMlIYB8mW2EdteMG5-AugkkE1XXotX7LGUNUXgZREwPrIFDg8uAHEKjY5xzzyfhL00t7yNvD...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg9AIYyCB4ZImkO2Xv6sMlIYB8mW2EdteMG5-AugkkE1XXotX7LGUNUXgZREwPrIFDg8uAHEKjY5xzzyfhL00t7yNvD4O820Pg&google_hm=NTYwNzk5N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg9AIYyCB4ZImkO2Xv6sMlIYB8mW2EdteMG5-AugkkE1XXotX7LGUNUXgZREwPrIFDg8uAHEKjY5xzzyfhL00t7yNvD4O820Pg&google_hm=NTYwNzk5NzM0MTY2ODQ4NzIyMA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg9AIYyCB4ZImkO2Xv6sMlIYB8mW2EdteMG5-AugkkE1XXotX7LGUNUXgZREwPrIFDg8uAHEKjY5xzzyfhL00t7yNvD4O820Pg&google_hm=NTYwNzk5NzM0MTY2ODQ4NzIyMA==
Date
Fri, 14 Oct 2022 02:59:55 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame 388E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6VG0QHGPE9FUFS0khniZuKGopSJEqgqfXHxuE631utqapSgnALA8PBI4ye25CJAiWGvU_2A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394370&bpp=13&bdt=282&idt=159&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=1&ga_vid=1968788312.1665716389&ga_sid=1665716395&ga_hid=1465205857&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=3424980858&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880&oid=2&pvsid=1795106906936474&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p3ajemej8wmi&fsb=1&dtd=176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
2096787193885194759
s0.2mdn.net/simgad/ Frame A060 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2096787193885194759
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=4286046256;ord=38aemi;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCznA1qtBIY-GyI-HtxtYPzfOSoAnXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CbQ0HzQ4_uBeyXoj7UtLdZSsr98bnPOtDgkJ6gb-tdF_4SJ_7Vx0jtodPNMWUo_X_JRJNT16tYv41k3PrA4mPXTqXO2-g9p_qz5biqDzpFKrH1qxad4PYsqfpNHLkzGz1uXp-ISaqWnjRD0XApUUBJ3AuzVR4VOn8IVCjNkzuGRex3jdq9xjG1mxwSz51j7vP93BlSO4c5vmbOLhCjgmAAh95QQkk7Bnu821fH_tuvoxA6JyuqXSeOBLW2RAzSBtHnpka1ajJV7yIPv6erwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3GuLrmZgsPWCZvELZrajoL7ebRsA%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=83;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e9fc8e92f03de032c64b3a9c690a2507b22bdb84eb249b3229b7bd5479f53c07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 11:58:31 GMT
x-content-type-options
nosniff
age
54084
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49858
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 16:55:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 11:58:31 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/xfa/ Frame A060 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=4286046256;ord=38aemi;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCznA1qtBIY-GyI-HtxtYPzfOSoAnXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CbQ0HzQ4_uBeyXoj7UtLdZSsr98bnPOtDgkJ6gb-tdF_4SJ_7Vx0jtodPNMWUo_X_JRJNT16tYv41k3PrA4mPXTqXO2-g9p_qz5biqDzpFKrH1qxad4PYsqfpNHLkzGz1uXp-ISaqWnjRD0XApUUBJ3AuzVR4VOn8IVCjNkzuGRex3jdq9xjG1mxwSz51j7vP93BlSO4c5vmbOLhCjgmAAh95QQkk7Bnu821fH_tuvoxA6JyuqXSeOBLW2RAzSBtHnpka1ajJV7yIPv6erwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3GuLrmZgsPWCZvELZrajoL7ebRsA%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=83;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4037
x-xss-protection
0
server
cafe
etag
4842123143989086801
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 19:09:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame A060 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=4286046256;ord=38aemi;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCznA1qtBIY-GyI-HtxtYPzfOSoAnXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CbQ0HzQ4_uBeyXoj7UtLdZSsr98bnPOtDgkJ6gb-tdF_4SJ_7Vx0jtodPNMWUo_X_JRJNT16tYv41k3PrA4mPXTqXO2-g9p_qz5biqDzpFKrH1qxad4PYsqfpNHLkzGz1uXp-ISaqWnjRD0XApUUBJ3AuzVR4VOn8IVCjNkzuGRex3jdq9xjG1mxwSz51j7vP93BlSO4c5vmbOLhCjgmAAh95QQkk7Bnu821fH_tuvoxA6JyuqXSeOBLW2RAzSBtHnpka1ajJV7yIPv6erwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3GuLrmZgsPWCZvELZrajoL7ebRsA%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=83;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 18:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 18:51:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A060 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=4286046256;ord=38aemi;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCznA1qtBIY-GyI-HtxtYPzfOSoAnXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CbQ0HzQ4_uBeyXoj7UtLdZSsr98bnPOtDgkJ6gb-tdF_4SJ_7Vx0jtodPNMWUo_X_JRJNT16tYv41k3PrA4mPXTqXO2-g9p_qz5biqDzpFKrH1qxad4PYsqfpNHLkzGz1uXp-ISaqWnjRD0XApUUBJ3AuzVR4VOn8IVCjNkzuGRex3jdq9xjG1mxwSz51j7vP93BlSO4c5vmbOLhCjgmAAh95QQkk7Bnu821fH_tuvoxA6JyuqXSeOBLW2RAzSBtHnpka1ajJV7yIPv6erwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3GuLrmZgsPWCZvELZrajoL7ebRsA%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=83;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 02:59:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A060 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsua6YHKgVI9iGCH4H81QnW7pag4x9fQSSYztPIX2t5GDR-J2-RczYggSzYJp1zxUCAuNJz8-vLU42C5ahoj9k777jmGNCeKUqxgWtTzzE04h1LpRfaRVkhogIh-Ay2WlAzWVxYpi5M3olo_jCvTMQ0&sai=AMfl-YQHyNr5P1GY8Tu4-Thh0om6f7H6MlENrTPXZvSqL7tFZYxpwR73RzImoCrzyJEmkQCnQvf1AzYhPcdF6zPHBwT9M7UBs6NTcMHJkJ2p&sig=Cg0ArKJSzElwB1vfIWy0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20221012.11937&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=4286046256;ord=38aemi;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCznA1qtBIY-GyI-HtxtYPzfOSoAnXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CbQ0HzQ4_uBeyXoj7UtLdZSsr98bnPOtDgkJ6gb-tdF_4SJ_7Vx0jtodPNMWUo_X_JRJNT16tYv41k3PrA4mPXTqXO2-g9p_qz5biqDzpFKrH1qxad4PYsqfpNHLkzGz1uXp-ISaqWnjRD0XApUUBJ3AuzVR4VOn8IVCjNkzuGRex3jdq9xjG1mxwSz51j7vP93BlSO4c5vmbOLhCjgmAAh95QQkk7Bnu821fH_tuvoxA6JyuqXSeOBLW2RAzSBtHnpka1ajJV7yIPv6erwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3GuLrmZgsPWCZvELZrajoL7ebRsA%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=83;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A060 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=4286046256;ord=38aemi;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCznA1qtBIY-GyI-HtxtYPzfOSoAnXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CbQ0HzQ4_uBeyXoj7UtLdZSsr98bnPOtDgkJ6gb-tdF_4SJ_7Vx0jtodPNMWUo_X_JRJNT16tYv41k3PrA4mPXTqXO2-g9p_qz5biqDzpFKrH1qxad4PYsqfpNHLkzGz1uXp-ISaqWnjRD0XApUUBJ3AuzVR4VOn8IVCjNkzuGRex3jdq9xjG1mxwSz51j7vP93BlSO4c5vmbOLhCjgmAAh95QQkk7Bnu821fH_tuvoxA6JyuqXSeOBLW2RAzSBtHnpka1ajJV7yIPv6erwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3GuLrmZgsPWCZvELZrajoL7ebRsA%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=83;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 18:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
463513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 18:14:42 GMT
8200205318022760606
s0.2mdn.net/simgad/ Frame B401 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8200205318022760606
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1117177279;ord=lv4s57;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DC8yScqtBIY8TmIYWZxtYP5Ne14AbXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CQlgBSohFzy2wXTo3pSSp8zUSbgDp2NowA4bCJYVc1AIu9V94cyUvblIMHB8-c9yBBylYtMCSvPldDoSc9XSt6VNj3Yn1sH870FhpasmmmGTXb1QU5t_RhYbmwMUOw_9hWllUTyrZTeD-g1QM4fpD7ZoOlcmq_mIJ_RwIaKGAgaX8DKPi_0LQl2yjHr3y-aeWbbXm7ujR5RoQPfMgE70SlPsoefxysY6vuGoY68XTKCSYPMm8bS8Tsn1EVPlrN6B1rUh4h1scoTFAjAksdwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3Xnrliu5if6exTBUaPPASGBf-WhQ%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=103;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
39ff6f3f6e8d487ca00ecf77b396371228be7873f89ba0d8862193a24b64aeb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 08:27:10 GMT
x-content-type-options
nosniff
age
66765
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48153
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 16:52:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 08:27:10 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/xfa/ Frame B401 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1117177279;ord=lv4s57;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DC8yScqtBIY8TmIYWZxtYP5Ne14AbXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CQlgBSohFzy2wXTo3pSSp8zUSbgDp2NowA4bCJYVc1AIu9V94cyUvblIMHB8-c9yBBylYtMCSvPldDoSc9XSt6VNj3Yn1sH870FhpasmmmGTXb1QU5t_RhYbmwMUOw_9hWllUTyrZTeD-g1QM4fpD7ZoOlcmq_mIJ_RwIaKGAgaX8DKPi_0LQl2yjHr3y-aeWbbXm7ujR5RoQPfMgE70SlPsoefxysY6vuGoY68XTKCSYPMm8bS8Tsn1EVPlrN6B1rUh4h1scoTFAjAksdwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3Xnrliu5if6exTBUaPPASGBf-WhQ%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=103;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4037
x-xss-protection
0
server
cafe
etag
4842123143989086801
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 19:09:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame B401 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1117177279;ord=lv4s57;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DC8yScqtBIY8TmIYWZxtYP5Ne14AbXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CQlgBSohFzy2wXTo3pSSp8zUSbgDp2NowA4bCJYVc1AIu9V94cyUvblIMHB8-c9yBBylYtMCSvPldDoSc9XSt6VNj3Yn1sH870FhpasmmmGTXb1QU5t_RhYbmwMUOw_9hWllUTyrZTeD-g1QM4fpD7ZoOlcmq_mIJ_RwIaKGAgaX8DKPi_0LQl2yjHr3y-aeWbbXm7ujR5RoQPfMgE70SlPsoefxysY6vuGoY68XTKCSYPMm8bS8Tsn1EVPlrN6B1rUh4h1scoTFAjAksdwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3Xnrliu5if6exTBUaPPASGBf-WhQ%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=103;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 18:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 18:51:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B401 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1117177279;ord=lv4s57;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DC8yScqtBIY8TmIYWZxtYP5Ne14AbXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CQlgBSohFzy2wXTo3pSSp8zUSbgDp2NowA4bCJYVc1AIu9V94cyUvblIMHB8-c9yBBylYtMCSvPldDoSc9XSt6VNj3Yn1sH870FhpasmmmGTXb1QU5t_RhYbmwMUOw_9hWllUTyrZTeD-g1QM4fpD7ZoOlcmq_mIJ_RwIaKGAgaX8DKPi_0LQl2yjHr3y-aeWbbXm7ujR5RoQPfMgE70SlPsoefxysY6vuGoY68XTKCSYPMm8bS8Tsn1EVPlrN6B1rUh4h1scoTFAjAksdwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3Xnrliu5if6exTBUaPPASGBf-WhQ%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=103;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 02:59:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B401 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsum2xOK2cG9WSitj9_kstyRxRlkeq-h4j3Nx3CKTMnfqUtaF5P58pQyYiUM0K6G6h3YK1XAOB-WjpJX3Fdrd6y5IZHBzarLqvQBcSsvqST6Mr8tNgSAPdLAuo_EklXSw4g0fptI3kanCYA02WYry6A&sai=AMfl-YQ-I5pk7wfcvc7SNyLs-1KxoBm2eLsgXL9AJzpNvuhfJey3tAS3kb9-CEUMC3ge8Ye6KjoFwILY6IeK0htFkwYltN-m9HBuXdJumVN9&sig=Cg0ArKJSzFVXIwUSvpFdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221012.13685&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1117177279;ord=lv4s57;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DC8yScqtBIY8TmIYWZxtYP5Ne14AbXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CQlgBSohFzy2wXTo3pSSp8zUSbgDp2NowA4bCJYVc1AIu9V94cyUvblIMHB8-c9yBBylYtMCSvPldDoSc9XSt6VNj3Yn1sH870FhpasmmmGTXb1QU5t_RhYbmwMUOw_9hWllUTyrZTeD-g1QM4fpD7ZoOlcmq_mIJ_RwIaKGAgaX8DKPi_0LQl2yjHr3y-aeWbbXm7ujR5RoQPfMgE70SlPsoefxysY6vuGoY68XTKCSYPMm8bS8Tsn1EVPlrN6B1rUh4h1scoTFAjAksdwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3Xnrliu5if6exTBUaPPASGBf-WhQ%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=103;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B401 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1117177279;ord=lv4s57;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DC8yScqtBIY8TmIYWZxtYP5Ne14AbXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CQlgBSohFzy2wXTo3pSSp8zUSbgDp2NowA4bCJYVc1AIu9V94cyUvblIMHB8-c9yBBylYtMCSvPldDoSc9XSt6VNj3Yn1sH870FhpasmmmGTXb1QU5t_RhYbmwMUOw_9hWllUTyrZTeD-g1QM4fpD7ZoOlcmq_mIJ_RwIaKGAgaX8DKPi_0LQl2yjHr3y-aeWbbXm7ujR5RoQPfMgE70SlPsoefxysY6vuGoY68XTKCSYPMm8bS8Tsn1EVPlrN6B1rUh4h1scoTFAjAksdwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3Xnrliu5if6exTBUaPPASGBf-WhQ%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=103;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 18:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
463513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 18:14:42 GMT
pixel
cm.g.doubleclick.net/ Frame 48DF
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEODY2vMGpgzx1sUzOzH6sKI&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NjY5OTg1MWUtYjU0Yi00YWZmLWFlM2MtYWIwYTkwNDZhNmYw&google_gid=CAESEODY2vMGpgzx1sUzOzH6sKI&google_cver=1&google_push=AZmPxg95...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NjY5OTg1MWUtYjU0Yi00YWZmLWFlM2MtYWIwYTkwNDZhNmYw&google_gid=CAESEODY2vMGpgzx1sUzOzH6sKI&google_cver=1&google_push=AZmPxg95aiUfaqcTJ43Mqip70P8tkFXSgt5G2D9W-M_M68J16JfTf2UkJn2SIB4hkrxD3vQ3D_0_OQTHwp4Zlz6qeo52wmWVQSg2I35_rzDlAa939JdmHvtW3c60DwWZIQJ-AcKeJ6hwZm067qTjnDONLkI
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NjY5OTg1MWUtYjU0Yi00YWZmLWFlM2MtYWIwYTkwNDZhNmYw&google_gid=CAESEODY2vMGpgzx1sUzOzH6sKI&google_cver=1&google_push=AZmPxg95aiUfaqcTJ43Mqip70P8tkFXSgt5G2D9W-M_M68J16JfTf2UkJn2SIB4hkrxD3vQ3D_0_OQTHwp4Zlz6qeo52wmWVQSg2I35_rzDlAa939JdmHvtW3c60DwWZIQJ-AcKeJ6hwZm067qTjnDONLkI
date
Fri, 14 Oct 2022 02:59:55 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
CookieSyncAdX
rtb.adentifi.com/ Frame 48DF 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEMscXqZ2VGiwEz_bh9Crtl4&google_cver=1&google_push=AZmPxg_G3-R1o763ZyuJhqPzTzgY3TcgZcaq_EHpwSnNW7m0A13iFY0nudB2xPnXXjG5XayaFrdNeMyara-4J4SxXZPljjEDEP4mVfbetLjIdj9HrWwJ03gBGZPN1EceV47-Mc_XJdEfMg77KvvUATFePs8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394196&bpp=15&bdt=367&idt=254&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=2&ga_vid=1968788312.1665716389&ga_sid=1665716394&ga_hid=1702346906&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1487083813&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069972%2C44774292%2C31065825%2C31062930&oid=2&pvsid=4289689248345994&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.84mlsvcc88xn&fsb=1&dtd=275
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.159.16 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
pixel
cm.g.doubleclick.net/ Frame 48DF
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEHYWso-8l9I-WQ0_zvi36uk&google_cver=1&google_push=AZmPxg84g7FJy6KVmxPVOCUnwgJ1BSS0O8pUhddpqBfkebTRkmtBqQqinY7xVknLT9V7q4l-hsN4GrbNbmZK...
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AZmPxg84g7FJy6KVmxPVOCUnwgJ1BSS0O8pUhddpqBfkebTRkmtBqQqinY7xVknLT9V7q4l-hsN4GrbNbmZKMDJXKAb1zfrsb6JxfCxiVqwx39OqtUx3r_JymH2T60Dlka...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AZmPxg84g7FJy6KVmxPVOCUnwgJ1BSS0O8pUhddpqBfkebTRkmtBqQqinY7xVknLT9V7q4l-hsN4GrbNbmZKMDJXKAb1zfrsb6JxfCxiVqwx39OqtUx3r_JymH2T60Dlkacb0Jx9Qdiwgee5Air6RiD13Lo
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 02:59:55 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AZmPxg84g7FJy6KVmxPVOCUnwgJ1BSS0O8pUhddpqBfkebTRkmtBqQqinY7xVknLT9V7q4l-hsN4GrbNbmZKMDJXKAb1zfrsb6JxfCxiVqwx39OqtUx3r_JymH2T60Dlkacb0Jx9Qdiwgee5Air6RiD13Lo
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
249
Expires
Tue, 29 May 1984 15:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 48DF
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOBHmBzf0KmZBvOqQzlLtqY&google_cver=1&google_push=AZmPxg89fJuRGFlCFCSMmTodi4Eb7AJnmqP-k0xhtBtEX2Rvt4p2LiH_8y8Mp9aH1ZtShUHh7MimAJdqmrpC-vX6hPWXQsJTC6GKH...
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOBHmBzf0KmZBvOqQzlLtqY&google_cver=1&google_push=AZmPxg89fJuRGFlCFCSMmTodi4Eb7AJnmqP-k0xhtBtEX2Rvt4p2LiH_8y8Mp9aH1ZtShUHh7MimAJdqmrpC-vX6hPWXQsJTC6GKH...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg89fJuRGFlCFCSMmTodi4Eb7AJnmqP-k0xhtBtEX2Rvt4p2LiH_8y8Mp9aH1ZtShUHh7MimAJdqmrpC-vX6hPWXQsJTC6GKHWDB7XLt04x2S9uLbd8fFb0vzPgFDQ8X8F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg89fJuRGFlCFCSMmTodi4Eb7AJnmqP-k0xhtBtEX2Rvt4p2LiH_8y8Mp9aH1ZtShUHh7MimAJdqmrpC-vX6hPWXQsJTC6GKHWDB7XLt04x2S9uLbd8fFb0vzPgFDQ8X8FE0bZUiM8qQjvG1v8gU-A&google_hm=FFBendpFzQQnVRrveO6g_A==
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg89fJuRGFlCFCSMmTodi4Eb7AJnmqP-k0xhtBtEX2Rvt4p2LiH_8y8Mp9aH1ZtShUHh7MimAJdqmrpC-vX6hPWXQsJTC6GKHWDB7XLt04x2S9uLbd8fFb0vzPgFDQ8X8FE0bZUiM8qQjvG1v8gU-A&google_hm=FFBendpFzQQnVRrveO6g_A==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
m9uu3i3ksp215sc9jgrlsmjtgj5b5kko
pixel
cm.g.doubleclick.net/ Frame 48DF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEwt3zZxlN0k5J6qTc26kkw&google_cver=1&google_push=AZmPxg_hb0QuxGa7QRtyfRtdJnfJy--f5u0rj22wE_maFI2DIbxg3wowQOePppLgUOqmWcArEurQEjgPnz-At...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEwt3zZxlN0k5J6qTc26kkw&google_push=AZmPxg_hb0QuxGa7QRtyfRtdJnfJy--f5u0rj22wE_maFI2DIbxg3wowQOePppLgUOqmWcArEurQEjgPnz-At...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_hb0QuxGa7QRtyfRtdJnfJy--f5u0rj22wE_maFI2DIbxg3wowQOePppLgUOqmWcArEurQEjgPnz-AtEzmtN9htCKzaL4W6PTlec5_fWPgYygRV35SMhUnQAuCfb_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_hb0QuxGa7QRtyfRtdJnfJy--f5u0rj22wE_maFI2DIbxg3wowQOePppLgUOqmWcArEurQEjgPnz-AtEzmtN9htCKzaL4W6PTlec5_fWPgYygRV35SMhUnQAuCfb_fxZR1jAqMS5EEfuRu0sGntjE&google_hm=VTRfTS1PaHo3ejFNQ1FSUlRYMXo=
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 14 Oct 2022 02:59:55 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg_hb0QuxGa7QRtyfRtdJnfJy--f5u0rj22wE_maFI2DIbxg3wowQOePppLgUOqmWcArEurQEjgPnz-AtEzmtN9htCKzaL4W6PTlec5_fWPgYygRV35SMhUnQAuCfb_fxZR1jAqMS5EEfuRu0sGntjE&google_hm=VTRfTS1PaHo3ejFNQ1FSUlRYMXo=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 48DF
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEGjNs3C6dhRCIz5zBNND_qc&google_cver=1&google_push=AZmPxg9SOpqqddONR6ro9IxKazKBTLa4rE8irWIjKv4OFT3HRY6JS3WWIG3dqpEgcnEgSidOI9dQSKv53NghZU6S4gGRVK...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGjNs3C6dhRCIz5zBNND_qc&google_cver=1&google_push=AZmPxg9SOpqqddONR6ro9IxKazKBTLa4rE8irWIjKv4OFT3HRY6JS3WWIG3dqpEgcnEgSidOI9dQSKv53NghZU6S...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=tADezQi5SiiKlZ-t7E6ymg&google_push=AZmPxg9SOpqqddONR6ro9IxKazKBTLa4rE8irWIjKv4OFT3HRY6JS3WWIG3dqpEgcnEgSidOI9dQSKv53NghZU6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=tADezQi5SiiKlZ-t7E6ymg&google_push=AZmPxg9SOpqqddONR6ro9IxKazKBTLa4rE8irWIjKv4OFT3HRY6JS3WWIG3dqpEgcnEgSidOI9dQSKv53NghZU6S4gGRVKLDiiA-NEU3iGQfN40Ju6edse1kn0YaJAcoapCjITT5jsQwdYCZsj1-468aQg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394196&bpp=15&bdt=367&idt=254&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=2&ga_vid=1968788312.1665716389&ga_sid=1665716394&ga_hid=1702346906&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1487083813&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069972%2C44774292%2C31065825%2C31062930&oid=2&pvsid=4289689248345994&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.84mlsvcc88xn&fsb=1&dtd=275
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=tADezQi5SiiKlZ-t7E6ymg&google_push=AZmPxg9SOpqqddONR6ro9IxKazKBTLa4rE8irWIjKv4OFT3HRY6JS3WWIG3dqpEgcnEgSidOI9dQSKv53NghZU6S4gGRVKLDiiA-NEU3iGQfN40Ju6edse1kn0YaJAcoapCjITT5jsQwdYCZsj1-468aQg
access-control-allow-origin
*
date
Fri, 14 Oct 2022 02:59:55 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 48DF
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEJsyFjLYTe0KLEHPGepzFSA&google_cver=1&google_push=AZmPxg-vy4vryqbwKki9tQq2mjZWpsjjcXDbNXKJcHkCEoQZ3G5-xXaIO5lWOPtmtGgRCAFh0Cf5tTy5...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEJsyFjLYTe0KLEHPGepzFSA%26google_cver%3D1%26google_push%3DAZmPxg-vy4vryqbwKki9tQ...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A1418115485428064156&exchange=193&google_gid=CAESEJsyFjLYTe0KLEHPGepzFSA&google_cver=1&google_push=AZmPxg-vy4vryqbwKki9tQq2mjZWpsjjcXDbNXKJcHkCEoQZ3G5-...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE0MTgxMTU0ODU0MjgwNjQxNTY&google_push=AZmPxg-vy4vryqbwKki9tQq2mjZWpsjjcXDbNXKJcHkCEoQZ3G5-xXaIO5lWOPtmtGgRCAFh0Cf5tTy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE0MTgxMTU0ODU0MjgwNjQxNTY&google_push=AZmPxg-vy4vryqbwKki9tQq2mjZWpsjjcXDbNXKJcHkCEoQZ3G5-xXaIO5lWOPtmtGgRCAFh0Cf5tTy5B6Xnt1_lkXJdumdIxx_6N1QYkMPFCxMjWr2RDcemlU0sTdfRAx6VKiNtKgzvRXVijmPNCjdMzj_H
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE0MTgxMTU0ODU0MjgwNjQxNTY&google_push=AZmPxg-vy4vryqbwKki9tQq2mjZWpsjjcXDbNXKJcHkCEoQZ3G5-xXaIO5lWOPtmtGgRCAFh0Cf5tTy5B6Xnt1_lkXJdumdIxx_6N1QYkMPFCxMjWr2RDcemlU0sTdfRAx6VKiNtKgzvRXVijmPNCjdMzj_H
Date
Fri, 14 Oct 2022 02:59:55 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 48DF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KSQzj3EGu7LVGNxRQ5r6N8xgj0p2zZxCw757N-72cNm1-byDzrlKPuS_1JPUE1xYAnOjPrrQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242783&pi=t.ma~as.2784%2F12679&w=300&lmt=1665716394&url=https%3A%2F%2Freurl.cc%2FXV1QXD&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665716394196&bpp=15&bdt=367&idt=254&shv=r20221012&mjsv=m202210100101&ptt=5&saldr=sa&correlator=6302531720354&frm=23&ife=1&pv=2&ga_vid=1968788312.1665716389&ga_sid=1665716394&ga_hid=1702346906&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=1487083813&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069972%2C44774292%2C31065825%2C31062930&oid=2&pvsid=4289689248345994&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.84mlsvcc88xn&fsb=1&dtd=275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame A060 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85f6e430adccba1a608fbba80734cd0f659576b38784c4e97cb310bbd40a9294
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5657
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5B3D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
463513
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Oct 2022 18:14:42 GMT
expires
Sun, 08 Oct 2023 18:14:42 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame B401 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c07cc04fe7b5991dc6d55256e04fdda62ee81b6b0d21b955ef437721511efa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5637
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BC6D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
463513
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Oct 2022 18:14:42 GMT
expires
Sun, 08 Oct 2023 18:14:42 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A060 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsua6YHKgVI9iGCH4H81QnW7pag4x9fQSSYztPIX2t5GDR-J2-RczYggSzYJp1zxUCAuNJz8-vLU42C5ahoj9k777jmGNCeKUqxgWtTzzE04h1LpRfaRVkhogIh-Ay2WlAzWVxYpi5M3olo_jCvTMQ0&sai=AMfl-YQHyNr5P1GY8Tu4-Thh0om6f7H6MlENrTPXZvSqL7tFZYxpwR73RzImoCrzyJEmkQCnQvf1AzYhPcdF6zPHBwT9M7UBs6NTcMHJkJ2p&sig=Cg0ArKJSzElwB1vfIWy0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=388&vt=11&dtpt=386&dett=2&cstd=0&cisv=r20221012.11937&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=4286046256;ord=38aemi;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCznA1qtBIY-GyI-HtxtYPzfOSoAnXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CbQ0HzQ4_uBeyXoj7UtLdZSsr98bnPOtDgkJ6gb-tdF_4SJ_7Vx0jtodPNMWUo_X_JRJNT16tYv41k3PrA4mPXTqXO2-g9p_qz5biqDzpFKrH1qxad4PYsqfpNHLkzGz1uXp-ISaqWnjRD0XApUUBJ3AuzVR4VOn8IVCjNkzuGRex3jdq9xjG1mxwSz51j7vP93BlSO4c5vmbOLhCjgmAAh95QQkk7Bnu821fH_tuvoxA6JyuqXSeOBLW2RAzSBtHnpka1ajJV7yIPv6erwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3GuLrmZgsPWCZvELZrajoL7ebRsA%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=83;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A060 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 02:59:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 45CD 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221012&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77d84456057bc43af7cfea53539d504d119b54815338ace55ad6c0483b1eb83a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11050
x-xss-protection
0
7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
pagead2.googlesyndication.com/bg/ Frame 5B3D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15945
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:53:17 GMT
7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
pagead2.googlesyndication.com/bg/ Frame BC6D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15945
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:53:17 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B401 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsum2xOK2cG9WSitj9_kstyRxRlkeq-h4j3Nx3CKTMnfqUtaF5P58pQyYiUM0K6G6h3YK1XAOB-WjpJX3Fdrd6y5IZHBzarLqvQBcSsvqST6Mr8tNgSAPdLAuo_EklXSw4g0fptI3kanCYA02WYry6A&sai=AMfl-YQ-I5pk7wfcvc7SNyLs-1KxoBm2eLsgXL9AJzpNvuhfJey3tAS3kb9-CEUMC3ge8Ye6KjoFwILY6IeK0htFkwYltN-m9HBuXdJumVN9&sig=Cg0ArKJSzFVXIwUSvpFdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=352&vt=11&dtpt=351&dett=2&cstd=0&cisv=r20221012.13685&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N46002.4004367FIVECOOKIESDIGITAL/B28652088.347319954;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=1117177279;ord=lv4s57;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DC8yScqtBIY8TmIYWZxtYP5Ne14AbXh873bMWTzsTIENS5jrigDhABINLMgRpg_eiigfADoAHnvY7OAsgBCakC7DcB9CUZgT6oAwGqBM8BT9CQlgBSohFzy2wXTo3pSSp8zUSbgDp2NowA4bCJYVc1AIu9V94cyUvblIMHB8-c9yBBylYtMCSvPldDoSc9XSt6VNj3Yn1sH870FhpasmmmGTXb1QU5t_RhYbmwMUOw_9hWllUTyrZTeD-g1QM4fpD7ZoOlcmq_mIJ_RwIaKGAgaX8DKPi_0LQl2yjHr3y-aeWbbXm7ujR5RoQPfMgE70SlPsoefxysY6vuGoY68XTKCSYPMm8bS8Tsn1EVPlrN6B1rUh4h1scoTFAjAksdwAShqdepmgSgBhGAB4HC8bEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA5gLAcgLAYAMAbgMAdgTA9AVAZgWAfgWAYAXAQ%26num%3D1%26sig%3DAOD64_3Xnrliu5if6exTBUaPPASGBf-WhQ%26client%3Dca-pub-4485239425924787%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=6,https%3A%2F%2Freurl.cc$2,,,,,https%3A%2F%2Freurl.cc%2F$0;xdt=1;crlt=ke1VH.BQRZ;stc=1;chaa=1;sttr=103;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B401 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221012/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 02:59:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9A3C 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221012&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
400e1bd26e029c5f5715dc6ce9babcecb86861d2ae034c5174aa14f20fe4ebce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11067
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 45CD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 02:59:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9A3C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Oct 2022 02:59:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EA2B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101002&jk=3832864619656622&bg=!enmleT3NAAYeOJy_Pjg7ACkAdvg8Wvt6Nhw-BrJi3pVlQdnQ7utVdXorqsvITH8hmkkvRTkIQRE45gIAAAELUgAAAAJoAQcKACE9I9rDghxAERcXKLExMkdgv7bFi5wPPn3RFNJyF0CcLX2ZAv3DK877Ks_ukomKNZS7sCbAjTJ7j1F5yndAAXqjL26xval1E7RW6b__e3ASmLyeDsNIcz9CFAH5vP5jVuVCd83KG4dtaPUEANATmLBWHGhAu9rEgFNLWI6yeck31u79Pu_kUDLnd125j1ZdYJSB-5ByV_rGW5wrhwhf6OHfZtQG3Kj5U7p-U4zEvGz-YWOxAbG4WSNdJZeJYOQvTEYVgJKPVER9QP-tgigdaQMDXkvnLTkRs8fqppN_aT2CMNk_7y5_nrvi0MEtbmAceqa9yZXdldu5aJmcZA-CXPs9yY1s2godFsLM3lPtls2HN8DHt5HtMyLKDIExw3yadO8NtmsX0TU5FMk3DkocBlo9UFBTZlJOHKAQx_YfimyDj2OwJJtrsSEzHE-GaBXmsRDe4jJVT8jqB3ujumZFG0LkGgEg7rw14DCLMS-wiljwDLfzNL-DXM1Dh4MEdwKbavezW02hb_AGVv6cAjwpRt8eo5PkEFfAWQaLJE5xy_66KXuuBhq4-5oL_j_3XAeE3mX5LXWX1wXULrX1ft95Akv-pFuzOMJ0Hekxvg9fmCNATMoZPHRDYKiuXyhtMceJTW9JRzy8BKnN6ueVFlQMX5Xu2Sac7KiateR0u0OuVm17rektgdjzjr8vKOVMWIAbyAlVJfaq8iIe0IT1IZ7hoj4OWoT7en5nC0UoZilJjQN5s7OWRhJ6zSwP1ODmPwH7R4Ub5eBwy8C3v1tWN1sa4DTlMvq1voCKCpGgU2nx_fkRIQ8o6V7-Ty7oxBuAPJXu-rkx0gcstyEiy8j_L_fJvPBSm11qrTfSkRUwR9JajUr-JVvQQQQdI7rrFM1m0-1evHyRFoHYzACmE-iwmHfq2nnMXTZw52l-z2IsesXI-K6t7_gXCENBRHqFbfKB3a30OVTnuWoGY6Go8Gth6JtyTfpzkwfENhcXQRm1SIWk7_Ho-IcqtDtK4KgDjjo9W5qovFzct-7PEmke3dt-4KjMGJVnyOhvcF6QKE7BN1yknf7afxY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
pagead2.googlesyndication.com/bg/ Frame D1B1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:57:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15922
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:57:02 GMT
gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
pagead2.googlesyndication.com/bg/ Frame D9CF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:57:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15922
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:57:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1970 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101002&jk=4335230392098650&bg=!WFulWx_NAAYeOJy_Pjg7ACkAdvg8Wm376ppFiPtJD94TvY5ECKdJYuf-_MXO-hIiQtWdkHGOa8LXQgIAAAEYUgAAAAJoAQeZAvY-OjWQBHlimwmA5dbvyzFJWAI3SCgfascwKZy2rIpEQ7tunOETA5vbmDU_T_7bYqSQTFuYwTfT68j6q8URonqItdAynmbuW1Gl5uy1QuLpVgnAM90QE8RsRG6AORqoAE2_26BbodXoIBZxIubTm0eozyNaY7Znpfm1XCQ3KW1Zf6TSqFWOEll1plGDOkMhi9CMJqRczaXG4Jn_0_mzkVhbAe4bm3vTjr3tPjR3vCSW89He2_csxJ9kMO5aH9147TF6e3rdonTCNCRaCvMoWIJPuC4OFK8EFuodGIihdvu1XE7BtuBuoLjAPSLT0vQeuJ9dt-zROTLg35j-ggzao073FmM1VvB2VyMSs0jXvPlcNOeGKYuxGLiAXGlN7iNFH7DrM-AqQl8SOQxIrJFKJFuY9ERpXCaK2k-AYQJ0wNDj0E-k0cLoviYr0UCL5ymAVLRj1i__bID7cyUHEk3dhI29EuUEerw4GEeJkaoMRRBn6QiSDrIUiv8ExXv87PGctFFCQraeeok4hHQTmT9X-v-Vq9ocvH7mTmmWMN27Tcze5u73ntuFjogg3K1c3urqZYgfcZWMv6IcS0rOjgl_rCc6l8VZgz1pNjoVJxnHWOdoPwabB1xoPWWPSBTDF_1eMWPdkcPyCpkcX-zuNp6ppY4VvDJT89HNQraAqhDo50tG8PyzKB0PnzkntJG6TO1-SYdEffhZoxtTEfEF5QNv2w_0Mst3nqtkbtft5s1Ft5aoSguWSc7v9tfpd_E7ycPcRRHXJ3x61Oa6mKFNhUgjltmgpdQmcc42rWtWka9-NhXjXQSnO93Ow577ugvEj4fNFXHM1zRYK1zbpj5IjvLdgRe3of-YX2snrAGcBfne9zOsSRkEVHY3dX_qUEHW8IUyWZC4LAOpcuLrEYTrpXqYL9nNMAT9Ds1Te__nuc4Ioi_L5fkfwXHYB9ERZbWxGuX46sO6RGbRaV_iUgk1QKbpAaU8zcwTlpW6Cwss-PBnZ4_T_VfNO5uDwg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7A09 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
48146
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 13:37:29 GMT
expires
Fri, 13 Oct 2023 13:37:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9344 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e2aa813a75447774ff6d4079725356b152e26e8dab24e61945e18c475621b01d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YCfDZDoiD25Vqmls6a8mdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-YCfDZDoiD25Vqmls6a8mdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:55 GMT
expires
Fri, 14 Oct 2022 02:59:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EB1A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
48146
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 13:37:29 GMT
expires
Fri, 13 Oct 2023 13:37:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5ACD 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
392654ef99155d9eb30d0458073e5e0a0c49276402d563b13b4378c4af6c03e7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pLTKP_V1gXJVmCJYhj0Otw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-pLTKP_V1gXJVmCJYhj0Otw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 14 Oct 2022 02:59:55 GMT
expires
Fri, 14 Oct 2022 02:59:55 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 9344 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221012&jk=1795106906936474&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
pagead2.googlesyndication.com/bg/ Frame 7A09 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:57:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15922
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:57:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5ACD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221012&jk=4289689248345994&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
pagead2.googlesyndication.com/bg/ Frame EB1A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gGH5MXBYpKK8b4jYkKtywiBl7RPPQJG6QKYwKihakJE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:57:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15922
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 18:57:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B3D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSKzvq9BIY7bwCISeoPMPkaOs0AIAAAAAOAHgBAI&bg=!np2lndnNAAYeOJy_Pjg7ACkAdvg8WkzWHpsEzFCPv-Fa8OGRglvPQ_cwvwmBnMiayKSjP6Tq0navtAIAAAFMUgAAAAJoAQeZAzj6ZphqFoJc--MRkX7iFAqdG1v_3MtyI3ppGqFusMJo0Y2oQKuNQ6hfUFawjb-YTZMNye87q7MzeFyuCvlQiM90SJaHLQ3z7zWtd2_BjOfDsFSiIWEqyNZ8X7baPaxrWbl6yIrOgZ2pmdkPVW4-M02saK3-d-wyjjq9k6Oln2gSk_1lWxyPvRUIRAgI6T5ZrugCDJLIFaY6OMQjPRenH6sfUjcLaCcgR6uLKA5an4wCDetWYuJx4cBwryR7e5kXfHwOeLAIZHcBUnUTngkpPQA3Wl_wGxB6ln9PdprxH-vVbm49-ixFLpIyW_qhTE7a4CpW10oIHSR4AufyIsfPAOPTbyfjrr4WPX3GpunMemnCO0B6sQdCc7NA11cOsVjoJFLzcBE30oLoR1LdX6q9EwE6_wi5jBat_iu2nEGUVuHdxdoSjK9-Fe64hFSXEM-pDf1wDUGJvZVI5SOdvDld0-OLzMgeVuNGKoCW69AzW_bWsC9YtkhHPLJcEOnXCztGyIRmwWtWFZKcxdWuVGiHLe7NwDNEroLTGQeaVvieeH9oKYFATGNpVxHEHLMGfUyGvBGLHJqirbEfZk0hxwUOPcurHp9hwKe1mCFwg2Bc_bWGTktmy3tgjlvbTiTgZM-Cmq4mdjwVaGPH9JZyOdsIR684RgeGhRPNlwa7RxGVhAsiO4NUCCgcdmGBVRD9lCTT-kM8089cAwfInBhXp3EtcARtTKKiQp8xD0ms2J70rI-Ja-Sm0jzLWurUacuE3L2IfSR6V7Fz7FsMyaG7w0zRDBX6-xNJ28mr1oCTVo14n0xZgV1_OH60SmunNyhwX0EKVbzjlUHW1gP69cjXD9UIhzYg8p_soz4H6ZJaBS9hkEWMGbSGrU_ZLj7XZw8rqKsxUb7VJPVWpPSGtitMMgZCeunBRYbfMswB5aiS7lH5lU9taIqURX8eSGcC7Xu7dQBjgZdWYRBmndWvJnn5UXbe5S7DGrxQJImg1uIHrIlK2cG2oZ0cyXd-ToFTFX5Rj5ZYiV-5Fs3oyHFQnsb0dZS7Oqe19ClOHMU4tymIWZLJBjmlJyjKSOjeJqinz-2aSkhUmBiSiwgDa8dnLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC6D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0Gxzq9BIY4f7C7adoPMP1pSAoAoAAAAAOAHgBAI&bg=!3d6l3prNAAYeOJy_Pjg7ACkAdvg8WiudsT-9tld_xaVUAKMyHeHLa5-I-lCOuAQh6YXwcYg7wnHmMQIAAAE_UgAAAAJoAQcKADxPHDwsjIkHj0SYsZRU33j9dd610tHDA1H2NO05NE5QhzqdL1B0ODWoaol6l4U93NZHQiLZ3rx20b8RFnyZA0PmN81SnxDJeQfJCWdZOkDb6pKJ6ykggCl-jtvOGDjlG-FeVCrno2lgoaGRDXRfZoJbv1Om3mtF4yBU9Ap-Prb0bczsznlj3uLO1kl83tYkM9xcaIl1RikSf6V4YjXj9CTx2F0SL6kM9VC_cTI3Wnm-E0dpEJ15Oab4VobEdocQ8RvUMY7k63_ZGrhn10Y7KGH7Qeckx0xiaXFrr4ak3-cSSo3GQGP-ky8wGz5N3tY-zUF0DhnhzvROBIG9q755SPutvVb588MUj7Foi4J4nMr3tPfXbTSChOAln645oCgBm9qX8z5Dtwlyw5fDO0qcZ6jsMw0NrVbTzH0I4oH8Wjok5kb0CUl6UtNxEpOwjof5dY1Wbx_q4uSuchGB4Mbt8scKorKIWdOPMfoDl8084Lsinm9Uy4Mb972bi3QGE2ak8X_andPzQAdkPHYb5QlJ7wv8s8KsdSQiyZ05lwBOUT-wN5_IBJ_iEODA7w_9cRK8HE37863TEtw9dBXw6z7HuXOkeWlJ0QQH3pOkOo8am-3q80wezxkMGionVW7manurqnRTf6mtSYMla4cpRVFYyv6ixJDuSP5fwl9ckCqvgoBlS5sMHgn3bc1sIjdzyOxUl2J80SR0tDme1rdANnCvTLzx039gXqnOhXD97oZm1wFEABW99kakyWZ88h3hyi2XvcZ3foSAbXcQ21jjtw246OBnF9cCm5j6rfgkKU686qAZwIIFNMVCOIBULcKMG58djLvMiUPO_LXFO-ZIhbK7ncXh9ZqFlNikg1-Cdz9832aEq9fxi_hUdEpGTA-MACBquFlNO9VoRvWbmfohN9R2ZOdAknvf9ydJD9p2NZkUl0jipAfjKgkc4F2sFdwimkHVbosIACyCMJF0jakUO-sywDriPVgpAeWAJ12cgRrEv_fd0YpSiJNtZpJMMsrZ7sQktjx6xz93OUcZNh_iZRQVGUTePpx0ymsRIuPIj6SsOmj5ebLlGiu2WBmk8TRwlsPsJ0TV-QgPNPk4Q4WMBUIBraHutcrrLMs5I_sMoKQ282TKdwnEl-_Sn5sl29iqc0mjY_WXPzEo9ghlKCIk_gqgvdrnyFcktaLqzsqjKb98Gwvwd06X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 85DA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcpvE4rivSx0qXPdHffy5AkPdRgcm_h8hfng7S7_gOGCwcjjN6orJspDo5blU-mL1pzen08zP1TV5z_dwbEI8rSLYwfpDENPO4piLqlgC0JboWc7Gy1XzBwRUpMQzvlxNGn4xoYUTHi4FT9RnPfqaW-HXNpSamJ6Drafswq8jEXJhb1s6YLYIrQVOWhJrmzR3ixcd0RHiCwuFK_AnhPtyhkF-dYGcvtO_gIPkZtSMhuRuEunwB9wiA9hCty4Og0FPVpvOmXiPTfEl-wJceVUpJ0Rm_Mfy4fDOQS1vB8QBNWRIP-OF_vVmJA8ne-MCw5rB0lf_kARItYNXNQY1Nl2cNvy9rFKXsp56nNjkyA6WpH9_cxjN15LRRLGC8lDi2q4NQN_sIlLYeJIgHyXl6MbRSxR6p3KHedt7XebB1ugA0h0TzPSFxedX1pMv5_NkrGd3XQGdfFEhjGhtpxrNxiuRFwNs4PDec_oofozuSETxjOBkxoeNSJGnPLGLp9xBog3EqrlyECaMoMNwlzedpHG_G7BC-4ITEMqpobFvUWEoKXiB_UrZVKUlsaoaAOphO7RCgA1ENsjkeOCN8zUAl-7piq7qd44l9kgTARK5H5kozrdSfq4oy2BY3tnUeFocfYaAR7T_tN5N2WTZTw7gqyvZRz5fP81NXccQ3BWqR-GInmmRIA7ES9mGe_4bJ3--EjfaXfAgAZbvo_UdEEn-gwOU0vZqrTbYZ3pcLC-kaC-GiR1upt3jd6mmBz5D0LgVI2vWczKS2iLmnt503C00RuhWdTP5YaIxikdGkwbUsEPK1I-9Beyzd5k1NmO9vw8MMfFlrXxfbQbFfpHYAXGCzJmXErMwQSKoqNIctZrMfbWH630883gt-RDTCPOiXn0h8nwdWs6hxoBMPMfhbq4p7yJsovAmWkAqws6d_UV3H09wIDfUgOQXIP5XNdpY&sai=AMfl-YRQBzJxFDrzod_54mAZgfzYSpcCKjse9TCxu252UJ9dfek8SUcMvmN-99VKhtjTrzEkPxBOOUfXVk2z7Kk3ALIg-4_YgprV2mlON53eUvAoZp8g-8L-T5A&sig=Cg0ArKJSzPmTWJ6FFf9SEAE&cid=CAASFeRo95Jw365QfKbWbKTHwVJPfXCvCA&id=lidar2&mcvt=1022&p=0,0,250,300&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=727071374&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665716394547&rpt=550&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 08D0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPD4iLBiLj1yyZjgp1WO0vyHhmd24Vx6DV3fuq4tZIPJN6V0Qtzwg8Dsk1skCa2XSc_Rxnlpx6Mwg53dFLnq_MJKukBPiGJxHLOWg9lvykO3TclKu--yhWfeaxNtCxVx8xD2ketSe9OGdEFAWXzqiqT7jxN5-D4hELhoJQLjK5USFjhY4CjmBSRgmesMR24lR2Uum4Sqwe3JZ5YVzyPI43PFKMEJGC36BK12t1Z7C8R9F_ZdJi8oe24LWqNRG9s7gXlideZ11Ci0XWfhgHdME2AAYSByETF62AkaPAdRIJ3iKJdLeYQNJDUayYzGQkn7pY3A21rP8qRpwDKJPNcCxsgDaw_v7wQuahat_EvDjPBRn2_Mwd3nd_jlDS2L5p-QGwEVPHslQTbWnD3EtHY8IhI7sxTdlb6sI_UnnNIMn_xXH8TSBIK1hIWxMUAUf2pR9OKNsqXEpiaukqjSiY1rPhFeifVuEL1mcliFSz_vdEC_qjd_y0QH-qe7CTOiEI54IzigpY6TPiJAWDrutb6umD2NWMGDbUsPabrGErU0e0TYDDMy-5d7s4H1DHJPWHGBxYDN-Yv87fwHhv7_OjyzwCr0GYSdUBwBVen2eQb9RtEcmUTQUNn4_UoPoSNBUfkBYD2-46e0aAd18U-F0wrV5J3CI-p_ioiZMWjbcW5_TclptLwdbAAi0P05ZlOdAun0U0aTI0P_d6faMACUWoA_LAXykgeOIjevcWmks1Qk37xOKkVXdCrwKrtRXsqxViyqK6dJ3SPmEObNlzfi1cKSlO-Q8GmUjpDrTVUd6gYNvCfv_-z3vtppFN3za8ZIrKrUAVT_ugR8oNvRvVO5QQ8xPfusLE4_VCpuVw27mpvHxHz8C6VGbsLG4HyuJyKv8iXGqhj4RnSJf-vo26mTKDUrclMwzj3pNz1jDIR6tljecfFDXMl4uo5XRg99M&sai=AMfl-YRbBgMLLvHec2rCxKSb3Rh-4u2N4tEajIo5dVc0CjyPZ9FCHS2rlQeLnyWKtWs_S-4JBfQ0ewqkxRbpM7-3zRyHCRvckZmNNfntcj0dnnWaspCABeIKd_M&sig=Cg0ArKJSzK7iHFYq-8D_EAE&cid=CAASFeRowhDy6M5hh6YQnTuuLAn0ONUhqw&id=lidar2&mcvt=1008&p=0,0,250,300&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3645501049&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665716394473&rpt=732&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 02:59:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 7A09 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XxTT1Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame EB1A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?M4-yrw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:59:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| fbq function| _fbq string| partnerId function| hiball object| __hitagCmdQueue function| Vue object| renews function| getRenewsFeeds object| app string| labelToken string| category string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| SD object| device function| sitemajiDebugger string| adUnitType number| edmpvct number| edmpcct function| c_tag_mk number| cftkn function| chktkn object| Scupioads function| hasOwnProperty object| scupiosdk object| ElandTracker function| stfpjs function| cookie_mapping object| hitag object| criteo_syncframe_state object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

58 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _ga
Value: GA1.2.1968788312.1665716389
.reurl.cc/ Name: _gid
Value: GA1.2.704163967.1665716389
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _fbp
Value: fb.1.1665716389915.1987427224
.prnasia.com/ Name: __cf_bm
Value: NLQQmwtHyzKEglrSIIcDo7kQHCNW3OgkpZbo8vnNurA-1665716390-0-AYnDuHka6cJQmzZOsKTVmnrs3/q7AQ1J28cHmbmAbfsE8DaAQLdB4JgjrTKTnWqDiw5AyKgLoNVcTR18fJ1XLdM=
reurl.cc/ Name: CFFPCKUUID
Value: 154-PMhpMJq9xZ4lanKHCbZi9Bhw0A5qoWlY
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 9930-O7FxOh0PIzphpAWD4YicvyKtQfcPYNXD
.hinet.net/ Name: uuid
Value: bedd9837-c12f-48b4-953f-f01adb33b669
.reurl.cc/ Name: _ht_a546ca
Value: 1
.holmesmind.com/ Name: P
Value: 803857-UCqrKGMTpGN6tgesctC8wZGQWgEuiZHD
.holmesmind.com/ Name: Vision
Value: 20221014-23:59,20221014-13,20221014-13,20221014-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.reurl.cc/ Name: _ht_hi
Value: 1
.reurl.cc/ Name: _ht_em
Value: 1
.reurl.cc/ Name: __htid
Value: bedd9837-c12f-48b4-953f-f01adb33b669
.reurl.cc/ Name: _ht_50ef57
Value: 1
.c.appier.net/ Name: _auid
Value: zcamCGp6CKaos3IKp9BIYw
.criteo.com/ Name: uid
Value: daa928f7-ec0d-48bf-a2ca-0a22e035a1ba
.holmesmind.com/ Name: fcm
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUndpibL_DY9-0pEsEUZayT54mrQoEGEwsLXR2cs8bQIFjkUmhNGUmC_-l_0pHU
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.scupio.com/ Name: fxc
Value: 1
.scupio.com/ Name: gx
Value: H4sIAChBSWMA%2fxNmYGDg4ua4d%2frQ%2bmPPplkLsAqxcNgLMAEAjXURURcAAAA%3d
.reurl.cc/ Name: cto_bundle
Value: __HnkV9rZSUyQkh4R0tQaXF1Q2Fxd2NHUEViOHlzRGNwSDFSUzd0anMwc1l6MlNFTlRSV3VoZzB2dHhXYWFrT2JjckNseHI1czNXaXpJTjRqZFVBTkVGNHNkTGo3dWM3cURYbEZoWTI5c3E0Q3ZTS2hNeTdNOUFxbm5xNjV2ell6YWRsc3IlMkZWTCUyQldZTHF1MzhiQTN1WnBvT0FkeXclM0QlM0Q
.aralego.com/ Name: sspid
Value: 496989d7-73a9-365f-b6b4-74e9af5d1698
.yahoo.com/ Name: A3
Value: d=AQABBKnQSGMCENvSQGgszk_j_1tC32BVM9AFEgEBAQEiSmNSYwAAAAAA_eMAAA&S=AQAAApbky8rHNlottwMQXKMD7_8
.adsrvr.org/ Name: TDID
Value: 40119fd7-2a7c-4b79-8553-8cb8561cec75
.rubiconproject.com/ Name: khaos
Value: L97WJ767-1R-5CUJ
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCOTHq7rG5pY7EAUYBSACKAIyCwjGs9Lk3OaWOxAFOAE.
.bidswitch.net/ Name: tuuid
Value: 668a335e-574c-4de9-8572-33609c7eb8db
.bidswitch.net/ Name: c
Value: 1665716394
.bidswitch.net/ Name: tuuid_lu
Value: 1665716394
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&699d5b23-3806-428e-8f06-963d4937f279"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2890:u=1:x=1:i=1665716394:t=1665802794:v=2:sig=AQEd6DK2ESXS9NMYB_ZtddjM0d-OKLdc"
.scupio.com/ Name: gxc
Value: 1
.mookie1.com/ Name: id
Value: 10610058510660471703
.mookie1.com/ Name: mdata
Value: 1|10610058510660471703|1665716394171
.mookie1.com/ Name: ov
Value: cc56241d7d0be05898e249a438c72c30
.tapad.com/ Name: TapAd_TS
Value: 1665716394244
.tapad.com/ Name: TapAd_DID
Value: e1872ca5-f179-4c9b-82f9-2a7fe20cbe64
.scupio.com/ Name: OrgKeyValue
Value: CIA20221014105952993756
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.scupio.com/ Name: uxc
Value: 1
.mookie1.com/ Name: syncdata_TAP
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A6MsKVJiU05Gkk1m_i6A3t8
.agkn.com/ Name: ab
Value: 0001%3A1rFG%2BK86l3THwv3NwKiYHsww5tVNWYnb
.mookie1.com/ Name: syncdata_NEU
Value: 1
.reurl.cc/ Name: __gads
Value: ID=10615b8e5672f227-22703659b0d700f2:T=1665716394:RT=1665716394:S=ALNI_MYY3rOqDyxxLSlKhy5Eu3yiyQnVYw
.reurl.cc/ Name: __gpi
Value: UID=00000883517cf202:T=1665716394:RT=1665716394:S=ALNI_MZDmP_BzqfXeTFvBHkUBcOXBLum_g
.rubiconproject.com/ Name: audit
Value: 1|fXCzujVG5htb7GhFCRtuj09ECkgOV0iSubtluxeVp/oeECEUBMheiqDOWope40t5KajmZXE1zhrqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.scupio.com/ Name: rubiconid
Value: L97WJ767-1R-5CUJ

3 Console Messages

Source Level URL
Text
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 111)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1b451d5a6dcfee83c04085fd86c08048.safeframe.googlesyndication.com
5de7fdd3b31bc574f06d24188c635e83.safeframe.googlesyndication.com
8e67a25c-15d7-4123-867c-bcae61492d42.t.ssp.hinet.net
a.rfihub.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.ca
adservice.google.com
ajax.googleapis.com
b1sync.zemanta.com
bedd9837-c12f-48b4-953f-f01adb33b669.t.ssp.hinet.net
bidder.criteo.com
blog.alphaloan.co
bw.scupio.com
c.holmesmind.com
c.us1.dyntrk.com
c1.adform.net
cc.adingo.jp
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cm.g.doubleclick.net
connect.facebook.net
creditcards.com.tw
cs.media.net
dsp.adkernel.com
eus.rubiconproject.com
fcm.holmesmind.com
fp.holmesmind.com
geo.yahoo.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i0.wp.com
img.gbyhn.com.tw
img.racingcharger.tw
img.scupio.com
m.holmesmind.com
match.360yield.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
mweb.ck.inmobi.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-apac.rubiconproject.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
px.ads.linkedin.com
rec.scupio.com
reurl.cc
rtb.adentifi.com
rtb.openx.net
rtb2-useast.e-volution.ai
s.amazon-adsystem.com
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
sync.aralego.com
sync.extend.tv
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagservices.com
www.rayskyinvest.com
x.bidswitch.net
103.132.192.30
104.105.42.146
104.196.162.239
104.45.178.220
107.178.246.49
108.139.47.58
13.225.214.84
142.250.80.66
142.251.32.102
142.251.40.226
15.235.43.132
162.210.196.208
172.105.199.172
174.137.133.49
185.167.164.39
192.0.77.2
192.0.78.187
192.0.78.244
192.96.200.41
199.38.167.131
2001:4998:14:800::1000
2001:4998:58:207::6000
203.75.214.136
207.198.113.86
210.59.219.175
210.59.219.180
210.59.219.181
23.3.125.24
23.52.167.93
2600:1f18:4e9:5a07:612d:608:b2d3:fc51
2600:9000:23cb:a800:3:1794:2540:93a1
2600:9000:24f0:9000:0:e06c:e940:93a1
2606:4700:20::681a:567
2606:4700:3032::6815:43a6
2606:4700:3034::6815:6009
2606:4700::6810:5914
2606:4700::6810:fc04
2607:f8b0:4004:c1b::9b
2607:f8b0:4006:808::2004
2607:f8b0:4006:809::200e
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2003
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81f::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2006
2607:f8b0:4006:823::200a
2620:100:a001::4
2620:100:a001::c
2620:1ec:21::14
2a03:2880:f082:9:face:b00c:0:3
2a03:2880:f175:81:face:b00c:0:25de
3.33.220.150
34.102.176.152
34.117.219.39
34.192.159.16
34.95.67.231
34.96.119.68
35.185.130.121
35.186.215.140
35.190.90.30
35.201.76.93
35.211.178.172
35.227.249.156
35.227.252.103
35.244.196.223
44.197.4.46
44.199.127.73
52.198.19.32
52.46.130.91
54.239.38.253
54.85.143.236
64.74.236.31
69.173.151.100
69.173.158.64
74.119.119.129
74.119.119.139
74.6.138.64
00629ef727c6c2f00185d9f431d757ffe961a78ec9296f04bde3245b0e56ecf0
037d5428331935629d0b9b5f64a70d12510d90a8eec4a43020e546f6caf83d74
0b6c3e5df8388146496673ee845ff72c55c2ee26fa131e0e21f08608165d5eb5
0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5d78d25212058f8eefa1f198348c51787a8640e3e7cc9c9305f80ccaabf0ed
119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13d69b634ceeee6647713a2568ba53d7f956abaf734f3cfad0ad1e35d1e988c5
153cd42b615aab62f3878478b7f729e92a3138a30e45b12586b540ea664440d7
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1e88e98b803a49d814cbc4542c3ef86093415402b54a746e0386540ab4cb2564
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721
23b56d8e72e99dcdb222d8a27949b10a2c4c9cefdfd6eed21373f10b62599183
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
267c7336efa0ab2734218b98193b758e3209fe6dc5b58ebb754928d5726df86d
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3189ab4d630eaa25532f3237e4963bce1f0b4084795826001f3b3013d3d0e385
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
38359490fa9225b2a8fc864edd59a31beb5a8f011545d54840d15c04729c08a6
392654ef99155d9eb30d0458073e5e0a0c49276402d563b13b4378c4af6c03e7
39ff6f3f6e8d487ca00ecf77b396371228be7873f89ba0d8862193a24b64aeb7
3a91de114f6d3db0cee656b2caccb5835628782703dde6646cd1d6ce24b35381
3fb0623b5aee602d59d69fe9a3005da073c1ef7c54832658bccc7db1a356bd44
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400e1bd26e029c5f5715dc6ce9babcecb86861d2ae034c5174aa14f20fe4ebce
44685477318ab440b91414cd68b9686594148888b068d37213fedfcbb3b393f9
45b4f34e8f4435a45eeb521da04a936876432f13165e74ec4aede4456946b812
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e970382e02d531521354405d9d3692f50e9bd0cbd5bb9b5e624129311820e6a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52309d688bd29a70f66f7be695e8102378879174ab293c9a3d0f07b9a04340f0
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
52f6ef56d44988aa55901c57c20c53322a3d56e6bff17de864f240c5e5cd2b80
533baa9aa02deae3579e121163671ec1e62b7cea91a9793e912264a9794102f6
557ea0952cd055cb70b0566ce50340993098aa68f511de418091cd8ce5ef8a16
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56591090d1e78778d8684a4b89aeff425aebd56127829d9bce64e117dc9fb065
57aec6038deeabe42f0415c9d043262210bd4105c59c0535fe0261f23eb68359
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5c4e555f2cdb1d2c4bc4bd48cf25afb9944c1faed58be0725a8222e9fe2dd67e
5de9039d18b59423c307972d26de6d415ef3c9fef1b16ff18a2c7503107b31bb
6045a4f7de7542296daa6709d1e59d2a0ed3dd438856840569382034f05f1698
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
611e247c78a0d6a596487a2f763a03f357afd47a07dcba9f5a3f3142c50e9bb6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e9ede37dbadd00ddc07e44d82b921a75e9e37887702c59f9f368c4e92a108e
6543da076768544dc2e1cea03247d97301886f77687572e35fb7df2613b820c5
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7108d3f9dc1ec6513e64bc020ac3e3f3262b2b2685a0c93431faa601fa0fdfa4
73ef08f67b3ec61613bbabf5fb22c8598ffa29a84820991c21af27e9bdb65647
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
74b402543d509c35f3a8cb78978adaba1f54ef4c0654d0cdff69a929a398749b
7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e
77d84456057bc43af7cfea53539d504d119b54815338ace55ad6c0483b1eb83a
7bfffe9be1e7c2d90e1ae44ca4fc7adc56b8f150edcc6cd23a00a521a625e006
7e0f09bd69cf2420bd8c91961c8e640a042147b6ee30743d4a6f85d8295c1d0a
7e632965cc15b9c1628e699b787633bab843f6f2ae034163e6b7581ab36a5700
8061f9317058a4a2bc6f88d890ab72c22065ed13cf4091ba40a6302a285a9091
81dc79d8174680d83cd8dbaa18fc6233df8e080a4b811ed6458ab031b6528c28
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
832bda454a85e22546832559154f47f5fc41a9298bece3fc2057fa59e542bf1e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e
85f6e430adccba1a608fbba80734cd0f659576b38784c4e97cb310bbd40a9294
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c07cc04fe7b5991dc6d55256e04fdda62ee81b6b0d21b955ef437721511efa3
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8f85e51a2f3c094fe6816857f185ca3f81647b4a74c6b06dd0df82e1d7455771
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
98ad33e187bcedb13bc46cdbfddb8890726d6666fbdf6f1d7043e811e04b84a4
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f523e2dbff592abe89d6ae5253ce449edcdc2969dda954958fd572debcd4ac3
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
a1c43b830a8fd34278607de3974d75ccbe7a852896223ca9cf00bb708239ba17
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51026d600a8f477b6e66d7e6312a8a7e7b3f23fae6a4e8890ec84366a52ada3
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8391653468b8f1a1566ada1e215c582ed1d7b2ad0bdaef95eb2b2fedbe847c
afe822e1b3800c6629b396996004fd1ce80c6ed2dd3957343960f6472c2a02b2
affa01b992a4b9ae9b35dae39848c8d83bbd73bb6cbcaed4be80c29ea0bad6b6
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
b089858662086aaf29d4f37d5cbd92faf267e7f9db55d13df5ec21229d2eb1b0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b168a74c7264118b890dce3466227bc6ed1cc862c671efc28ea9f0883bf7f43d
b1cbb0a3fc338c889779e2fb023e61a1e039d238f5e42b3920413c83a0e3b71a
b3105908d85e5136b409669ee0615fcd3b289a8cef67dc3e2fd77fe7481775e2
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b558b7f14e7021dc92bb4995333c9c19fa03f01d9ae12876e2d7a52d9153b22e
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
b75b554360eb277f4494dfcab2a8e6e69f168b03eba2e3d6645f6ff63e73658c
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b7ef6d445bd990e0a48201c084c8605a266a171c434a08460d2e00a729c580a8
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
bf23c559d6f26279c232474dac2d56c65355263311c2a944b9c1bc7a7f26c7a3
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25bea91ebe3705228605bb2dcbc17815ce89d38c4d2ebef472b869ade473d99
c74748e6c731263fad6adb78170a9bc690c4e0f717db075c4722e9124b928dc9
c8c19556af7bbc2e8b05b19b0209734aeab1c1e6651b7583fdd0b73830ed799c
ca53d65ce23787a386c9a36ea624216f5da24c1553fbc6c53fb5526830b8fb5f
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267
ce2baa53d54f1cafc4897d96567e68ee120b016c92218d09c331d70c6b7f4bc1
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d657641956d6c2a087f535ecfbdfedd0f540c4b41549320e63ec46b3976c9f4b
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe
dafd0e1a677a84abf3626d7123b1bcdf332d233f8be42b22577ac2383b095d4b
dc95b707466a913bd2f81dbe53c697e7250dc314ee4178555b831b42ed1dec71
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
e2aa813a75447774ff6d4079725356b152e26e8dab24e61945e18c475621b01d
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e200357195c3695af491665c7682549c80ccaef9b1a4709983f584d89ead68
e9fc8e92f03de032c64b3a9c690a2507b22bdb84eb249b3229b7bd5479f53c07
ebc9d9a64fe0dcc52fe330bb52ea9701a4cf717dbd18b4e6f4e736fe5e45f872
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef55b97b394f016fc1b7385ec2b1f3dfa95929292a8200379d9bcfdeffc22964
f132a973ea704b2d682ff2073bf31224b7519d3e0ef262a7ebbecfe6083c4733
f3a50c61a47ace8c4e0cbf12fa00c17e69b430318d9613811ecc54368619fb8f
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c
f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf