urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://reurl.cc/oQ84A
Effective URL: https://reurl.cc/oQ84A
Submission: On November 10 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 53 IPs in 10 countries across 43 domains to perform 331 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 261904.
TLS certificate: Issued by R3 on September 23rd 2022. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 35.185.130.121 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
37 203.75.214.136 3462 (HINET Dat...)
1 35.186.215.140 15169 (GOOGLE)
15 108.157.4.85 16509 (AMAZON-02)
31 2600:9000:226... 16509 (AMAZON-02)
37 2a03:2880:f02... 32934 (FACEBOOK)
8 2a03:2880:f12... 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
4 210.59.219.180 3462 (HINET Dat...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
2 34.95.67.231 396982 (GOOGLE-CL...)
1 5 35.201.76.93 15169 (GOOGLE)
5 2600:9000:218... 16509 (AMAZON-02)
2 192.96.200.41 30633 (LEASEWEB-...)
7 52.196.174.187 16509 (AMAZON-02)
6 210.59.219.181 3462 (HINET Dat...)
6 103.132.192.30 138552 (RTBHOUSE-...)
10 2a02:2638::24 44788 (ASN-CRITE...)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
7 14 34.96.119.68 396982 (GOOGLE-CL...)
7 7 172.105.199.172 63949 (LINODE-AP...)
1 35.185.136.122 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.0.78.244 2635 (AUTOMATTIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 35.242.224.42 396982 (GOOGLE-CL...)
1 192.0.77.2 2635 (AUTOMATTIC)
1 34.102.176.152 396982 (GOOGLE-CL...)
1 192.0.78.236 2635 (AUTOMATTIC)
4 13 216.58.212.162 15169 (GOOGLE)
1 35.227.249.156 15169 (GOOGLE)
4 8 2a02:2638::1c 44788 (ASN-CRITE...)
26 2a00:1450:400... 15169 (GOOGLE)
6 178.250.2.146 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 210.59.219.175 3462 (HINET Dat...)
2 6 23.203.77.3 16625 (AKAMAI-AS)
1 8 162.210.196.208 30633 (LEASEWEB-...)
1 10 69.173.144.165 26667 (RUBICONPR...)
1 69.173.158.64 26667 (RUBICONPR...)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 185.29.134.248 30419 (MEDIAMATH...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 3.211.35.247 14618 (AMAZON-AES)
1 21 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 52.57.54.93 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 66.155.71.25 13768 (COGECO-PEER1)
2 2 213.155.156.168 1299 (TWELVE99 ...)
3 3 37.157.3.29 198622 (ADFORM)
2 2 54.217.24.103 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
331 53
6    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
37    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
2f275107-36ea-462b-9dea-529d0acfda06.t.ssp.hinet.net
0cc424a7-22e2-4410-9761-81507f03335d.t.ssp.hinet.net
1    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
15    108.157.4.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-85.dus51.r.cloudfront.net
img.scupio.com
31    2600:9000:2261:9400:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
37    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
8    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
4    210.59.219.180 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
bw.scupio.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-frt3-1.xx.fbcdn.net
2    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
5    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
5    2600:9000:2182:1400:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
adcdn.holmesmind.com
2    192.96.200.41 (Bethesda, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
7    52.196.174.187 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
6    210.59.219.181 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
6    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
10    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
7    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
14    34.96.119.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
7    172.105.199.172 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1853-172.members.linode.com
gocm.c.appier.net
1    35.185.136.122 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 122.136.185.35.bc.googleusercontent.com
re-news.tw
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
img.racingcharger.tw
1    192.0.78.244 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    2606:4700::6810:fc04 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    35.242.224.42 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.224.242.35.bc.googleusercontent.com
www.rayskyinvest.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
1    34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com
static.wixstatic.com
1    192.0.78.236 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
13    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
cm.g.doubleclick.net
1    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
8    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
26    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
6    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
6    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    210.59.219.175 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
rec.scupio.com
6    23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
8    162.210.196.208 (Ft. Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
ads.aralego.com
10    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel-apac.rubiconproject.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    3.211.35.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-35-247.compute-1.amazonaws.com
sync.srv.stackadapt.com
21    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
76bbabe18e3f8cd74c2bfbaa64dcf46e.safeframe.googlesyndication.com
6    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    52.57.54.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-54-93.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    213.155.156.168 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
3    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    54.217.24.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-24-103.eu-west-1.compute.amazonaws.com
match.360yield.com
3    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
51 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 147046
fcm.holmesmind.com — Cisco Umbrella Rank: 161307
c.holmesmind.com — Cisco Umbrella Rank: 106536
adcdn.holmesmind.com — Cisco Umbrella Rank: 144780
ad.holmesmind.com — Cisco Umbrella Rank: 95735
fp.holmesmind.com Failed
m.holmesmind.com — Cisco Umbrella Rank: 249638
182 KB
43 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
76bbabe18e3f8cd74c2bfbaa64dcf46e.safeframe.googlesyndication.com
670 KB
37 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 84382
2f275107-36ea-462b-9dea-529d0acfda06.t.ssp.hinet.net
0cc424a7-22e2-4410-9761-81507f03335d.t.ssp.hinet.net
26 KB
36 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 715
scontent-frt3-1.xx.fbcdn.net — Cisco Umbrella Rank: 17166
scontent-frx5-1.xx.fbcdn.net — Cisco Umbrella Rank: 15099
608 KB
27 scupio.com
img.scupio.com — Cisco Umbrella Rank: 85641
bw.scupio.com — Cisco Umbrella Rank: 142286
prebid.scupio.com — Cisco Umbrella Rank: 73497
rec.scupio.com — Cisco Umbrella Rank: 139292
346 KB
24 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 691
gum.criteo.com — Cisco Umbrella Rank: 390
mug.criteo.com — Cisco Umbrella Rank: 2725
20 KB
21 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 44139
gocm.c.appier.net — Cisco Umbrella Rank: 1971
3 KB
20 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
212 KB
17 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 861
eus.rubiconproject.com — Cisco Umbrella Rank: 541
token.rubiconproject.com — Cisco Umbrella Rank: 544
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 36061
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
24 KB
10 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 19392
sync.aralego.com — Cisco Umbrella Rank: 2762
ads.aralego.com — Cisco Umbrella Rank: 27807
4 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
53 KB
7 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
233 KB
6 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18067
1 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 261904
5 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 582
2 KB
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9020
46 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8709
1 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 304
fonts.googleapis.com — Cisco Umbrella Rank: 43
68 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
30 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3075
853 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4495
733 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 745
s.tribalfusion.com — Cisco Umbrella Rank: 1840
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
95 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
1 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
746 B
2 re-news.tw
storage.re-news.tw
re-news.tw
31 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
35 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
57 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 559
191 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 665
571 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 510
406 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 708
451 B
1 alphaloan.co
blog.alphaloan.co
124 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5101
1 MB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3000
88 KB
1 rayskyinvest.com
www.rayskyinvest.com
36 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
80 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 497398
91 KB
1 creditcards.com.tw
creditcards.com.tw
49 KB
1 racingcharger.tw
img.racingcharger.tw
141 KB
1 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 106135
6 KB
331 43
Domain Requested by
34 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
31 cdn.holmesmind.com reurl.cc
cdn.holmesmind.com
ad.holmesmind.com
30 t.ssp.hinet.net reurl.cc
cdn.holmesmind.com
t.ssp.hinet.net
22 pagead2.googlesyndication.com reurl.cc
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ads.aralego.com
www.googletagservices.com
securepubads.g.doubleclick.net
20 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
reurl.cc
securepubads.g.doubleclick.net
15 img.scupio.com reurl.cc
img.scupio.com
14 ad2.apx.appier.net 7 redirects reurl.cc
13 cm.g.doubleclick.net 4 redirects eus.rubiconproject.com
reurl.cc
googleads.g.doubleclick.net
10 bidder.criteo.com img.scupio.com
static.criteo.net
8 gum.criteo.com 4 redirects static.criteo.net
8 www.facebook.com reurl.cc
static.xx.fbcdn.net
img.scupio.com
7 gocm.c.appier.net 7 redirects
7 static.criteo.net cdn.holmesmind.com
img.scupio.com
static.criteo.net
7 ad.holmesmind.com img.scupio.com
cdn.holmesmind.com
6 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
6 token.rubiconproject.com 1 redirects eus.rubiconproject.com
6 sync.aralego.com img.scupio.com
ads.aralego.com
reurl.cc
6 mug.criteo.com reurl.cc
6 prebid-asia.creativecdn.com img.scupio.com
cdn.holmesmind.com
6 prebid.scupio.com img.scupio.com
cdn.holmesmind.com
6 reurl.cc 1 redirects reurl.cc
5 2f275107-36ea-462b-9dea-529d0acfda06.t.ssp.hinet.net reurl.cc
t.ssp.hinet.net
5 adcdn.holmesmind.com cdn.holmesmind.com
5 c.holmesmind.com 1 redirects cdn.holmesmind.com
reurl.cc
4 pixel.rubiconproject.com eus.rubiconproject.com
4 eus.rubiconproject.com reurl.cc
eus.rubiconproject.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 bw.scupio.com img.scupio.com
ajax.googleapis.com
3 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
3 c1.adform.net 3 redirects
3 cdn.aralego.net reurl.cc
ads.aralego.com
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 match.360yield.com 2 redirects
2 d5p.de17a.com 2 redirects
2 pm.w55c.net 2 redirects
2 ads.aralego.com 1 redirects ads.aralego.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 sync.mathtag.com 2 redirects
2 0cc424a7-22e2-4410-9761-81507f03335d.t.ssp.hinet.net cdn.holmesmind.com
reurl.cc
2 secure-assets.rubiconproject.com 2 redirects
2 rec.scupio.com img.scupio.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 hb.aralego.com img.scupio.com
2 fcm.holmesmind.com cdn.holmesmind.com
2 ajax.googleapis.com img.scupio.com
2 connect.facebook.net reurl.cc
connect.facebook.net
2 cdn.jsdelivr.net reurl.cc
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 76bbabe18e3f8cd74c2bfbaa64dcf46e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel-sync.sitescout.com googleads.g.doubleclick.net
1 s.tribalfusion.com reurl.cc
1 a.tribalfusion.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 bh.contextweb.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel-apac.rubiconproject.com eus.rubiconproject.com
1 m.holmesmind.com cdn.holmesmind.com
1 blog.alphaloan.co reurl.cc
1 static.wixstatic.com reurl.cc
1 i0.wp.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 creditcards.com.tw reurl.cc
1 img.racingcharger.tw reurl.cc
1 re-news.tw reurl.cc
1 scontent-frx5-1.xx.fbcdn.net www.facebook.com
1 scontent-frt3-1.xx.fbcdn.net www.facebook.com
1 storage.re-news.tw reurl.cc
1 ad.sitemaji.com reurl.cc
0 fp.holmesmind.com Failed cdn.holmesmind.com
331 74

This site contains links to these domains. Also see Links.

Domain
whocall.cc
re-news.tw
youtils.cc
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2022-09-23 -
2022-12-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
feebee.com.tw
R3		 2022-10-25 -
2023-01-23		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-27		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-20 -
2022-11-18		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2022-10-22 -
2023-01-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
re-news.tw
R3		 2022-11-01 -
2023-01-30		 3 months crt.sh
tls.automattic.com
R3		 2022-09-19 -
2022-12-18		 3 months crt.sh
*.prnasia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-08 -
2022-12-08		 a year crt.sh
*.gbyhn.com.tw
E1		 2022-10-02 -
2022-12-31		 3 months crt.sh
*.rayskyinvest.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-30 -
2023-03-29		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh

This page contains 47 frames:

Primary Page: https://reurl.cc/oQ84A
Frame ID: ECA393B4D96CA75A8F7311BD7C9DBE25
Requests: 33 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: A877EDD963AB3F3534C118DB9A994B4F
Requests: 43 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: 132A9098A845F45C42FAEDB4BDF03595
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: 8FF8B7F35BAE9E3A085FEA35A65735E8
Requests: 16 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 40522490A6F71906CA76570A2311FE88
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 78E63B1CD9AE291D07C1EDB0868E8B8E
Requests: 12 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: A4B67FAB750AE7048D3DC32312A8E3E7
Requests: 22 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 3EDCBD81DD7A8E2EABCBED66C9A88955
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: E5F99CD7FCBB49226D500F2528415BBC
Requests: 23 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 31EA5FAA670A8FA55F0B9DC71792F10E
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&CFFPCKUUID=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&url=https%3A%2F%2Freurl.cc%2FoQ84A&maindomain=reurl.cc
Frame ID: 2045972C371693CEAA562B6888969F9D
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&CFFPCKUUID=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&url=https%3A%2F%2Freurl.cc%2FoQ84A&maindomain=reurl.cc
Frame ID: 1C769C3B221ACB8CD080948769FB1557
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&CFFPCKUUID=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&url=https%3A%2F%2Freurl.cc%2FoQ84A&maindomain=reurl.cc
Frame ID: D892954C070616560F0E1C312559E42B
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&CFFPCKUUID=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&url=https%3A%2F%2Freurl.cc%2FoQ84A&maindomain=reurl.cc
Frame ID: 0A987B019836D69720DA0B91E028CF13
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: C2741313FE0873B39EFC97C08EE27D57
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: C82DFBDF5F4FA89E828E48F65D0C875C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: E72C0C7D58DC3B6F78E7BD3462610356
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: F032E2202ABA366EA37D4D697288661D
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: BEE1E17089C385BF814C26348204121A
Requests: 20 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: CDEC7FA02C338CEFB04AD0B11F62E1AA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 8E8E27E2AF934BF443D9BA9C0A159BFB
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 5E5406BB85BEFC68D7F063B149D43B4D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: EB6D0AAD5DEB114424894C4D3940681D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Frame ID: AA316D40B0A38FCE949F7136DD37A0FF
Requests: 10 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 8899C02D17FB968D01778A3A76B8F040
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOlpkGPRpF9QYbpmTHdRJkE&google_cver=1&google_ula=3918219,0
Frame ID: 5FDD733237A9E484C88C209F173AC6A0
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 2DC91C4DEA15C5F16DBA350770CAB882
Requests: 12 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 0466095BD16746B5AE9EAF38FB5417B2
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOlpkGPRpF9QYbpmTHdRJkE&google_cver=1&google_ula=3918219,0
Frame ID: 1E5486196E4772FD69FDCA205C93DBFB
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 0C2058DC36B05CD318BC2E572D2D79BA
Requests: 3 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&CFFPCKUUID=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&url=https%3A%2F%2Freurl.cc%2FoQ84A&maindomain=reurl.cc
Frame ID: 9FDA04F721E2576EFDB80FCF8D6B70AB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: FE9E6F71280B824E8B67351B64867190
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4CD4616DF0801C0BB315F89907A51A0F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C443EB40F851CA1D2F0C9D4A16D2F09D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: 30BE6DC3197FB5E69DCF96406F473195
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A14E974B75D1B990F2FE868082CD8C4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C63F52F4E27CC48C2A68F8B50F9B7F3
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 23DD1A2EAC6D4E94B9A24853021CAAEA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: A2C0977D51330C06D6DB873DEB94B87C
Requests: 8 HTTP requests in this frame

Frame: https://76bbabe18e3f8cd74c2bfbaa64dcf46e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=5&v=1-0-40
Frame ID: 8C7001DECBD6F9210B7DBA088068782E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Frame ID: 2E6D2654C2EABFED0635624F9A9A24E4
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B0432399B4C1C64CD7F40D9B72361D1B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DD37EE9012A71F99CC0F99A2E24DA0D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 77769D04B77060C64307B3B76ECFD23B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: FCBE3B7DCB721FE10165191FBC04C8BC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C385B48ED4B052A27D1DA90C1DBE6C65
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CA7D2B66008DA77781419E32ACDE3E16
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

  1. http://reurl.cc/oQ84A HTTP 301
    https://reurl.cc/oQ84A Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

331
Requests

89 %
HTTPS

41 %
IPv6

43
Domains

74
Subdomains

53
IPs

10
Countries

4874 kB
Transfer

9642 kB
Size

45
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://reurl.cc/oQ84A HTTP 301
    https://reurl.cc/oQ84A Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 97
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ynTiGlxGB6iC6DSC3jhtYw
Request Chain 98
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=q-C7-m2ZBiSvwWqC3jhtYw
Request Chain 99
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=MoGDhDy4BH6gmtzf3jhtYw
Request Chain 100
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oafOELKGD1Gj2eXp3jhtYw
Request Chain 105
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=8vD6wGPFCsihbFEC3jhtYw
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=371177-i8BVm9psy7kYfiZU3Y2EibcRfk2Q49lm&uu_m=undefined HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=371177-i8BVm9psy7kYfiZU3Y2EibcRfk2Q49lm&uu_m=undefined&google_tc= HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=371177-i8BVm9psy7kYfiZU3Y2EibcRfk2Q49lm&uu_m=undefined&google_gid=CAESEJEe41qmVcZ1s5GWBLJa1NM&google_cver=1
Request Chain 192
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=iNjud3x0NEN4L2hnYXhocytzMUQxOFZjZWpISlNubHFpeVcvWnpieVJpbU9SM3V1UDNNWHUrcjIwOVY2TDlGWGRXaFZPQUt4dnFKWDdIRVFoWjlVY3FVU2JxSUxkQzRXOHAvTFMwSU9vdzRwQVExZlVzempiK2o2YnZaT0VXa1FKZHdWZmIxUUFLV09zeUNPZ25ZMnFCWTZndmJUTWpEN1l2SktWUDVCRTJvZER5RHZlZjZUMG9UTTRMRTJJR0NDQ2h0K1dXVWQrTmM4Yi9ROEpZYnRTY0lkWUo3alB5RW83cDJNUWRtR0E3ZzBrcXdwZ2hncldmQXZobko1TldmMGI2UWM3UHVjSWpiNVBwcDdNRDFTUmx0dHFBSjNOdFFLbUp4L0hpTUNHbVNwMStwaz18&cppv=2
Request Chain 193
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=MHfDxHxmRXNNc2JoNmcvbWx4OUhyNGFmRm5TRnBoQXhDVndvUkJva2NSeFQxSUZaWWhIUnRwTTBhOEF4RjVGYytTT05JdzdFVVpMRktaQnB5Z2tOc05sc0VEZXFVZGZmNXBLTGc0UWxTY3lINjdzeVRDSmxMUzViRitCemJoM1BpNVJCMUxrVkIzemNIUHVsRTJyV3lnc09IYmNWcHpnclptSEpUbDZYR29IT0ZTalErTCtwa2JMZkMzM1FudHlsWHFOQUxYVEVYSGZjSi9RYW9OWitZUTh2NENPZW5kYk1zV2hTRDhJTS91Mm9MZGQyVnIrZmxYM0RFSkl6cTJkdlNIaGRkUVY2bHpuQVFyS2xkTnhXbHpBSVR0Zz09fA&cppv=2
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0NBMjAyMjExMTEwMTQ2MDc2NTc3NzE%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOlpkGPRpF9QYbpmTHdRJkE&google_cver=1&google_ula=3918219,0
Request Chain 202
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 215
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=8vD6wGPFCsihbFEC3jhtYw
Request Chain 216
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=8vD6wGPFCsihbFEC3jhtYw
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1BBMjAyMjExMTEwMTQ2MDcxNzg5ODI%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOlpkGPRpF9QYbpmTHdRJkE&google_cver=1&google_ula=3918219,0
Request Chain 223
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 234
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Request Chain 238
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=4330870279648372198&expires=60&gdpr=&gdpr_consent=
Request Chain 239
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5d0e636d-38e0-4900-a0ef-2542b0328e18
Request Chain 240
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=pIYeCaE8OwsK&ev=1&pid=560687
Request Chain 241
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=D9-gtGf8QDlkU6oVD-AUs1FfBSY
Request Chain 250
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 256
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIwZyDRaSkwO4Eq_GyMp7fw&google_cver=1&google_push=ASkJ3FZjgjBwyZudGwKFgjGy8L7abzvD6cj8XkucTUo4vn2SU7t54M-tcRD4wr6DLxK1Gz4UpBALvMiSN9EPTrV5FZaaqSZa-PQ4E9kIUglkBMCEykKQEWzoo-Tdr5IC0PAO-JZrqfdx4lw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIwZyDRaSkwO4Eq_GyMp7fw&google_cver=1&google_push=ASkJ3FZjgjBwyZudGwKFgjGy8L7abzvD6cj8XkucTUo4vn2SU7t54M-tcRD4wr6DLxK1Gz4UpBALvMiSN9EPTrV5FZaaqSZa-PQ4E9kIUglkBMCEykKQEWzoo-Tdr5IC0PAO-JZrqfdx4lw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YmxEWk9IQWIxT1RiQ1U1&google_gid=CAESEIwZyDRaSkwO4Eq_GyMp7fw&google_cver=1&google_push=ASkJ3FZjgjBwyZudGwKFgjGy8L7abzvD6cj8XkucTUo4vn2SU7t54M-tcRD4wr6DLxK1Gz4UpBALvMiSN9EPTrV5FZaaqSZa-PQ4E9kIUglkBMCEykKQEWzoo-Tdr5IC0PAO-JZrqfdx4lw
Request Chain 257
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIds0qS_CkOOd4TPsFELl4o&google_cver=1&google_push=ASkJ3FZ-CVD70zxRKsY4ZqM9SgWCUnqH4gUn0eumG9ybvFA_W0zkDujWzzY_KDWPssUJdSBN6NmgdJRGlCUlHsvX4GxLc3bQyGlw9use53kGzerABGZ6za5VirZ181EHPX53Ys0qMjmzGzs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=XQ5jbTjgSQCg7yVCsDKOGA&google_push=ASkJ3FZ-CVD70zxRKsY4ZqM9SgWCUnqH4gUn0eumG9ybvFA_W0zkDujWzzY_KDWPssUJdSBN6NmgdJRGlCUlHsvX4GxLc3bQyGlw9use53kGzerABGZ6za5VirZ181EHPX53Ys0qMjmzGzs
Request Chain 258
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKFcHhuZg_tOGzni0wT2Sfg&google_cver=1&google_push=ASkJ3Fb0TgsiCvFJg8UCDy3x1y7r33iEGIfuZ0861sjxe0kJ4jcEoYtEORbDvswzsLASE31C77EAejLJTOJCg4JM8Xpnf1if6I3DYKoLW9iAQmN3NxIbgVtB36S7_PJflkzUvp-kVWIqHXA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb0TgsiCvFJg8UCDy3x1y7r33iEGIfuZ0861sjxe0kJ4jcEoYtEORbDvswzsLASE31C77EAejLJTOJCg4JM8Xpnf1if6I3DYKoLW9iAQmN3NxIbgVtB36S7_PJflkzUvp-kVWIqHXA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKFcHhuZg_tOGzni0wT2Sfg&google_cver=1&google_push=ASkJ3Fb0TgsiCvFJg8UCDy3x1y7r33iEGIfuZ0861sjxe0kJ4jcEoYtEORbDvswzsLASE31C77EAejLJTOJCg4JM8Xpnf1if6I3DYKoLW9iAQmN3NxIbgVtB36S7_PJflkzUvp-kVWIqHXA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb0TgsiCvFJg8UCDy3x1y7r33iEGIfuZ0861sjxe0kJ4jcEoYtEORbDvswzsLASE31C77EAejLJTOJCg4JM8Xpnf1if6I3DYKoLW9iAQmN3NxIbgVtB36S7_PJflkzUvp-kVWIqHXA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 260
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHhoKMBu_EB4DzE6RMu0H_M&google_cver=1&google_push=ASkJ3FaU0CyEvfaJuulnJHMC5tUB3kcHB9zV8iOPBIzGiOXae3mITngdg6G9NEE-iHl8GXHoXGU-OszLeZmurqokMBTfCXvD_pFQOgmhpilVX4RAzwVeQIRWOM7Fk8CYEFUd9jjtHvV4Owg HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHhoKMBu_EB4DzE6RMu0H_M&google_cver=1&google_push=ASkJ3FaU0CyEvfaJuulnJHMC5tUB3kcHB9zV8iOPBIzGiOXae3mITngdg6G9NEE-iHl8GXHoXGU-OszLeZmurqokMBTfCXvD_pFQOgmhpilVX4RAzwVeQIRWOM7Fk8CYEFUd9jjtHvV4Owg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaU0CyEvfaJuulnJHMC5tUB3kcHB9zV8iOPBIzGiOXae3mITngdg6G9NEE-iHl8GXHoXGU-OszLeZmurqokMBTfCXvD_pFQOgmhpilVX4RAzwVeQIRWOM7Fk8CYEFUd9jjtHvV4Owg
Request Chain 261
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO4fAixkoMoCZM_rkAOkyR0&google_cver=1&google_push=ASkJ3FYpW0mALAr8CWnxTeCXb517hprG2k48YwP-LP3vlbm4W_AWRwrHbGhqXVuwzj5DRpzkLz9Xlks7tPDhgJfmFzB3L_pHN8vc0hXn6O_gBlVswL4di1ge9CgTKVg73fMjPeQb_lrw-dQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO4fAixkoMoCZM_rkAOkyR0&google_cver=1&google_push=ASkJ3FYpW0mALAr8CWnxTeCXb517hprG2k48YwP-LP3vlbm4W_AWRwrHbGhqXVuwzj5DRpzkLz9Xlks7tPDhgJfmFzB3L_pHN8vc0hXn6O_gBlVswL4di1ge9CgTKVg73fMjPeQb_lrw-dQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzg5ODM5ODY4MDg5NDM3OTYyMQ&google_push=ASkJ3FYpW0mALAr8CWnxTeCXb517hprG2k48YwP-LP3vlbm4W_AWRwrHbGhqXVuwzj5DRpzkLz9Xlks7tPDhgJfmFzB3L_pHN8vc0hXn6O_gBlVswL4di1ge9CgTKVg73fMjPeQb_lrw-dQ
Request Chain 262
  • https://match.360yield.com/match/ebda?google_gid=CAESEOjzdhtvWyShYskiTBYoS88&google_cver=1&google_push=ASkJ3Fa72FlA5nQQ7QlvDo6nPw0tPjXYbT9IfrXX0rqED1wNpkA33tSttac3KEfimQX7eOzxEwko4C4azcwdL0qL0P01gmnrLtfBnvDo5M-qd9zHi1lf1-gJnhjp7Qw8cTdAZ8eMs8XqlBQ HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOjzdhtvWyShYskiTBYoS88&google_cver=1&google_push=ASkJ3Fa72FlA5nQQ7QlvDo6nPw0tPjXYbT9IfrXX0rqED1wNpkA33tSttac3KEfimQX7eOzxEwko4C4azcwdL0qL0P01gmnrLtfBnvDo5M-qd9zHi1lf1-gJnhjp7Qw8cTdAZ8eMs8XqlBQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4Bi7go6UTiCpll54hA0-Xg&google_push=ASkJ3Fa72FlA5nQQ7QlvDo6nPw0tPjXYbT9IfrXX0rqED1wNpkA33tSttac3KEfimQX7eOzxEwko4C4azcwdL0qL0P01gmnrLtfBnvDo5M-qd9zHi1lf1-gJnhjp7Qw8cTdAZ8eMs8XqlBQ
Request Chain 265
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 277
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=HK5f_XxWZTJkQy93ZHM1dGN1a0MxUzNnbllVL1plQjFNaFBZTGpRdEQzV1M4MXJGRWZobFZ3VFRNQ2g2bnVaVWhpZm9VVUR4aHBMczBRR3ZVZXZ2azZySDZ5NDcrYTNGOHhTSEtLcnVKdmFhYUpKVTVNcmhXeUxNUWs4MlA5T1krbkxVaFE5em16aVkzbFhMNE5DUEptK05CK0s1TkphWTNySUplYW5IVW5jZWhCQzV0SFZhT09XRkluNG1wUDc3dDgrRTM0TWE1ZW8reGZVMTh2aW5CRVFvMVArUHRreWwzc1hWcGZ4NlNrUDIxMzVabGp3bEFZWGJzcVJ3ODkrbVF0d3dibUg4YXUrejdkNHJid0VMK1F2NDR6NDIyVW9sMGhBeDhGaGExelN2b2JEWT18&cppv=2
Request Chain 285
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Rit2fXxuTUhZSW5MWGcrTkVNdjZXMktXaXhnYzc0aFpENXdYM2crNGlXcS9CQnIxL0VqQnU1NXpUZlY4c055UTg2ekZ6S3BoVUtyM0E0YnNhZDJralF3Q0IrdGVLSWZSQmtUYTEyYzFzRlNibHRYTmFHQ0RCazNTZzUrVnFvSy9uYWQyckpSUldqZUhNV092VGZxM296UXhaaHZxeEZpUHIrUEdpbkVOZEhBL3E0aGM1d2sza3JVdkNUNndvMjU3ZmdMRkF2OUVxTTI0Sm1pZGhNV0EvZmhNOWtjaGNFYjdDOVJBNHZuRWh6eHR6N1JZUlcwSDAwcy9KdjlsMUpNK3ZMNU9jZDdiT3lyUlhuaFE5U2xHT3lvY1JhMjFIL2xUOEFERjhCblYyaTJ3SEtGMD18&cppv=2
Request Chain 319
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
  • https://tpc.googlesyndication.com/simgad/4091503581208051288
Request Chain 322
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO4fAixkoMoCZM_rkAOkyR0&google_cver=1&google_push=ASkJ3FafjoVux2Q3t-PJ5awMGTbKcmqJK5nRS6pXNPjWydvFi-BW-fr4bW-i0YEhhibss7kUIqOvNBBakF_6_hx-4imlHy76irI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzg5ODM5ODY4MDg5NDM3OTYyMQ&google_push=ASkJ3FafjoVux2Q3t-PJ5awMGTbKcmqJK5nRS6pXNPjWydvFi-BW-fr4bW-i0YEhhibss7kUIqOvNBBakF_6_hx-4imlHy76irI

331 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request oQ84A
reurl.cc/
Redirect Chain
  • http://reurl.cc/oQ84A
  • https://reurl.cc/oQ84A
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0b64a8d24e7a166783b9221580c2630de7f3405aa343bbbc3e42be54f6b22436

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 17:46:04 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Thu, 10 Nov 2022 17:46:03 GMT
Location
https://reurl.cc/oQ84A
Server
nginx/1.18.0 (Ubuntu)
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20247847
x-jsd-version
4.3.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19143-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFIqifkYXenlcMGpLF6CWPUsIMRAfkubLLE9LJYIdEZ15gSvPmCtJfwSd7oSd1J9QSQkyDVyiPAdskGlIkFMgc8XYkXesfsvt6RGpSxcvWA9ruHAMwZiAIC3AYSdzp%2BtRFuB9ITpoPELsliV4oc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
76809b008efe9165-FRA
style.css
reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/oQ84A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-9f6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Fri, 10 Nov 2023 17:46:04 GMT
pixel.js
reurl.cc/javascripts/ 		429 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/oQ84A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-1ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Fri, 10 Nov 2023 17:46:04 GMT
utag.js
t.ssp.hinet.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 17:56:05 GMT
ysm_reurl.js
ad.sitemaji.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_reurl.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 04:15:54 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 20 Jun 2019 08:48:16 GMT
server
nginx/1.12.1 (Ubuntu)
age
48610
etag
W/"5d0b4850-4488"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5880
expires
Fri, 11 Nov 2022 04:15:54 GMT
ad.js
img.scupio.com/js/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:44:48 GMT
content-encoding
gzip
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
last-modified
Mon, 19 Sep 2022 02:16:55 GMT
server
nginx/1.12.1
x-amz-cf-pop
DUS51-P2
age
82
etag
W/"6327d117-12f95"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=900
x-amz-cf-id
zstehDEV6q-0dKpz0UecKTBq222i15tosvlnNZZNxh35LhzAFThh5w==
expires
Thu, 10 Nov 2022 17:59:42 GMT
init.js
cdn.holmesmind.com/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Thu, 10 Nov 2022 17:45:50 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
36
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
JphlIl7QgiKJs8jlCu1SGGQBKlaJH6xWTavIEot4iYNBFmbYsipj0w==
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20247808
x-jsd-version
2.5.16
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19143-FRA, cache-hhn4027-HHN
x-jsd-version-type
version
server
cloudflare
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVEiJDSVamIuZbKgEua3rkp04HjyaTLzJUqvDMKgFQqVYD8sJmGknKe4EtncRzN0jNfaMSCdSmecKabsX3TbsaQtn3nWyEDbY81ZCFHVxBsXQujIlvBtGyCzIlogwnJ%2FfBpk3PM7rD1sgLdUdzc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
76809b008eff9165-FRA
renews.js
reurl.cc/javascripts/ 		412 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/oQ84A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-19c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Fri, 10 Nov 2023 17:46:04 GMT
loading.js
reurl.cc/javascripts/ 		134 B
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/oQ84A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-86"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Fri, 10 Nov 2023 17:46:04 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 10 Nov 2022 17:46:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27337
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
/4EnTalCJJPIPGbD7LyaBNiZK/IGVPPtiQjdWh0iKMS1um8SUveaPdJ11ELgLobcTAkq/Wzd4k7VEkndJfEMTw==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
page.php
www.facebook.com/plugins/ Frame A877 		99 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
164f121b76021e9b798c6458310b7cc9815e29fcafec59be78e89a8556027135
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Thu, 10 Nov 2022 17:46:04 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Fn6LhT45IUKVeBtvt0wPponV99gLzZ/666xEESafWWw7c6nM7vmOaRboMAD9GC6gjQwBzFtPhKej10bBk0AY4A==
x-fb-rlafr
0
x-xss-protection
0
feeds
storage.re-news.tw/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
2dfe13e4c1c910875165065a50af46eb530759a1016ba830942a5589830e02ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1b12-M5ndmsvnIoq+1icP60Pi+HXystk"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6930
1675200226052423
connect.facebook.net/signals/config/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fdb6e4265501e94cf82086f3116626ad056fa394b161523abdd83fe4080310f7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 10 Nov 2022 17:46:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7392
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
6bhjVJfMY49NaJqcAUWeYdFdXYi0XQUEcC+z9GvmiRRJl3LfWo+5obZvKTfXa5gGJQZ/Y8RX7Sg0yF0wEssBFQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FoQ84A&rl=&if=false&ts=1668102364551&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=28&fbp=fb.1.1668102364548.796692624&it=1668102364526&coo=false&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 10 Nov 2022 17:46:04 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
17229.json
img.scupio.com/js/config/ 		461 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
a3de443431cf25502df67c0eadfbdf3fe304ce32e942ceab9e5ac40c7c8a70fc

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 17:41:44 GMT
via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
age
260
x-cache
Hit from cloudfront
content-length
461
last-modified
Thu, 10 Nov 2022 02:20:45 GMT
server
nginx/1.12.1
etag
"636c5ffd-1cd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
mUxY7kxRzcTtZV-1CRBkfL4JANyZjEp-Bfw0ipsvzca3Mwgtrphx3g==
expires
Thu, 10 Nov 2022 20:41:44 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.513018475890868
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 10 Nov 2022 17:46:04 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json
Access-Control-Allow-Origin
https://reurl.cc
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
0
ad.html
img.scupio.com/html/ Frame 132A 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.65
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1535
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 10 Nov 2022 17:20:29 GMT
etag
W/"62fdf772-14d93"
expires
Sat, 10 Dec 2022 17:20:29 GMT
last-modified
Thu, 18 Aug 2022 08:25:22 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-amz-cf-id
OofYoCeMHApyzaNiq_Domq1ieobAq4HT3uvIzujVXkCGVrGRyeMc3Q==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
17253.json
img.scupio.com/js/config/ 		461 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97c2e91d6db8f5687c77c33b7748b8c911519ee5069619a5e95d20fb7e6cbd32

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 17:41:44 GMT
via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
age
260
x-cache
Hit from cloudfront
content-length
461
last-modified
Thu, 10 Nov 2022 02:20:46 GMT
server
nginx/1.12.1
etag
"636c5ffe-1cd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
nT3TMD1qoEko8X3TQJPhcPv5xsIFxahUvGMDzfjEG6wNIAsbvZon2Q==
expires
Thu, 10 Nov 2022 20:41:44 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.2846398813755284
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 10 Nov 2022 17:46:05 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json
Access-Control-Allow-Origin
https://reurl.cc
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
0
ad.html
img.scupio.com/html/ Frame 8FF8 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.65
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1535
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 10 Nov 2022 17:20:29 GMT
etag
W/"62fdf772-14d93"
expires
Sat, 10 Dec 2022 17:20:29 GMT
last-modified
Thu, 18 Aug 2022 08:25:22 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-amz-cf-id
h50cGb2baAv-CuIRlCNy_qOTGNeUCQZ9OZC8JWKYpzOg5s9otowRyQ==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
capmapping.htm
cdn.holmesmind.com/js/ Frame 4052 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30
content-length
4730
content-type
text/html
date
Thu, 10 Nov 2022 17:45:51 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
x-amz-cf-id
RcAHbswjNeS70cf1xAmJz0KlqpbtNX1Q21po15UN5ixok29Kcl_xpg==
x-amz-cf-pop
TXL50-P4
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ 		662 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:45:51 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
31
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
2WtEd2M4OCzw6R2JuMOIjFeRbnwIy_kC4oMoTkqem3KIGMzq4f267Q==
presetfn.js
cdn.holmesmind.com/js/ Frame 78E6 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
VaSpewhnvI6bFcTAqatFk5SqvLFpxvJd
date
Thu, 10 Nov 2022 17:45:53 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 05:58:48 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
12
etag
"760acffabe0db50f11b07aec24b247c5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9628
x-amz-cf-id
vNNkA81XVCkRZrlifDaL9RT8hwyKa93sxqZSjiQfqR2mXgL0hUF2_Q==
presetfn.js
cdn.holmesmind.com/js/ Frame A4B6 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
VaSpewhnvI6bFcTAqatFk5SqvLFpxvJd
date
Thu, 10 Nov 2022 17:45:53 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 05:58:48 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
12
etag
"760acffabe0db50f11b07aec24b247c5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9628
x-amz-cf-id
zYP6G8o-DtT7kX7Nv-7OXk8YbooTcRLnjLyle6OF2WoCCVXH8VDOoA==
presetfn.js
cdn.holmesmind.com/js/ Frame 3EDC 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
VaSpewhnvI6bFcTAqatFk5SqvLFpxvJd
date
Thu, 10 Nov 2022 17:45:53 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 05:58:48 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
12
etag
"760acffabe0db50f11b07aec24b247c5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9628
x-amz-cf-id
zDWSpWwjz7M_uoEZ1s6k61jy0QZ_ldqx1zAZumb2iWltMFCDwMHoLA==
presetfn.js
cdn.holmesmind.com/js/ Frame E5F9 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
VaSpewhnvI6bFcTAqatFk5SqvLFpxvJd
date
Thu, 10 Nov 2022 17:45:53 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 05:58:48 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
12
etag
"760acffabe0db50f11b07aec24b247c5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9628
x-amz-cf-id
nW0J4R-Sj79B-_8MxfkCVdIf7mV7hNq9iMzrbl3FSw_L4970h0YyPg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 132A 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:43:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 17:43:49 GMT
prebid.js
img.scupio.com/js/ Frame 132A 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:43:27 GMT
content-encoding
gzip
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
x-amz-cf-pop
DUS51-P2
age
172
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
JV55r8UVlXQg3SjCYKXf5zURUn95THr12IvGIECfSybtykCyQaQOVQ==
expires
Sat, 10 Dec 2022 17:43:12 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 8FF8 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:43:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 17:43:49 GMT
prebid.js
img.scupio.com/js/ Frame 8FF8 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:43:27 GMT
content-encoding
gzip
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
x-amz-cf-pop
DUS51-P2
age
172
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
JhZU5zjqt35oh3yKZekuhBb5HgiqBBB81ngKTaviXfhfxRnjdSJxsQ==
expires
Sat, 10 Dec 2022 17:43:12 GMT
Jx2DDFnT0Mt.css
static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/ Frame A877 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/Jx2DDFnT0Mt.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c90e8cc30492df108ef65527daa7db0e5632f8ba5f1416740eec599d3686a4bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6mtlz3BOd4fsJJYgOGKdFA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5055
x-fb-rlafr
0
x-fb-debug
nmXw/z0ttde3FPds4UwVi88HHbCSN/hXghSUZ/3ZK0mAny5xsZmBEBFdK9FeQDq9Ul4uZjPlGd5gdMWoULR9DA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 09 Nov 2023 20:41:56 GMT
5d4eZbVHxAY.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame A877 		2 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/5d4eZbVHxAY.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qp62alFG777So/ro/wbkaA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
829
x-fb-rlafr
0
x-fb-debug
nMh/sgdVuLp0ZxfHFkRUUirUOMdjt1rq9mLzGbzqd5cNkGHTvpJH96Jn1+nLD5wSYUIBON0cs6lV/fAMjqaUdw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 03 Nov 2023 18:49:24 GMT
NZS3ML1mHxT.css
static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/ Frame A877 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/NZS3ML1mHxT.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8b0ddbcb04b4cdc6fa3e4e57068c308563efde9dade4583f2a2647975c1a7f35
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
O6mEX8FDH9tVAmuOE4iqBg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6477
x-fb-rlafr
0
x-fb-debug
e7NFQ6iVTesKQAmmY+y/O8OxflrjJCIA524v28fgJuAS9E3PfJ+nk+G/eyq6GfMX8Ibzo6FNurPcsQ1ReJiTJA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 02 Nov 2023 21:27:17 GMT
Tb8P79eBl50.css
static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/ Frame A877 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/Tb8P79eBl50.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8fa7d1084215077cda02b61a1e499f6ef07202802e26c6fdeb5c1fbb71cae6e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/mW5wONGNfNZfTLsu5IBSA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4955
x-fb-rlafr
0
x-fb-debug
CGWSBhMhM/wTy5TAGXHxl/62+vCkRfcuYZ/XPwhPhOMaNVwm+CISyups30iyNOwinRfI2VoSp/9MyAot8jpxKA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 05 Nov 2023 14:01:23 GMT
BlEbFnvXdO-.js
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ Frame A877 		323 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
29cb46aa7e5b570fbffc16785a4ee48a69628958f516099c054937f0b0232d7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
DXV8Y4Klcg7V1MIbZWzN+A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88904
x-fb-rlafr
0
x-fb-debug
X4H81Eex3jeL0j0n+I2vPcUwXG4Sxpeub9rRHO+binq/bb97wAiXUfmLiDlSkrvSzvdVqDmQO6Zv8c+HSy18fQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 08 Nov 2023 01:19:12 GMT
8LoDHCcRMmF.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame A877 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f28bb67943d02b75ca344e7d7403636d1174bbf9af444c11d4a0fd5cc0f8da0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
B2XXbXRnFhVtU9Nu5vgINg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12369
x-fb-rlafr
0
x-fb-debug
0F5PEpd5M8FwW3GPIfX/TUugYqMZQFf5hfKZeHH+bLBlnktfYFlAo+Mq1zwMU8gT35951sxDi+7lAHPjTWGT8g==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 08 Nov 2023 14:58:16 GMT
ojzICpVg5Kb.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame A877 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
511bb2e3d878baab516a36f721819aa1c99a0e7ca1ffdaad02aaefdffbf87445
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wrD8MriTscJDs6J7zFeZzQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16259
x-fb-rlafr
0
x-fb-debug
Rfs3txVT8L4PNL+HS49+hMfdJcnyjahxnIwZd9NsGZoXJzHoalQ/K2wzkziyxjza3pAjm6OKuOMJYvFaYsPe4g==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 05 Nov 2023 03:01:13 GMT
wTglN12iuj9.js
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame A877 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/wTglN12iuj9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4f3258622918e2a9d849149e4ac8bb7ac279b86d6ca687f5768345275da6ca40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
eiUTJMl58oHDOjkeKOYytQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8632
x-fb-rlafr
0
x-fb-debug
79Fn1yS/L6NnkMlgN3WRm0+50BN7m9ypJ3qJSN6cnOZgOSqarmvlUQ8+WYlr25urTi2Ay5wAgppMofSYAUjvOQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 03 Nov 2023 19:15:44 GMT
SuHirPIqipH.js
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame A877 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
461189520515f66d47ef4cf55e7b1b6eeeb50c209e2617f86fd1733ed169d7bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
DqoZelwBEBHhSJ9BGwQiSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8222
x-fb-rlafr
0
x-fb-debug
ZkQNZrS6HtS8KeoI2EnyJiM+dxBBq0fuP2+r70/VunmBcFI/ioVaW2ZwCzhld6yntHNLfhvBxLphyyFs0Pk6KA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 28 Oct 2023 15:06:06 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame A877 		588 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dvWT6EJnf3PNCgYjKHSyww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
338
x-fb-rlafr
0
x-fb-debug
RbR42HnHBsgfkDsHVLOEbM4ggElYJidCpPbguRLoshHSVVpbgEYpYAz1S3fK3CMBXIOgoZL3v2+AJIvkYkuiBA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Nov 2023 21:27:14 GMT
9ceEMw7kTfT.js
static.xx.fbcdn.net/rsrc.php/v3i2aq4/yx/l/de_DE/ Frame A877 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i2aq4/yx/l/de_DE/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9778d9bc81a3011b90d6e45944df383a02e112c1c2a31bd88626aa22fe657e88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8kF2cuaqq9jf2P/EpWCxpQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7101
x-fb-rlafr
0
x-fb-debug
cq17NerOj5AFiKkkPMzcyQ9X2wohhPkoRV4yKmJGOEFR2gfff0KM9fZt4G/8bakgyHwQUjP97wOsiprfecseNw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 02 Nov 2023 16:55:29 GMT
EKwmV8fAj1M.js
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame A877 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/EKwmV8fAj1M.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
98b5785c98d9b8fc7ec6ba799a535a37e0fb14331678ae4d4c06b66e979fad5d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jNks0sI2q7qmN/R7Ut3Ouw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1807
x-fb-rlafr
0
x-fb-debug
H77/mGdZsmqK7/LZ6qUGFozdE3KYVTP6IqSGHZqxSXNmIBgaKpj0cjI1J1mK0Wt0dODDO+UT9RIGt8HixB83Lg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 09 Nov 2023 16:27:51 GMT
FelcvtA3NGC.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yL/l/de_DE/ Frame A877 		83 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yL/l/de_DE/FelcvtA3NGC.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
400a2c0ad45dc7bb4739f9888e8735f473e0dc3cbd3e8a721a55384666555689
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b2PpVjK9ezlzh2dkfMWFew==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23372
x-fb-rlafr
0
x-fb-debug
WjomQO5dyZKzgmdSdcjcTfklZjOCWgrhuomJkSkyRI5qJrw5ANK86yK/99osAa+aSdR842Gjf+yn4QafKbj3CQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 08 Nov 2023 23:43:43 GMT
oDVETVg4GJv.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame A877 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7994b4c7055c1dbba3b5b88309fcd1327a08f3412ff73d5633cb3b842a156f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0bpo8UawH0rvYNearbkm6g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7236
x-fb-rlafr
0
x-fb-debug
/rpqFpQsvM1DSUV7FGpC79hyS1igdH6kllM+qalr0guVcumbq0cIqgwFpEZoBbUlKOiKq/xdQR6z4SPVlMW9Yw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 03 Nov 2023 15:39:14 GMT
PRLdM6JdoNy.js
static.xx.fbcdn.net/rsrc.php/v3iiuU4/y8/l/de_DE/ Frame A877 		336 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iiuU4/y8/l/de_DE/PRLdM6JdoNy.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b6e16de28afcb5e22249bbc958b8b7251606824f4b0a68c2b0d80b9effbdf1be
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
H79tavgA9hIEQIK/M8Jp6w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
80511
x-fb-rlafr
0
x-fb-debug
IomfAnU7er/N9Snm4BPAX50YjHBTZ+fBNFpP2mFPoEqCIO+Z0WEX7o73Tyk0vtaVAYaWVDKJYg013LxMZbqAxQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 08 Nov 2023 06:19:54 GMT
zge0LHF8dqs.js
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame A877 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/zge0LHF8dqs.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c0b901be50c38ed329c453fbe639afa6bab1ca75d9ac0384b66857808a9d19fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cXhNZOBzCkIxAwESvJQEJA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19177
x-fb-rlafr
0
x-fb-debug
dw+368475XV5FeLizUSEoNwAKN1lto3e/SWCeMxZgZTlX2Hr5Q+wsjc3PbG0FR2Mfc3ZshjjnZ62vS4NukN4Bg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Nov 2023 22:43:13 GMT
qk2dbOUObQD.js
static.xx.fbcdn.net/rsrc.php/v3iMqR4/yE/l/de_DE/ Frame A877 		154 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iMqR4/yE/l/de_DE/qk2dbOUObQD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
860ec3bb125476e3ae0a0fe624a78286bf461bfd5b7bd7ea46b2647e588d33c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZWJMAQTqdZolVBlem5NoKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
42048
x-fb-rlafr
0
x-fb-debug
rw6WSml7yvgdxwLPXYFM+EZv7yLCCpnEsMeJtkPPPeC/GTU6EKCkWsJ1qUzPd1cnfY44XtArZjzLewIH9j7ibA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 04 Nov 2023 00:44:16 GMT
TDGT8euSbGZ.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame A877 		212 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/TDGT8euSbGZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
77a6a8986428ff294c58b7fdd35bbdbe41ca44894047b937c0a0ba61aec18df9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZlgH3JUfzLwqK37xJTzIcQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
48095
x-fb-rlafr
0
x-fb-debug
Nu0IM/YhXwcQbILJNhnuY+iRJEMfX1KM7phV5koPk1SsZK4xRndSnBnkwQHB6f4DqHhynTM/TQOPco+Wuuy+6w==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 09 Nov 2023 20:42:24 GMT
gczkeIw2IoN.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame A877 		2 KB
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/gczkeIw2IoN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ac1268ec5bf51e037e72c6d466501d404d0c8661b8f418f058ab223edaa6312a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xrIFrb/LDbsWqtR/GTav4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
760
x-fb-rlafr
0
x-fb-debug
k4pKXE5eox410GaqP1foUFfnvkj7h1ABcpJG+rNI7zZCbdrksYK5C87mGpXdyQhTLRFRYSMzPI4N4Z6hAlPpKw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 01 Nov 2023 15:57:20 GMT
qZwIteX5V60.js
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame A877 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/qZwIteX5V60.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef6e94fcbf7dd1203617eac780ba2c63b5c5be15f67b7343ed8d711b15c77c25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
f4tB6Al+8zCJJ6AhvXbrYA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7946
x-fb-rlafr
0
x-fb-debug
UJwpjSUOByGRnD9O6INFUutr/GTmJsp9v+rL5JcEno+Cb+mvcJfu/1yC6syL/Yk7Qi+qSkpeUXc6oQddOqMuyw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 04 Nov 2023 00:44:07 GMT
Y1Vj4wvi23s.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame A877 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/Y1Vj4wvi23s.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f94fbc7e1883fe6d805d2b4c875d4fc2c21e0873a0f09d99bb9ded4d1f0fe681
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZOScNPMNYYP9nF9s7pZ/XA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3827
x-fb-rlafr
0
x-fb-debug
KW4s5UGN13wL9+izQ4tqELqHg2+bL+QUwI3RWksLr+feh4np9wxS1ESUSrQqA4sdiEIDdPgfU0dVJAmwE+jj0g==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 02 Nov 2023 22:43:13 GMT
FLvtonlSna1.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame A877 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/FLvtonlSna1.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1d6490f44a2180305b547c102812f520f01fb334f167db4091c1816b66166b9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4majzMI5X7y53cPlzz/opA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15209
x-fb-rlafr
0
x-fb-debug
QpEPd9+TLBWcrVWnwlGpcQiYlStMzB4B1S+UGi3dazeUm3xTW4lmzg2TTDxgAmLNYHuAkBBQtrCJf2BoB0C9MQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Nov 2023 17:47:59 GMT
269546106_682875953118913_5806549178849375890_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t39.30808-6/ Frame A877 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-1.xx.fbcdn.net/v/t39.30808-6/269546106_682875953118913_5806549178849375890_n.jpg?stp=dst-jpg_s350x350&_nc_cat=106&ccb=1-7&_nc_sid=dd9801&_nc_ohc=97q5zB_ROgwAX-Zf6Cg&_nc_ht=scontent-frt3-1.xx&edm=ADwHzz8EAAAA&oh=00_AfDgpXzs7fgePaI_rwvgvw-nioTk2PxbhJ09yOJaAzNKIg&oe=6371F88C
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
571da35bdddda7ec4fccd594181c04e2c5db4285be67907abea45daad789ebf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-haystack-needlechecksum
2787905246
date
Thu, 10 Nov 2022 17:46:05 GMT
x-fb-trip-id
2050670934
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Fri, 24 Dec 2021 06:59:33 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3014635661
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
250743086
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
18831
305964663_450890893727816_1742559653774706626_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t39.30808-1/ Frame A877 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=4SDmjHw13O4AX-CP2Up&_nc_ht=scontent-frx5-1.xx&edm=ADwHzz8EAAAA&oh=00_AfAuouFpxbZ1wxYFphIlfyopRDWcinZ03wnDtbiaeXgqwg&oe=63722795
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-haystack-needlechecksum
760809244
date
Thu, 10 Nov 2022 17:46:05 GMT
x-fb-trip-id
917726464
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2540016234
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
88386505
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1345
cm.php
fcm.holmesmind.com/ Frame 31EA 		332 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 17:46:11 GMT
referrer-policy
no-referrer
utag.js
t.ssp.hinet.net/ Frame 4052 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 17:56:05 GMT
cm
c.holmesmind.com/ Frame 4052
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame 78E6 		575 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:1400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:41:45 GMT
content-encoding
gzip
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
DUS51-C1
age
259
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
K_6Fph0kVlv9iy3iFfOjr4oZndPeCGGmCrPZEMnMx4UuHCSy_5KOsw==
Preset.js
adcdn.holmesmind.com/adserver/ Frame A4B6 		905 B
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:1400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
07ed739ce3c5694105e83410b5e11f3618c27dda13faa8c726d4b005f730ed84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:43:38 GMT
content-encoding
gzip
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
DUS51-C1
age
147
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
SP_u2Cp3fWzWtiXUuKDodVmKpiXuvo9aXFSTjIOW9rVuuu0eE_ITxA==
Preset.js
adcdn.holmesmind.com/adserver/ Frame 3EDC 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14209
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:1400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
26bebb3041ca9f054a20a3622385eaf9f8aa7a61b2fac7026111c9ebced41848

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:43:38 GMT
content-encoding
gzip
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
DUS51-C1
age
147
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
CwdzKQYPpl4iPXQb5Tu8hiFS5Tw3UlMhN4hnMmBOC2MbdlKkEUtFAg==
Preset.js
adcdn.holmesmind.com/adserver/ Frame E5F9 		756 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13847
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:1400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:41:45 GMT
content-encoding
gzip
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
DUS51-C1
age
259
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
kKJkJL67qxK3Ywd6MX-R6yyKLFsowaDmg9PC76ZcyS8VkiIwcyHLSQ==
currency.json
img.scupio.com/js/config/ Frame 132A 		107 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
18d9759b7471790f384c1e874ac12b7f72d9d9b1994ea825777bb975e76d5a83

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 17:41:33 GMT
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 19:15:04 GMT
server
nginx/1.12.1
x-amz-cf-pop
DUS51-P2
age
276
etag
"636bfc38-6b"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
accept-ranges
bytes
content-length
107
x-amz-cf-id
ug4o4xKGNFnQRTLXM9KzGAQHK8_5p1xxHGZ1GBZh-Zo7zeYLxDoZ0g==
expires
Thu, 10 Nov 2022 20:41:28 GMT
currency.json
img.scupio.com/js/config/ Frame 8FF8 		107 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
18d9759b7471790f384c1e874ac12b7f72d9d9b1994ea825777bb975e76d5a83

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 17:41:33 GMT
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 19:15:04 GMT
server
nginx/1.12.1
x-amz-cf-pop
DUS51-P2
age
276
etag
"636bfc38-6b"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
accept-ranges
bytes
content-length
107
x-amz-cf-id
7U08dkGtSGVTVpe2DGWbyrUr2Z5iP7JfbyPxRe53AikPDkrvMPPFDw==
expires
Thu, 10 Nov 2022 20:41:28 GMT
header
hb.aralego.com/ Frame 132A 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=39e530e1-e19c-4bfa-a595-932750936652&u=https%3A%2F%2Freurl.cc%2FoQ84A&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=789d0af8-c49e-45aa-889c-3d0f70572574&w=300&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://img.scupio.com
Date
Thu, 10 Nov 2022 17:46:05 GMT
Access-Control-Allow-Credentials
true
Connection
close
prebid.json
ad.holmesmind.com/adserver/ Frame 132A 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1668102365036&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.174.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
prebid.aspx
prebid.scupio.com/recweb/ Frame 132A 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.1383868058945219
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://img.scupio.com
cache-control
private
access-control-allow-credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 132A 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 10 Nov 2022 17:46:05 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 132A 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=38816769580
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame A877 		573 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/Jx2DDFnT0Mt.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/Jx2DDFnT0Mt.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
27qRep9cu+fdjI0PsTMYH1upn4Uk3wl9DHCmXEepRnMILNvDrA2hd8sSDZkkC0PiE1UYGoZRL6pPQ8IYUMeQ7w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 01 Nov 2023 00:50:15 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 3EDC 		0
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FoQ84A&n=182&o=1&d=1&b=2&ts=1&ii=3&FPCK=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.174.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
ads.js
ad.holmesmind.com/adserver/ Frame A4B6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FoQ84A&n=528&o=1&d=1&b=2&ts=1&ii=3&FPCK=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.174.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cd517ec991051cdaa3d2553876f217f28cd729fd0323685889ce4744d2b158f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame A4B6 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
57
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
B35c-_h4Kkuz6YxxUTTRONssrAgiX6Adar3ckwwdDZlrp4_mX5LXyw==
publishertag.js
static.criteo.net/js/ld/ Frame A4B6 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 17:46:05 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame A4B6 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
6
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
ZV28EE1Lif8Wo993yK6WXu-BU8VHEL1-i6ApndbnIZCTfBOam03QhQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame A4B6 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
36
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
Qr0ATaY8GDDCNcX0XPKX52SBvI8LKywutHt7F2_iAKq3KXW3J02SaQ==
appierV2.js
cdn.holmesmind.com/js/ Frame A4B6 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
36
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
YXfe0baVZRG-Os-5dVRje1LDNTAzPBwr-lvEZyKDh27r3NzgBURFdA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame A4B6 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
QNf_HVa__9WDJ9903hLaQWAhMnzhWu2z
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 09:50:43 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
36
etag
"b678af4b54f33f8ef194167ea87bc296"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5925
x-amz-cf-id
wSafAx2vS_i5YbBDl3yTLuWEQdYgSPYYf9hrHt1Kl8w_EuyuxeFiAg==
cdb
bidder.criteo.com/ Frame 8FF8 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=4713435667
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid.json
ad.holmesmind.com/adserver/ Frame 8FF8 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1668102365082&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.174.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 8FF8 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Thu, 10 Nov 2022 17:46:05 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 8FF8 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.683101318236913
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://img.scupio.com
cache-control
private
access-control-allow-credentials
true
header
hb.aralego.com/ Frame 8FF8 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=39e530e1-e19c-4bfa-a595-932750936652&u=https%3A%2F%2Freurl.cc%2FoQ84A&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=ba8bcad4-31ba-4b03-8382-3e755e0d33f3&w=970&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://img.scupio.com
Date
Thu, 10 Nov 2022 17:46:05 GMT
Access-Control-Allow-Credentials
true
Connection
close
ads.js
ad.holmesmind.com/adserver/ Frame E5F9 		0
215 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FoQ84A&n=787&o=1&d=1&b=2&ts=1&ii=3&FPCK=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.174.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame E5F9 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
57
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
PDx8cfQEJ61EyCIjkjdIFK8g4IDIkeCSRGLqPnz4yBty15mXT8D9bQ==
publishertag.js
static.criteo.net/js/ld/ Frame E5F9 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 17:46:05 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame E5F9 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
6
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
-zIqPALXj3AZMJv4QXgzk6TTUQDaEzcN7XM4vM72yCMVimnOkjvM0g==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame E5F9 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
36
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
u1yaf72brMDlW4H9dnS5dRzAjR52bKeXEPyPoD_qAKcykPLQ1WBI1Q==
appierV2.js
cdn.holmesmind.com/js/ Frame E5F9 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
36
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
rH6v8q49S439KXtRWrYtgfy5z6kNL0oVVdhfaVtYPyZgo6d1d72P-g==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame E5F9 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
QNf_HVa__9WDJ9903hLaQWAhMnzhWu2z
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 09:50:43 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
36
etag
"b678af4b54f33f8ef194167ea87bc296"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5925
x-amz-cf-id
fzfNTGakkIHh2x2GaPoDhMMseRoCK1Ts5gNNlL5RTuZR4oGB7605EA==
ads.js
ad.holmesmind.com/adserver/ Frame 78E6 		2 KB
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FoQ84A&n=769&o=1&d=1&b=2&ts=1&ii=3&FPCK=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.174.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
96025fe2ac1d49a102c91a781efb98172a55d455255e2b734eaa80e95caa7e69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 78E6 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
57
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
73YYbM8nExnRMga92a9QmvI9JeO9Lre6TfHvvbj-C_y2VC7jf9sSlQ==
appierV2.js
cdn.holmesmind.com/js/ Frame 78E6 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
36
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
Ix-0qtw6k89odkxh_d5nDukdXjol_pOURjxd6tOUDNPtMQ0YqYpBuA==
fmmMhaNKIl_.js
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ Frame A877 		159 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/fmmMhaNKIl_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
350bff481258bf844304130acf62114a8fded76c0f6de81a1e23a343cf3f4b45
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Q3RQVyzwVYBX6+/M0oUiKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47789
x-fb-rlafr
0
x-fb-debug
JJuwyFLwCji31nJaEP474DQMlTpsZPPDOrsbW0I0QrSsAGW7ug6H+OQBjv2hNJRC6pbAUtTaOT3jncostArQ/Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 04 Nov 2023 04:50:30 GMT
VaJcqGCbfHB.js
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame A877 		369 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/VaJcqGCbfHB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4b0e54a4e33e1accee24ea7d55e04320985c433d753687551f9e2730922249c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kQ/eLXJLBvkLhcr4HGx3Mw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
80500
x-fb-rlafr
0
x-fb-debug
rKmCojdJZ6vmLMt/m+4Cz5fVSmOzIsXU0t3ipgAVITifeEIlTRHXtUcEv19UOXCfTyR/dIviQceYAAixvuglJw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 08 Nov 2023 01:21:40 GMT
XMcaTtpIKOY.js
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame A877 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/XMcaTtpIKOY.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
87eb062a0975a9aefc9dc3069c6b52fa2d93e4f789586f82d7ae421fdc32c8d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8p1dkBBBMx7YlMOSh1nJEg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12920
x-fb-rlafr
0
x-fb-debug
KpQ+H94+0k2HJ2ig49qwURRZtZKpf6mLTtSSch+hBIkt2RSYgf+DZIcyiSj8tAWNF7e3IkdkZuosdJFDjQ4Y/w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 03 Nov 2023 15:37:43 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame A4B6 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 10 Nov 2022 17:46:05 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame A4B6
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ynTiGlxGB6iC6DSC3jhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=ynTiGlxGB6iC6DSC3jhtYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 17:46:06 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=ynTiGlxGB6iC6DSC3jhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame A4B6
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=q-C7-m2ZBiSvwWqC3jhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=q-C7-m2ZBiSvwWqC3jhtYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 17:46:06 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=q-C7-m2ZBiSvwWqC3jhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame E5F9
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=MoGDhDy4BH6gmtzf3jhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=MoGDhDy4BH6gmtzf3jhtYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 17:46:06 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=MoGDhDy4BH6gmtzf3jhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame A4B6
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oafOELKGD1Gj2eXp3jhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=oafOELKGD1Gj2eXp3jhtYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 17:46:06 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=oafOELKGD1Gj2eXp3jhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame E5F9 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8418376974272563
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://reurl.cc
cache-control
private
access-control-allow-credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame E5F9 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.1648445232830391
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://reurl.cc
cache-control
private
access-control-allow-credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame E5F9 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 10 Nov 2022 17:46:05 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 78E6 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 10 Nov 2022 17:46:05 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame E5F9
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=8vD6wGPFCsihbFEC3jhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=8vD6wGPFCsihbFEC3jhtYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 17:46:06 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=8vD6wGPFCsihbFEC3jhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame A4B6 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7321159965871928
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://reurl.cc
cache-control
private
access-control-allow-credentials
true
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame A877 		907 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yL/l/de_DE/FelcvtA3NGC.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ce7936cf130f1d043cd1dcd3e9a2cab738b5ac64bc1315e181bed6bd9f86c56
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
AHGpHujHIk2xkbg2r5x4Gw
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 17:46:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
Z/B+7EMKesfnI9qEhrxlI0YWBfJXVIFZn4DkNBvDEoDVTCsZKk8hEc4hjMWII2AAFLO5+0VZkeL/Fzp5p7VMQA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
access-control-allow-methods
OPTIONS
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame A877 		94 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5ZKdwnU14E9kbxS0oG3S0H8-7E2swdq1iwmE2ewnE2Lx-0iS1AyES0gq0Lo4K2e1FwbO&__csr=&__req=2&__hs=19306.BP%3Aplugin_default_pkg.2.0.0.0.0&dpr=1&__ccg=EXCELLENT&__rev=1006578975&__s=%3A%3A5ad98k&__hsi=7164445100304305561&__comet_req=0&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yL/l/de_DE/FelcvtA3NGC.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1d3c157a86f004ebf2bb14266c494038246d44d29431bec4d85a941f55ca4f10
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
AHGpHujHIk2xkbg2r5x4Gw
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 17:46:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
mQqAaO9uCzxKmGRONLUFL23grP7qMLoaeBW+wD2l9wqhGl8RawRT3E84An7nxGjgr+J9QaCwBgS9tUg5cGd+OQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
private, no-cache, no-store, must-revalidate
priority
u=1
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame A877 		907 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yL/l/de_DE/FelcvtA3NGC.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
345f7a8a8ccc5bc8dee99c4d96311ca303da63e75c194f1a0a4c238d249e2ea3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
AHGpHujHIk2xkbg2r5x4Gw
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 17:46:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
GtfGe4z8qS+c093hAS8Qss8u86K2eKlBJ1mwHiRPUJg+tjRhgU4yCg7CbYXdyIGAE4ZgIxbxOBFJuYMBkA7YOg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
access-control-allow-methods
OPTIONS
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ksSG7BCGzVy.png
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame A877 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/ksSG7BCGzVy.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/NZS3ML1mHxT.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55e8c619d20bc3f1a22efd0fec83dba0d8bd9e898f0d5847eaff094f0887fad3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/NZS3ML1mHxT.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
x-content-type-options
nosniff
content-md5
uyn8DKg02tdFYyt7qV6IBg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12111
x-fb-rlafr
0
x-fb-debug
Id1gi34r2qBddyuIAnhU5+lSjignQCqDRG7O/8krqbI9MDjljzvubftAxxWMSzd31Nk5SWzZFwtbZUuahfimmg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 03 Nov 2023 19:15:44 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame A877 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/Jx2DDFnT0Mt.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/Jx2DDFnT0Mt.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
x-fb-rlafr
0
x-fb-debug
vhs0S+OsJZoH1RS939dZozqnUNmPWsNvVe0fR62CEFEQaV6MU+HnpUADDje0JiEkZy/J2vS4SUlWmmrEvJLVbA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 01 Nov 2023 00:39:48 GMT
renews-title1.png
re-news.tw/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.136.122 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
122.136.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
last-modified
Sun, 28 Nov 2021 04:19:19 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"61a30347-5fad"
content-length
24493
content-type
image/png
2022111008102614.jpg
img.racingcharger.tw/wp-content/uploads/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2022111008102614.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31859cb7b312a218ccd661f69aa622bcf2920ca76d994cab7d75d9d327f96afd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 08:10:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
13499
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8AAdlkBJrZX%2F1DMyrAiEAmjq32BWWw9%2B%2F%2BvXySjvkkukqfLtAmwK3foXyBfu%2B4Paiow5lSC5RZLTEoW7DBxILsl2GbxXyATfSxFYwyOnKyzKKuLLxHkVRT5KJjP%2Fr3v7VvZZpvaIhgyh3vWcNdzpuRMeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
76809b10bf2c91d5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
143902
%E5%AF%B5%E7%89%A9%E9%80%9A%E8%B7%AF%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1%EF%BC%8C%E6%9C%80%E9%AB%98-10-%E5%9B%9E%E9%A5%8B-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2022/09/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2022/09/%E5%AF%B5%E7%89%A9%E9%80%9A%E8%B7%AF%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1%EF%BC%8C%E6%9C%80%E9%AB%98-10-%E5%9B%9E%E9%A5%8B-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.244 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
200dd172b8a158007f336da517981b09eeee0f772b05090582fdda6f74ca3a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
2.hhn _atomic_ams BYPASS
content-length
49904
x-nc
HIT bur 5
last-modified
Tue, 27 Sep 2022 17:00:36 GMT
server
nginx
etag
"81d6d4395a4c3cfa"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Fri, 27 Sep 2024 05:00:36 GMT
1028_02.jpg
mma.prnasia.com/media2/1943593/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/1943593/1028_02.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:fc04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d2c7cae2cf58b452b8e61343fa75460d2374c335cfb6623afa575eb51b0f2e06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
cf-cache-status
HIT
age
31420
x-powered-by
ASP.NET
server-timing
intid;desc=601f8183e5783a28
content-length
93006
cf-bgj
h2pri
last-modified
Thu, 10 Nov 2022 09:02:25 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=1
accept-ranges
bytes
cf-ray
76809b08dc30903c-FRA
access-control-allow-headers
Content-Type
expires
Thu, 10 Nov 2022 09:02:26 GMT
1667922662-8212bad10c03cacf760268d481e191d1-840x525.jpg
img.gbyhn.com.tw/2022/11/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2022/11/1667922662-8212bad10c03cacf760268d481e191d1-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60fc458c3022ebef22731082c8f34c23772182dcf9a5ce9b595d3322f2b82b05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
175924
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
81678
last-modified
Tue, 08 Nov 2022 15:51:02 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRHzZf96wXC8XJFJiQtPVWAcXexNLGqz%2Fh8aZh9ItFMnZp6hdiio%2ByM3sHh9hOuUyGXaHaN13Wy54xQl2yon53rN%2FvdP%2F42n%2BXTgue5eSEF5ja6ANKHm4NSGeF%2BmZLcIos56EXMrczlYdfj3QLm7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
76809b0a09eabbb5-FRA
expires
Tue, 15 Nov 2022 15:59:34 GMT
%E5%B9%A3%E5%AE%89%E6%8E%A8%E8%96%A6%E9%82%80%E8%AB%8B%E7%A2%BC%E5%B0%81%E9%9D%A2-750x375.jpg
www.rayskyinvest.com/wp-content/uploads/2022/08/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/2022/08/%E5%B9%A3%E5%AE%89%E6%8E%A8%E8%96%A6%E9%82%80%E8%AB%8B%E7%A2%BC%E5%B0%81%E9%9D%A2-750x375.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.242.224.42 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.224.242.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4b3b41c1788c73a42a2964275557f4928557f448374d7e8df51289db359e3c73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Thu, 10 Nov 2022 17:46:05 GMT
expires
Fri, 10 Nov 2023 14:11:16 GMT
last-modified
Tue, 09 Aug 2022 06:16:17 GMT
server
nginx
etag
"62f1fbb1-8d29"
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
36137
x-cdn-c
static
x-sg-cdn
1
image-6.png
i0.wp.com/golike.tw/wp-content/uploads/2022/09/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2022/09/image-6.png?fit=1300%2C649&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ce76d4d0ac7e64592945e84232d729d5443f24a97af9b4712628f686e7b9b032
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 10 Nov 2022 17:46:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 07 Nov 2022 11:03:57 GMT
server
nginx
etag
"73a508ef995b5f50"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2022/09/image-6.png>; rel="canonical"
content-length
89360
expires
Wed, 06 Nov 2024 23:03:57 GMT
file.png
static.wixstatic.com/media/08c74d_ab4a677a3fbd4846badccc8c8c728ba8~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_ab4a677a3fbd4846badccc8c8c728ba8~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
51639d0de39c20ca9649824064511d4c04b38d180cf28af212017c74ac86450c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 16:44:31 GMT
via
1.1 google
server
openresty/1.21.4.1
age
349294
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546649
wix-tracer
2HBKWxIm1A66CvA10NAMhlypdHn
x-seen-by
image-manipulator-75c8ddcd6-bzsbc
%E8%B2%B7%E9%9B%BB%E5%8B%95%E6%B1%BD%E8%BB%8A%E9%81%B8%E4%BF%A1%E8%B2%B8%E9%82%84%E6%98%AF%E8%BB%8A%E8%B2%B8%EF%BC%9F%E7%B4%94%E9%9B%BB%E8%BB%8A%E7%94%A8%E9%9B%BB%E5%8B%95%E8%BB%8A%E8%B2%B8%E6%AC%B...
blog.alphaloan.co/wp-content/uploads/2022/10/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2022/10/%E8%B2%B7%E9%9B%BB%E5%8B%95%E6%B1%BD%E8%BB%8A%E9%81%B8%E4%BF%A1%E8%B2%B8%E9%82%84%E6%98%AF%E8%BB%8A%E8%B2%B8%EF%BC%9F%E7%B4%94%E9%9B%BB%E8%BB%8A%E7%94%A8%E9%9B%BB%E5%8B%95%E8%BB%8A%E8%B2%B8%E6%AC%BE%E5%B0%88%E6%A1%88%E6%9C%80%E5%88%92%E7%AE%97%EF%BC%81-.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8ece289c9fae84acbb22a2544ab116a875968f6656e4fc18bdda40252ca62d04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=31536000
x-ac
2.hhn _atomic_ams BYPASS
last-modified
Mon, 24 Oct 2022 07:38:56 GMT
server
nginx
etag
"63564110-1ee77"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
126583
expires
Thu, 17 Nov 2022 17:46:05 GMT
landing.php
fp.holmesmind.com/ Frame 2045 		0
0
utag.js
t.ssp.hinet.net/ Frame 3EDC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 17:56:05 GMT
landing.php
fp.holmesmind.com/ Frame 1C76 		0
0
utag.js
t.ssp.hinet.net/ Frame A4B6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 17:56:05 GMT
landing.php
fp.holmesmind.com/ Frame D892 		0
0
utag.js
t.ssp.hinet.net/ Frame E5F9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 17:56:05 GMT
landing.php
fp.holmesmind.com/ Frame 0A98 		0
0
utag.js
t.ssp.hinet.net/ Frame 78E6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 17:56:05 GMT
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame A877 		279 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QusOzUJEj2HVYgmawONobw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
189
x-fb-rlafr
0
x-fb-debug
f6ER2m4IqvaWh761NbUz1wVajujnpL06xZC0G5G7vUOxwPEgi6EmNTox0Vx/qaX7TAivlxqvU/ELjCb2TLFTCA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 03 Nov 2023 16:03:44 GMT
/
www.facebook.com/login/ Frame A877 		0
0
/
www.facebook.com/login/ Frame A877 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Nov 2022 17:46:05 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Lgu815yyIsSmK2OEQ3neHhyfuUHLWTTbbtXyxtloCVf2zmPZloE6/Xv6xHj2a7zTY+NECz3dqyWxMm8kzzrjSA==
x-frame-options
DENY
x-xss-protection
0
cdb
bidder.criteo.com/ Frame A4B6 		177 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=10008195648
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
95f185b6aa4dcab13c8717cc9a080683b4cde54cea64623eb66ed3144ce0aa77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
164
cdb
bidder.criteo.com/ Frame E5F9 		177 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=71207188423
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
f39c2d56ebe335aa3e5c7317ecc511e79d6629a0b607b39eebf648974ccd99af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
164
cdb
bidder.criteo.com/ Frame E5F9 		177 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=36859809298
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
7bf1e8474fb3e101ea03fbfabd08e53fb9527b082dc0accf1160ccd923278997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
164
events
bidder.criteo.com/csm/ Frame A4B6 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame E5F9 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame E5F9 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
truncated
/ Frame A877 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
fDhuR0wUejB.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ Frame A877 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/fDhuR0wUejB.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7bc755a7981b11386caa85825c1ee80b7d6efbaf7edfa349b733a0e16aa11dc1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
C0dhn6zFiZ51fhjoJV3h3Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4462
x-fb-rlafr
0
x-fb-debug
eQT7C5XHtodOPktRe3Fclh0Z+W4YPj0pK1BA9UVd5/vB5oyyBnHOZ7iQhaz4FPrsSa/zZXhp9Iw1vRyYi52ILw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 03 Nov 2023 17:58:03 GMT
sDdqCaJ5A6D.js
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame A877 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/sDdqCaJ5A6D.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a14f4c6905873afa342fbb06fd53049a539beb24490e3f9a0f32d3e9da8bec26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZDIEPXMwv03dCuELBt5krg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16297
x-fb-rlafr
0
x-fb-debug
ohx1isPOomi8p6w6V6dOVUUBHOxjPohs9AvaDLSLm7FgnG5MMtJWrY/wVcxEdY8rEXi+JOSVLz6ImFOg1K4VsQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 03 Nov 2023 03:05:33 GMT
3wX2w-O_9zc.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame A877 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e8bba666fc7cef1cf595194ac929791183840c7158dfde05eecdb9e537eacb76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4OU/i0m/D/s3x3W5woilwg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1286
x-fb-rlafr
0
x-fb-debug
+s3ixNcMni9vHZaHtD3jpiKTNNa4ZRYzP/aCe4kPxW6inpvh9hpfzTm8AhpSuscuHUQOF2nzzcSalJoLSr+KvQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 03 Nov 2023 00:16:53 GMT
L3rRYxmZ_M5.js
static.xx.fbcdn.net/rsrc.php/v3iUY_4/y-/l/de_DE/ Frame A877 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUY_4/y-/l/de_DE/L3rRYxmZ_M5.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
G9hTLuwVhJOCc2ljMxMTag==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6749
x-fb-rlafr
0
x-fb-debug
Vx/OtxU4k/QEj8gxuuaNe5f94qs+FA2yIbafJTuTqcMa/6YHi+ZXRFvBzH4TqGQDJl1FbikVux/97WyP29saRA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 03 Nov 2023 18:22:19 GMT
MDNj1eUK5bV.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame A877 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/MDNj1eUK5bV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/BlEbFnvXdO-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de196fa938446c7486bcecc14b72919df6f78871a4af22c4f168a2785a0139ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+krRjR/Db6iONoDCDh0aYQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10426
x-fb-rlafr
0
x-fb-debug
qTc+xfYJfmXHIHRcX7/MxOio+wv+7hueO25+HMy8Mk+CC5zIqO7PY57I+Cyrx6ynngWJfBfV2Vn9ssQdmv7M5w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 03 Nov 2023 16:03:25 GMT
/
t.ssp.hinet.net/ Frame 3EDC 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
a2efa2b18b2f02b2fb47431e0b183a6a7babc9d99c3eb21b5a285dfd96afc2e5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ 		37 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
35a542686a0e6134a9936ebc24a8fb5c94f1c6cc1a661ac52c2528d872f8246e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 4052 		37 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
f79aba8dbce500a8807bf01239eeca4459beb5c5379d6536571ffd1016a3dbf0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:05 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
adsbyscupio.js
img.scupio.com/js/ Frame C274 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:45:56 GMT
content-encoding
gzip
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:30:31 GMT
server
nginx/1.12.1
x-amz-cf-pop
DUS51-P2
age
24
etag
W/"607cf957-11ab"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=10800
x-amz-cf-id
nxJulJifwCczg-AT64p8ZB0_NHMRqSp6gSCwA9NNry6hmuUAsMqzjg==
expires
Thu, 10 Nov 2022 20:45:42 GMT
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 8FF8 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.6537571820275445
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e5134db7513cf7a700aba7d4b26d12bb062847c785afb0345e10410bf6415650

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 10 Nov 2022 17:46:06 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1609
truncated
/ Frame 8FF8 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
drawV2.js
cdn.holmesmind.com/js/ Frame 78E6 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FoQ84A&n=769&o=1&d=1&b=2&ts=1&ii=3&FPCK=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:06 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
57
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
LDLcKD16sKMrZffLRcBExMBl2zETzvwIOC9C1ugd8lhWTca19QgzQw==
/
t.ssp.hinet.net/ Frame A4B6 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
aa74efb511cc043738f5b58626c4275547a0254b4c7e7076c95dc04032eb0444
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame E5F9 		37 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
af97a6c8d9007c4f6d730468f6e72f3a2d44681cb47348d7a0061443df650a88
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 78E6 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
0637d687bd9461b6ebbcc6893cee2e344cf55a6356b5618005b22db31cf0d239
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
970x250.jpg
img.scupio.com/img/padding/ Frame C274 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/img/padding/970x250.jpg
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
1219005b1ac715570be263a42b98d63280456e8fc7fcdfdf704536cfe5f9e9b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:14:44 GMT
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:31:40 GMT
server
nginx/1.12.1
x-amz-cf-pop
DUS51-P2
age
1882
etag
"607cf99c-b9b9"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
47545
x-amz-cf-id
WuHRhhALYImxKL2pfmWf6i9j02xVJlVb7g4pgntW_bNQBLc-Ze4PYg==
expires
Fri, 10 Nov 2023 17:14:44 GMT
emome2
t.ssp.hinet.net/ 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=2f275107-36ea-462b-9dea-529d0acfda06
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 4052 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=8544db7c-b50c-42dc-99bc-b3a9039863ce
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 3EDC 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=2f275107-36ea-462b-9dea-529d0acfda06
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
adsbyscupio.js
img.scupio.com/js/ Frame C82D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:45:56 GMT
content-encoding
gzip
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:30:31 GMT
server
nginx/1.12.1
x-amz-cf-pop
DUS51-P2
age
24
etag
W/"607cf957-11ab"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=10800
x-amz-cf-id
zg_OYbvbF_QiLNlHBJKLbro07AkN8KDoome-KnVHOl5MnoVaJ6IztA==
expires
Thu, 10 Nov 2022 20:45:42 GMT
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 132A 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.7973667066422325
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
08c4dde6d75c9e62f963456fe6eeefcb82a70314b43fa915e917a27820f31b10

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 10 Nov 2022 17:46:07 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1477
truncated
/ Frame 132A 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
drawV2.js
cdn.holmesmind.com/js/ Frame A4B6 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FoQ84A&n=528&o=1&d=1&b=2&ts=1&ii=3&FPCK=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:06 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
57
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
99Qrk0QHFzTCNAnKcoGgWKW0SIM-pBLoQqUtENmKMYDgYZfN70lhOg==
300x250.png
img.scupio.com/img/2011_gym/ Frame C82D 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/img/2011_gym/300x250.png
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 16:47:47 GMT
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:31:40 GMT
server
nginx/1.12.1
x-amz-cf-pop
DUS51-P2
age
3539
etag
"607cf99c-bcf6"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
48374
x-amz-cf-id
gMnygNsIp3jdcdCnnP-L4h2T7LwHflgLzdNWccwJ19mP0r8FVeQWJA==
expires
Fri, 10 Nov 2023 16:47:07 GMT
emome2
t.ssp.hinet.net/ Frame A4B6 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=2f275107-36ea-462b-9dea-529d0acfda06
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 78E6 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=2f275107-36ea-462b-9dea-529d0acfda06
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame E5F9 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=2f275107-36ea-462b-9dea-529d0acfda06
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
cm
t.ssp.hinet.net/ Frame 3EDC 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&mp=2f275107-36ea-462b-9dea-529d0acfda06
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
2f275107-36ea-462b-9dea-529d0acfda06.t.ssp.hinet.net/ Frame 3EDC 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2f275107-36ea-462b-9dea-529d0acfda06.t.ssp.hinet.net/pixel?bd=2f275107-36ea-462b-9dea-529d0acfda06&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=2f275107-36ea-462b-9dea-529d0acfda06
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
2f275107-36ea-462b-9dea-529d0acfda06.t.ssp.hinet.net/ 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2f275107-36ea-462b-9dea-529d0acfda06.t.ssp.hinet.net/pixel?bd=2f275107-36ea-462b-9dea-529d0acfda06&t=a546ca&referrer=%25%25%20referrer%20%25%25
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
pixel
2f275107-36ea-462b-9dea-529d0acfda06.t.ssp.hinet.net/ Frame A4B6 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2f275107-36ea-462b-9dea-529d0acfda06.t.ssp.hinet.net/pixel?bd=2f275107-36ea-462b-9dea-529d0acfda06&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame A4B6 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&mp=2f275107-36ea-462b-9dea-529d0acfda06
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
2f275107-36ea-462b-9dea-529d0acfda06.t.ssp.hinet.net/ Frame E5F9 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2f275107-36ea-462b-9dea-529d0acfda06.t.ssp.hinet.net/pixel?bd=2f275107-36ea-462b-9dea-529d0acfda06&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame E5F9 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&mp=2f275107-36ea-462b-9dea-529d0acfda06
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
2f275107-36ea-462b-9dea-529d0acfda06.t.ssp.hinet.net/ Frame 78E6 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2f275107-36ea-462b-9dea-529d0acfda06.t.ssp.hinet.net/pixel?bd=2f275107-36ea-462b-9dea-529d0acfda06&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 78E6 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&mp=2f275107-36ea-462b-9dea-529d0acfda06
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
init.js
cdn.holmesmind.com/js/ Frame E72C 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Thu, 10 Nov 2022 17:45:50 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
38
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
jZAzSoVGhPqK2dxBcjJrIKZg3G8qK_X-c6odo_b7Br-iR45l5u6wEg==
capmapping.htm
cdn.holmesmind.com/js/ Frame F032 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
32
content-length
4730
content-type
text/html
date
Thu, 10 Nov 2022 17:45:51 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
x-amz-cf-id
4vrOMaU7fRHOnAvwUyA2Tgun0yod86OLhjRDtyez9Fq_HxJ0e54ktg==
x-amz-cf-pop
TXL50-P4
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame E72C 		662 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:45:51 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
33
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
2Awz3a3DSrv2J3AooOMAvJtJwgJTjJOtEJG3SO9E1E51n7mlur40_A==
presetfn.js
cdn.holmesmind.com/js/ Frame BEE1 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
VaSpewhnvI6bFcTAqatFk5SqvLFpxvJd
date
Thu, 10 Nov 2022 17:45:53 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 05:58:48 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
14
etag
"760acffabe0db50f11b07aec24b247c5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9628
x-amz-cf-id
O-6tLN6w6iQkOKetS2PFurULS3WChI5PjjaOekdkY1ciclAmfq4Zgg==
cm.php
fcm.holmesmind.com/ Frame CDEC 		95 B
332 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
86
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 17:46:06 GMT
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame F032 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 17:56:06 GMT
cm
c.holmesmind.com/ Frame F032 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame F032
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=371177-i8BVm9psy7kYfiZU3Y2EibcRfk2Q49lm&uu_m=undefined
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=371177-i8BVm9psy7kYfiZU3Y2EibcRfk2Q49lm&uu_m=undefined&google_tc=
  • https://m.holmesmind.com/ml/google?cf_uid=371177-i8BVm9psy7kYfiZU3Y2EibcRfk2Q49lm&uu_m=undefined&google_gid=CAESEJEe41qmVcZ1s5GWBLJa1NM&google_cver=1
0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=371177-i8BVm9psy7kYfiZU3Y2EibcRfk2Q49lm&uu_m=undefined&google_gid=CAESEJEe41qmVcZ1s5GWBLJa1NM&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
x-guploader-uploadid
ADPycdtr-Dg7J75TlowX5Gk60je7n5-8z9aXzBZbHm7rmPCtmFg8SyOwMc4Ab_D0TlrkIXdbJpZtm1E8irMxcTtJuPW-jFjeP2s2
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Thu, 10 Nov 2022 18:46:07 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=371177-i8BVm9psy7kYfiZU3Y2EibcRfk2Q49lm&uu_m=undefined&google_gid=CAESEJEe41qmVcZ1s5GWBLJa1NM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame BEE1 		1 KB
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:1400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
content-encoding
gzip
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
So5W_pugz4GsdjfzWlo7IaNPNPU90glZhqDxVfdhXWe45m1RI6RTWg==
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 132A 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 17:46:06 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 8FF8 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 17:46:06 GMT
syncframe
gum.criteo.com/ Frame 8E8E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 17:46:06 GMT
server
Kestrel
server-processing-duration-in-ticks
787482
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 132A 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 17:46:06 GMT
syncframe
gum.criteo.com/ Frame 5E54 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 17:46:06 GMT
server
Kestrel
server-processing-duration-in-ticks
2486938
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 8FF8 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 17:46:06 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame EB6D 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71b1916fe687bf48ec0a6f1b83a4c83fdd2bb7a73e404048ee5ee1cfec8a3628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39919
x-xss-protection
0
server
cafe
etag
8555410622255928041
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 17:46:07 GMT
sid
mug.criteo.com/ Frame 8E8E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=iNjud3x0NEN4L2hnYXhocytzMUQxOFZjZWpISlNubHFpeVcvWnpieVJpbU9SM3V1UDNNWHUrcjIwOVY2TDlGWGRXaFZPQUt4dnFKWDdIRVFoWjlVY3FVU2JxSUxkQzRXOHAvTFMwSU9vdzRwQVExZlVzempiK2o2YnZaT0...
431 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=iNjud3x0NEN4L2hnYXhocytzMUQxOFZjZWpISlNubHFpeVcvWnpieVJpbU9SM3V1UDNNWHUrcjIwOVY2TDlGWGRXaFZPQUt4dnFKWDdIRVFoWjlVY3FVU2JxSUxkQzRXOHAvTFMwSU9vdzRwQVExZlVzempiK2o2YnZaT0VXa1FKZHdWZmIxUUFLV09zeUNPZ25ZMnFCWTZndmJUTWpEN1l2SktWUDVCRTJvZER5RHZlZjZUMG9UTTRMRTJJR0NDQ2h0K1dXVWQrTmM4Yi9ROEpZYnRTY0lkWUo3alB5RW83cDJNUWRtR0E3ZzBrcXdwZ2hncldmQXZobko1TldmMGI2UWM3UHVjSWpiNVBwcDdNRDFTUmx0dHFBSjNOdFFLbUp4L0hpTUNHbVNwMStwaz18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee035237c007d31f2a9a485155745bea23568eae712054ab50708424915d1d12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2238993
expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=iNjud3x0NEN4L2hnYXhocytzMUQxOFZjZWpISlNubHFpeVcvWnpieVJpbU9SM3V1UDNNWHUrcjIwOVY2TDlGWGRXaFZPQUt4dnFKWDdIRVFoWjlVY3FVU2JxSUxkQzRXOHAvTFMwSU9vdzRwQVExZlVzempiK2o2YnZaT0VXa1FKZHdWZmIxUUFLV09zeUNPZ25ZMnFCWTZndmJUTWpEN1l2SktWUDVCRTJvZER5RHZlZjZUMG9UTTRMRTJJR0NDQ2h0K1dXVWQrTmM4Yi9ROEpZYnRTY0lkWUo3alB5RW83cDJNUWRtR0E3ZzBrcXdwZ2hncldmQXZobko1TldmMGI2UWM3UHVjSWpiNVBwcDdNRDFTUmx0dHFBSjNOdFFLbUp4L0hpTUNHbVNwMStwaz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
728608
content-length
0
expires
0
sid
mug.criteo.com/ Frame 5E54
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=MHfDxHxmRXNNc2JoNmcvbWx4OUhyNGFmRm5TRnBoQXhDVndvUkJva2NSeFQxSUZaWWhIUnRwTTBhOEF4RjVGYytTT05JdzdFVVpMRktaQnB5Z2tOc05sc0VEZXFVZGZmNXBLTGc0UWxTY3lINjdzeVRDSmxMUzViRitCem...
438 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=MHfDxHxmRXNNc2JoNmcvbWx4OUhyNGFmRm5TRnBoQXhDVndvUkJva2NSeFQxSUZaWWhIUnRwTTBhOEF4RjVGYytTT05JdzdFVVpMRktaQnB5Z2tOc05sc0VEZXFVZGZmNXBLTGc0UWxTY3lINjdzeVRDSmxMUzViRitCemJoM1BpNVJCMUxrVkIzemNIUHVsRTJyV3lnc09IYmNWcHpnclptSEpUbDZYR29IT0ZTalErTCtwa2JMZkMzM1FudHlsWHFOQUxYVEVYSGZjSi9RYW9OWitZUTh2NENPZW5kYk1zV2hTRDhJTS91Mm9MZGQyVnIrZmxYM0RFSkl6cTJkdlNIaGRkUVY2bHpuQVFyS2xkTnhXbHpBSVR0Zz09fA&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d4c97cb826a505d096cdbd31e70129c5fe10ee7a20f5511e7ae2d16042813bab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2207281
expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:06 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=MHfDxHxmRXNNc2JoNmcvbWx4OUhyNGFmRm5TRnBoQXhDVndvUkJva2NSeFQxSUZaWWhIUnRwTTBhOEF4RjVGYytTT05JdzdFVVpMRktaQnB5Z2tOc05sc0VEZXFVZGZmNXBLTGc0UWxTY3lINjdzeVRDSmxMUzViRitCemJoM1BpNVJCMUxrVkIzemNIUHVsRTJyV3lnc09IYmNWcHpnclptSEpUbDZYR29IT0ZTalErTCtwa2JMZkMzM1FudHlsWHFOQUxYVEVYSGZjSi9RYW9OWitZUTh2NENPZW5kYk1zV2hTRDhJTS91Mm9MZGQyVnIrZmxYM0RFSkl6cTJkdlNIaGRkUVY2bHpuQVFyS2xkTnhXbHpBSVR0Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
491532
content-length
0
expires
0
/
t.ssp.hinet.net/ Frame F032 		36 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
8930bb719520a583959728696863706e04363560e4c95c4ef7299e19e7b7c4b5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/ Frame EB6D 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070830
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a4b5a272a61e5e8516add5a69c6b68e1590bf5740a5421d0c5c6b13cc22b16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119497
x-xss-protection
0
server
cafe
etag
16180257573862015485
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 17:46:07 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame EB6D 		383 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7938f8bad31fd68825afbd3a925cc1692386d30c1ef25fea8eebdb7821b17c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame EB6D 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EB6D 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AA31 		62 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2545fb2ef78601cf17204a14a6a9a8d48cc0e4ed4801671199b430251f56824e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
26735
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 17:46:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ls.html
img.scupio.com/html/ Frame 8899 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2752
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 10 Nov 2022 17:01:08 GMT
etag
W/"583295c9-4dc"
expires
Thu, 17 Nov 2022 17:00:15 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-amz-cf-id
0u1HLV6cg-foSrOb41LqFVcWren8g1f2Gbznr4tm60oRYgfS5XVdZQ==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame 5FDD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0NBMjAyMjExMTEwMTQ2MDc2NTc3NzE%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOlpkGPRpF9QYbpmTHdRJkE&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOlpkGPRpF9QYbpmTHdRJkE&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 17:46:08 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOlpkGPRpF9QYbpmTHdRJkE&google_cver=1&google_ula=3918219,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 2DC9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 17:46:07 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 10 Nov 2022 17:46:07 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame 5FDD 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=588795092476391&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1668102367259&cd[SBST]=17&cd[PuID]=reurl&ud[external_id]=dc835e992ec096b163b15389a99402cfd7e9a1a9713b0c418d19caf0556d0c4f
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 10 Nov 2022 17:46:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
sync.aralego.com/idSync/ Frame 5FDD 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CCA20221111014607657771
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ft. Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
connection
close
content-length
35
content-type
image/gif
ads.js
ad.holmesmind.com/adserver/ Frame BEE1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FoQ84A&n=147&o=1&d=1&b=2&ts=1&ii=2&FPCK=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.174.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c50fd45820a6af5773995e4b9e67f34b47c42641a13700f10bf2b4de04b93b82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 10 Nov 2022 17:46:07 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame BEE1 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
59
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
x8IKbfNtxwz_jlIKClMKStVFw4YAT8Jrvbb3lRTj5gJIuGHA2fh1LA==
publishertag.js
static.criteo.net/js/ld/ Frame BEE1 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 17:46:07 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame BEE1 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
8
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
tK_HUT5Le0lRKDLQ-u8nOcmiaU5alpIBf_T5GoowqBo0zeihsoqzxw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame BEE1 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
38
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
NML-JaNbY-HRE9ogq2nunYEncJi8BlJq8nLdYavs-K8PrjtBFXqf1w==
appierV2.js
cdn.holmesmind.com/js/ Frame BEE1 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
38
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
J7AoD9nI4JQpXToEMELHCYXTyMrmQ2N9rZVdvggu2WESEWQMZzdITg==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame BEE1 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
QNf_HVa__9WDJ9903hLaQWAhMnzhWu2z
date
Thu, 10 Nov 2022 17:46:05 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 09:50:43 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
38
etag
"b678af4b54f33f8ef194167ea87bc296"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5925
x-amz-cf-id
6U6xVvVVMMcBQpHnEA08nNoxz8WdZ3ZXYWZ8n-aVEnURo_bROL2Ngw==
emome2
t.ssp.hinet.net/ Frame F032 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=0cc424a7-22e2-4410-9761-81507f03335d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame BEE1 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 10 Nov 2022 17:46:07 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame BEE1 		0
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.18068657078145023
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://reurl.cc
cache-control
private
access-control-allow-credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame BEE1
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=8vD6wGPFCsihbFEC3jhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=8vD6wGPFCsihbFEC3jhtYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 17:46:07 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=8vD6wGPFCsihbFEC3jhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame BEE1
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=8vD6wGPFCsihbFEC3jhtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=8vD6wGPFCsihbFEC3jhtYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 17:46:07 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=8vD6wGPFCsihbFEC3jhtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame BEE1 		177 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=85321723119
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d0a51fa17c1d21ae46a3871afd2f51c47a3fe94296a0cf63ea7dcf1068b3e9ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
events
bidder.criteo.com/csm/ Frame BEE1 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
usync.js
eus.rubiconproject.com/ Frame 2DC9 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c36911099a112524ac9e127c5cf8eb8718217dd4fdf01276ede0d38c83609a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 05:43:02 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=42965
content-length
9885
expires
Fri, 11 Nov 2022 05:42:12 GMT
khaos.jpg
token.rubiconproject.com/ Frame 2DC9 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ls.html
img.scupio.com/html/ Frame 0466 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-85.dus51.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2752
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 10 Nov 2022 17:01:08 GMT
etag
W/"583295c9-4dc"
expires
Thu, 17 Nov 2022 17:00:15 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-amz-cf-id
nm4BeJ2jqkhPHJDoPgWpHYzXFySM8886yJl56w09VJ1vJn57RmdJMA==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame 1E54
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1BBMjAyMjExMTEwMTQ2MDcxNzg5ODI%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOlpkGPRpF9QYbpmTHdRJkE&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOlpkGPRpF9QYbpmTHdRJkE&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 17:46:07 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOlpkGPRpF9QYbpmTHdRJkE&google_cver=1&google_ula=3918219,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 0C20
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 17:46:07 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 10 Nov 2022 17:46:07 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame 1E54 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1668102367451&cd[SBST]=17&cd[PuID]=reurl
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 10 Nov 2022 17:46:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
sync.aralego.com/idSync/ Frame 1E54 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CPA20221111014607178982
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ft. Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
connection
close
content-length
35
content-type
image/gif
landing.php
fp.holmesmind.com/ Frame 9FDA 		0
0
utag.js
t.ssp.hinet.net/ Frame BEE1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 17:56:07 GMT
usync.js
eus.rubiconproject.com/ Frame 0C20 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c36911099a112524ac9e127c5cf8eb8718217dd4fdf01276ede0d38c83609a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 05:43:02 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=42965
content-length
9885
expires
Fri, 11 Nov 2022 05:42:12 GMT
sync.php
pixel-apac.rubiconproject.com/exchange/ Frame 2DC9 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 0C20 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cm
t.ssp.hinet.net/ Frame F032 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=371177-i8BVm9psy7kYfiZU3Y2EibcRfk2Q49lm&mp=0cc424a7-22e2-4410-9761-81507f03335d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
0cc424a7-22e2-4410-9761-81507f03335d.t.ssp.hinet.net/ Frame F032 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://0cc424a7-22e2-4410-9761-81507f03335d.t.ssp.hinet.net/pixel?bd=0cc424a7-22e2-4410-9761-81507f03335d&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
drawV2.js
cdn.holmesmind.com/js/ Frame BEE1 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FoQ84A&n=147&o=1&d=1&b=2&ts=1&ii=2&FPCK=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2261:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 17:46:06 GMT
via
1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P4
age
58
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
4gARfpZJm_Q5YYiWtn5HbnKATXwFK9v7ICcRVYWUvE0w7O4t9FwA3Q==
pixel
cm.g.doubleclick.net/ Frame 2DC9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame 2DC9 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=36584
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame 2DC9 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=25470
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame 2DC9 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2DC9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=4330870279648372198&expires=60&gdpr=&gdpr_consent=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=4330870279648372198&expires=60&gdpr=&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=4330870279648372198&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Thu, 10 Nov 2022 17:46:07 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 2DC9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5d0e636d-38e0-4900-a0ef-2542b0328e18
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5d0e636d-38e0-4900-a0ef-2542b0328e18
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Date
Thu, 10 Nov 2022 17:46:08 GMT
Server
MT3 4629 97bee97 master cdg-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5d0e636d-38e0-4900-a0ef-2542b0328e18
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 17:46:07 GMT
tap.php
pixel.rubiconproject.com/ Frame 2DC9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=pIYeCaE8OwsK&ev=1&pid=560687
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=pIYeCaE8OwsK&ev=1&pid=560687
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=pIYeCaE8OwsK&ev=1&pid=560687
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6864bf847b-hvpvn
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 2DC9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=D9-gtGf8QDlkU6oVD-AUs1FfBSY
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=D9-gtGf8QDlkU6oVD-AUs1FfBSY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=D9-gtGf8QDlkU6oVD-AUs1FfBSY
Date
Thu, 10 Nov 2022 17:46:08 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
/
t.ssp.hinet.net/ Frame BEE1 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
8930bb719520a583959728696863706e04363560e4c95c4ef7299e19e7b7c4b5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:07 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
970890188759577970
tpc.googlesyndication.com/simgad/ Frame AA31 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/970890188759577970?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlQOgEY8y_Qac3SupltRrB024rx8w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5aeef0706cbf566ef5868c1ec1b6f91b8911e2c8a0955a6f1c8623c8473859fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 03:32:08 GMT
x-content-type-options
nosniff
age
51240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51652
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 03:07:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 10 Nov 2023 03:32:08 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/ Frame AA31 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d25748100cd828212b1c129e0e8cf70249c8b147a458db5cad88d9b19159b633
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 18:00:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
85563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9353
x-xss-protection
0
server
cafe
etag
2177555007986509113
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 18:00:05 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame AA31 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 14:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
13092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 14:07:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame AA31 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 18:00:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
85563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 18:00:05 GMT
l
www.google.com/ads/measurement/ Frame AA31 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRctN8smGsr3mF7-T6g2ifDoTiJSfQhtORCoGcSI-wop_85RY6ezk-PUIi0XlJDZvlZedB5E0mAdL8qV3jtCoavirSU3g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AA31 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 17:46:08 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame AA31 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd186d4631f89c13d75f68c16f5242a8e4d420b7fefd60bf5f9cd7960c4d58b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 18:19:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
84385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13606
x-xss-protection
0
server
cafe
etag
3623940031753013291
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 18:19:43 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame FE9E
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2247
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44539
last-modified
Thu, 27 Oct 2022 03:04:34 GMT
server
cloudflare
etag
"6359f542-adfb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40g8apFkutccZLyb5ZzLD72OHZZwIeWBom4ItdyrTRL%2Bp%2FmSQrDYHIdqzwqVqCQ4ixRPvvSokQ9XelFxAgW%2BjENave%2Bwb4prA9iVcSX98NB%2FxtNqMDlyPQQFgQEmT1xsgI0l3QaYbARe2IFd2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76809b1d2d479012-FRA

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
cm
t.ssp.hinet.net/ Frame BEE1 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&mp=0cc424a7-22e2-4410-9761-81507f03335d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:08 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
0cc424a7-22e2-4410-9761-81507f03335d.t.ssp.hinet.net/ Frame BEE1 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://0cc424a7-22e2-4410-9761-81507f03335d.t.ssp.hinet.net/pixel?bd=0cc424a7-22e2-4410-9761-81507f03335d&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:08 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4CD4 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3021
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 16:55:47 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C443 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12508
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 14:17:40 GMT
etag
48472445140208031
expires
Fri, 11 Nov 2022 14:17:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame AA31 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c519a7cd8127b6db551ac0b94b2c0973f5c1b5c97acb759c28f4ae39b836796

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame C443
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIwZyDRaSkwO4Eq_GyMp7fw&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIwZyDRaSkwO4Eq_GyMp7fw&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YmxEWk9IQWIxT1RiQ1U1&google_gid=CAESEIwZyDRaSkwO4Eq_GyMp7fw&google_cver=1&google_push=ASkJ3FZjgjBwyZudGwKFgjGy8L7abzvD6cj8XkucTUo4vn2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YmxEWk9IQWIxT1RiQ1U1&google_gid=CAESEIwZyDRaSkwO4Eq_GyMp7fw&google_cver=1&google_push=ASkJ3FZjgjBwyZudGwKFgjGy8L7abzvD6cj8XkucTUo4vn2SU7t54M-tcRD4wr6DLxK1Gz4UpBALvMiSN9EPTrV5FZaaqSZa-PQ4E9kIUglkBMCEykKQEWzoo-Tdr5IC0PAO-JZrqfdx4lw
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 17:46:08 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0eed724e77eae7a40@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YmxEWk9IQWIxT1RiQ1U1&google_gid=CAESEIwZyDRaSkwO4Eq_GyMp7fw&google_cver=1&google_push=ASkJ3FZjgjBwyZudGwKFgjGy8L7abzvD6cj8XkucTUo4vn2SU7t54M-tcRD4wr6DLxK1Gz4UpBALvMiSN9EPTrV5FZaaqSZa-PQ4E9kIUglkBMCEykKQEWzoo-Tdr5IC0PAO-JZrqfdx4lw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C443
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIds0qS_CkOOd4TPsFELl4o&google_cver=1&google_push=ASkJ3FZ-CVD70zxRKsY4ZqM9SgWCUnqH4gUn0eumG9ybvFA_W0zkDujWzzY_KDWPssUJdSBN6NmgdJRGlCUlHsvX...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=XQ5jbTjgSQCg7yVCsDKOGA&google_push=ASkJ3FZ-CVD70zxRKsY4ZqM9SgWCUnqH4gUn0eumG9ybvFA_W0zkDujWzzY_KDWPssUJdSBN6NmgdJRGlCUlHsvX4GxLc3bQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=XQ5jbTjgSQCg7yVCsDKOGA&google_push=ASkJ3FZ-CVD70zxRKsY4ZqM9SgWCUnqH4gUn0eumG9ybvFA_W0zkDujWzzY_KDWPssUJdSBN6NmgdJRGlCUlHsvX4GxLc3bQyGlw9use53kGzerABGZ6za5VirZ181EHPX53Ys0qMjmzGzs
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 10 Nov 2022 17:46:08 GMT
Server
MT3 4629 97bee97 master cdg-pixel-x13 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=XQ5jbTjgSQCg7yVCsDKOGA&google_push=ASkJ3FZ-CVD70zxRKsY4ZqM9SgWCUnqH4gUn0eumG9ybvFA_W0zkDujWzzY_KDWPssUJdSBN6NmgdJRGlCUlHsvX4GxLc3bQyGlw9use53kGzerABGZ6za5VirZ181EHPX53Ys0qMjmzGzs
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 17:46:07 GMT
i.match
s.tribalfusion.com/z/ Frame C443
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKFcHhuZg_tOGzni0wT2Sfg&google_cver=1&google_push=ASkJ3Fb0TgsiCvFJg8UCDy3x1y7r33iEGIfuZ0861sjxe0kJ4jcEoYtEORbDvswzsLASE31C77EAejLJTOJCg4JM8Xpnf1if6I3DY...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKFcHhuZg_tOGzni0wT2Sfg&google_cver=1&google_push=ASkJ3Fb0TgsiCvFJg8UCDy3x1y7r33iEGIfuZ0861sjxe0kJ4jcEoYtEORbDvswzsLASE31C77EAejLJTOJCg4JM8Xpnf1if6I3...
43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKFcHhuZg_tOGzni0wT2Sfg&google_cver=1&google_push=ASkJ3Fb0TgsiCvFJg8UCDy3x1y7r33iEGIfuZ0861sjxe0kJ4jcEoYtEORbDvswzsLASE31C77EAejLJTOJCg4JM8Xpnf1if6I3DYKoLW9iAQmN3NxIbgVtB36S7_PJflkzUvp-kVWIqHXA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb0TgsiCvFJg8UCDy3x1y7r33iEGIfuZ0861sjxe0kJ4jcEoYtEORbDvswzsLASE31C77EAejLJTOJCg4JM8Xpnf1if6I3DYKoLW9iAQmN3NxIbgVtB36S7_PJflkzUvp-kVWIqHXA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:09 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76809b1d0f066910-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:08 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1573
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKFcHhuZg_tOGzni0wT2Sfg&google_cver=1&google_push=ASkJ3Fb0TgsiCvFJg8UCDy3x1y7r33iEGIfuZ0861sjxe0kJ4jcEoYtEORbDvswzsLASE31C77EAejLJTOJCg4JM8Xpnf1if6I3DYKoLW9iAQmN3NxIbgVtB36S7_PJflkzUvp-kVWIqHXA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb0TgsiCvFJg8UCDy3x1y7r33iEGIfuZ0861sjxe0kJ4jcEoYtEORbDvswzsLASE31C77EAejLJTOJCg4JM8Xpnf1if6I3DYKoLW9iAQmN3NxIbgVtB36S7_PJflkzUvp-kVWIqHXA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76809b1b9b8b6910-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C443 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFzooVYyjPzuQ86g1-BnpCM&google_cver=1&google_push=ASkJ3Fb_zTkQWlf3ad2aFuHMfTbzvgudOUXSaTRdz2TzteM9l_om5sJX_J_M4t9Ou8jOc0nBTSM9g85CQrNjyKBVgBYCB4HC_z_XvH04J1kp9Lk5qR-Ww3p0MFLI2XLuGrpMNr2IKF8TyBI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 10 Nov 2022 17:46:08 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame C443
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEHhoKMBu_EB4DzE6RMu0H_M&google_cver=1&google_push=ASkJ3FaU0CyEvfaJuulnJHMC5tUB3kcHB9zV8iOPBIzGiOXae3mITngdg6G9NEE-iHl8GXHoXGU-OszLeZmurqokMBTfCXv...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHhoKMBu_EB4DzE6RMu0H_M&google_cver=1&google_push=ASkJ3FaU0CyEvfaJuulnJHMC5tUB3kcHB9zV8iOPBIzGiOXae3mITngdg6G9NEE-iHl8GXHoXGU-OszLeZmurqokMBTfC...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaU0CyEvfaJuulnJHMC5tUB3kcHB9zV8iOPBIzGiOXae3mITngdg6G9NEE-iHl8GXHoXGU-OszLeZmurqokMBTfCXvD_pFQOgm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaU0CyEvfaJuulnJHMC5tUB3kcHB9zV8iOPBIzGiOXae3mITngdg6G9NEE-iHl8GXHoXGU-OszLeZmurqokMBTfCXvD_pFQOgmhpilVX4RAzwVeQIRWOM7Fk8CYEFUd9jjtHvV4Owg
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaU0CyEvfaJuulnJHMC5tUB3kcHB9zV8iOPBIzGiOXae3mITngdg6G9NEE-iHl8GXHoXGU-OszLeZmurqokMBTfCXvD_pFQOgmhpilVX4RAzwVeQIRWOM7Fk8CYEFUd9jjtHvV4Owg
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame C443
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO4fAixkoMoCZM_rkAOkyR0&google_cver=1&google_push=ASkJ3FYpW0mALAr8CWnxTeCXb517hprG2k48YwP-LP3vlbm4W_AWRwrHbGhqXVuwzj5DRpzkLz9Xlks7...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO4fAixkoMoCZM_rkAOkyR0&google_cver=1&google_push=ASkJ3FYpW0mALAr8CWnxTeCXb517hprG2k48YwP-LP3vlbm4W_AWRwrHbGhqXVuwzj5DRpzkLz9...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzg5ODM5ODY4MDg5NDM3OTYyMQ&google_push=ASkJ3FYpW0mALAr8CWnxTeCXb517hprG2k48YwP-LP3vlbm4W_AWRwrHbGhqXVuwzj5DRpzkLz9Xlk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzg5ODM5ODY4MDg5NDM3OTYyMQ&google_push=ASkJ3FYpW0mALAr8CWnxTeCXb517hprG2k48YwP-LP3vlbm4W_AWRwrHbGhqXVuwzj5DRpzkLz9Xlks7tPDhgJfmFzB3L_pHN8vc0hXn6O_gBlVswL4di1ge9CgTKVg73fMjPeQb_lrw-dQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzg5ODM5ODY4MDg5NDM3OTYyMQ&google_push=ASkJ3FYpW0mALAr8CWnxTeCXb517hprG2k48YwP-LP3vlbm4W_AWRwrHbGhqXVuwzj5DRpzkLz9Xlks7tPDhgJfmFzB3L_pHN8vc0hXn6O_gBlVswL4di1ge9CgTKVg73fMjPeQb_lrw-dQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame C443
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEOjzdhtvWyShYskiTBYoS88&google_cver=1&google_push=ASkJ3Fa72FlA5nQQ7QlvDo6nPw0tPjXYbT9IfrXX0rqED1wNpkA33tSttac3KEfimQX7eOzxEwko4C4azcwdL0qL0P01gm...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOjzdhtvWyShYskiTBYoS88&google_cver=1&google_push=ASkJ3Fa72FlA5nQQ7QlvDo6nPw0tPjXYbT9IfrXX0rqED1wNpkA33tSttac3KEfimQX7eOzxEwko4C4azcwdL0qL...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4Bi7go6UTiCpll54hA0-Xg&google_push=ASkJ3Fa72FlA5nQQ7QlvDo6nPw0tPjXYbT9IfrXX0rqED1wNpkA33tSttac3KEfimQX7eOzxEwko4C4azcwdL0q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4Bi7go6UTiCpll54hA0-Xg&google_push=ASkJ3Fa72FlA5nQQ7QlvDo6nPw0tPjXYbT9IfrXX0rqED1wNpkA33tSttac3KEfimQX7eOzxEwko4C4azcwdL0qL0P01gmnrLtfBnvDo5M-qd9zHi1lf1-gJnhjp7Qw8cTdAZ8eMs8XqlBQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=4Bi7go6UTiCpll54hA0-Xg&google_push=ASkJ3Fa72FlA5nQQ7QlvDo6nPw0tPjXYbT9IfrXX0rqED1wNpkA33tSttac3KEfimQX7eOzxEwko4C4azcwdL0qL0P01gmnrLtfBnvDo5M-qd9zHi1lf1-gJnhjp7Qw8cTdAZ8eMs8XqlBQ
access-control-allow-origin
*
date
Thu, 10 Nov 2022 17:46:08 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame C443 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JlaL7covlvcFYhQkuyKFMDgmCg9vZZHKXv_j_vZ7MTywX6TX7ECWx02bVbJ2X2D5HAdKwA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame EB6D 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da7e85d96b2d6028e896d186dfb334cdc5933e7e4e1611e42fd8cccdf734b83e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11041
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4CD4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 17:46:08 GMT
expires
Thu, 10 Nov 2022 17:46:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 17:46:08 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 30BE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F14210&adk=2180255949&adf=3653028389&pi=t.ma~as.2784%2F14210&w=300&lmt=1668102367&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102367064&bpp=21&bdt=106&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&correlator=2130956270867&frm=23&ife=1&pv=2&ga_vid=268333393.1668102367&ga_sid=1668102367&ga_hid=2116745664&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=1208642420&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070762%2C31070830%2C44770880%2C44775016%2C44777949&oid=2&pvsid=1636819359330793&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nf6bov2vu0t&fsb=1&dtd=169
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Nov 2023 00:55:48 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EB6D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 17:46:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A14 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
461
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 17:38:27 GMT
expires
Fri, 10 Nov 2023 17:38:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4C63 		783 B
538 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
088ff379a240a7fa556491d159810284a17c769074e9eafc98621fd7b5db4335
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z9yUQ7uHV8mO7kGBQ_x5wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
516
content-security-policy
script-src 'report-sample' 'nonce-z9yUQ7uHV8mO7kGBQ_x5wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 17:46:08 GMT
expires
Thu, 10 Nov 2022 17:46:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 4C63 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221108&jk=1636819359330793&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 3A14 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Nov 2023 00:55:48 GMT
generate_204
tpc.googlesyndication.com/ Frame 3A14 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OCkR-w
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame FE9E 		975 B
812 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5144
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vO7kOP9DK2OGC2tFpJ4%2BhoJTMVpzCrAgCtYtGOWzD4BS3fOfsI4t6ps01le%2Fs78cWiQl36rGj9eZczCDx5%2Bxer32FtsA4Xa3QMIaVsawkelV1FIeK1yMYO5F953Mz7tOJcmso2Bqs8rUMEV4yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
76809b1d9b1b9b95-FRA
idRequest
sync.aralego.com/ Frame FE9E 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ft. Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
beac122a4e7155b3ebdba2799ddc76ae650f5de652175fb710f404b49ce84f45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ Frame FE9E 		552 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FoQ84A&adid=ad-BE7A8D43E47B3D23C77A9993A9B8A778&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.050422238017295395&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ft. Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
x-width
300
x-height
250
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-sspid
b6437220-4223-3457-896a-4562727c7dbb
x-adtype
html
connection
close
content-length
552
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 10 Nov 2022 17:46:08 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
521781
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 8FF8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=HK5f_XxWZTJkQy93ZHM1dGN1a0MxUzNnbllVL1plQjFNaFBZTGpRdEQzV1M4MXJGRWZobFZ3VFRNQ2g2bnVaVWhpZm9VVUR4aHBMczBRR3ZVZXZ2azZySDZ5NDcrYTNGOHhTSEtLcnVKdmFhYUpKVTVNcmhXeUxNUWs4Ml...
424 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HK5f_XxWZTJkQy93ZHM1dGN1a0MxUzNnbllVL1plQjFNaFBZTGpRdEQzV1M4MXJGRWZobFZ3VFRNQ2g2bnVaVWhpZm9VVUR4aHBMczBRR3ZVZXZ2azZySDZ5NDcrYTNGOHhTSEtLcnVKdmFhYUpKVTVNcmhXeUxNUWs4MlA5T1krbkxVaFE5em16aVkzbFhMNE5DUEptK05CK0s1TkphWTNySUplYW5IVW5jZWhCQzV0SFZhT09XRkluNG1wUDc3dDgrRTM0TWE1ZW8reGZVMTh2aW5CRVFvMVArUHRreWwzc1hWcGZ4NlNrUDIxMzVabGp3bEFZWGJzcVJ3ODkrbVF0d3dibUg4YXUrejdkNHJid0VMK1F2NDR6NDIyVW9sMGhBeDhGaGExelN2b2JEWT18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
edb895d4e9b582b4c40ba418883712cf97ce8db09b4850f59744e585924cf221
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1937087
expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=HK5f_XxWZTJkQy93ZHM1dGN1a0MxUzNnbllVL1plQjFNaFBZTGpRdEQzV1M4MXJGRWZobFZ3VFRNQ2g2bnVaVWhpZm9VVUR4aHBMczBRR3ZVZXZ2azZySDZ5NDcrYTNGOHhTSEtLcnVKdmFhYUpKVTVNcmhXeUxNUWs4MlA5T1krbkxVaFE5em16aVkzbFhMNE5DUEptK05CK0s1TkphWTNySUplYW5IVW5jZWhCQzV0SFZhT09XRkluNG1wUDc3dDgrRTM0TWE1ZW8reGZVMTh2aW5CRVFvMVArUHRreWwzc1hWcGZ4NlNrUDIxMzVabGp3bEFZWGJzcVJ3ODkrbVF0d3dibUg4YXUrejdkNHJid0VMK1F2NDR6NDIyVW9sMGhBeDhGaGExelN2b2JEWT18&cppv=2
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
585929
content-length
0
expires
0
idSync
sync.aralego.com/ Frame 8FF8 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ft. Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
connection
close
content-length
35
content-type
image/gif
cm
c.holmesmind.com/ Frame 8FF8 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HK5f_XxWZTJkQy93ZHM1dGN1a0MxUzNnbllVL1plQjFNaFBZTGpRdEQzV1M4MXJGRWZobFZ3VFRNQ2g2bnVaVWhpZm9VVUR4aHBMczBRR3ZVZXZ2azZySDZ5NDcrYTNGOHhTSEtLcnVKdmFhYUpKVTVNcmhXeUxNUWs4MlA5T1krbkxVaFE5em16aVkzbFhMNE5DUEptK05CK0s1TkphWTNySUplYW5IVW5jZWhCQzV0SFZhT09XRkluNG1wUDc3dDgrRTM0TWE1ZW8reGZVMTh2aW5CRVFvMVArUHRreWwzc1hWcGZ4NlNrUDIxMzVabGp3bEFZWGJzcVJ3ODkrbVF0d3dibUg4YXUrejdkNHJid0VMK1F2NDR6NDIyVW9sMGhBeDhGaGExelN2b2JEWT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 10 Nov 2022 17:46:08 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
444766
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 23DD 		714 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
5191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
76809b1f5f239b95-FRA
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 17:46:09 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmFippddBugtI%2BS3PpttFHOT9koe7iURZTl3Ce62IWOCSKJgAjrkE9D1eFCcnN2WH2AhzPZXc9RqVxDKUsgyERyBGa1oBeWxNpPTtFGcHRf1U3MOaoKs7ndHlLF9fX6szIdB1eBRzVl0XcErtg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame FE9E 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ft. Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
connection
close
content-length
35
content-type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 23DD 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
612c8506974aeed3d175a4043ccd32b682e10a1672e94c4be47683daeb499d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27363
x-xss-protection
0
server
sffe
etag
"1389 / 906 of 1000 / last-modified: 1668081871"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Nov 2022 17:46:09 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 10 Nov 2022 17:46:08 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
530397
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 132A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Rit2fXxuTUhZSW5MWGcrTkVNdjZXMktXaXhnYzc0aFpENXdYM2crNGlXcS9CQnIxL0VqQnU1NXpUZlY4c055UTg2ekZ6S3BoVUtyM0E0YnNhZDJralF3Q0IrdGVLSWZSQmtUYTEyYzFzRlNibHRYTmFHQ0RCazNTZzUrVn...
418 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Rit2fXxuTUhZSW5MWGcrTkVNdjZXMktXaXhnYzc0aFpENXdYM2crNGlXcS9CQnIxL0VqQnU1NXpUZlY4c055UTg2ekZ6S3BoVUtyM0E0YnNhZDJralF3Q0IrdGVLSWZSQmtUYTEyYzFzRlNibHRYTmFHQ0RCazNTZzUrVnFvSy9uYWQyckpSUldqZUhNV092VGZxM296UXhaaHZxeEZpUHIrUEdpbkVOZEhBL3E0aGM1d2sza3JVdkNUNndvMjU3ZmdMRkF2OUVxTTI0Sm1pZGhNV0EvZmhNOWtjaGNFYjdDOVJBNHZuRWh6eHR6N1JZUlcwSDAwcy9KdjlsMUpNK3ZMNU9jZDdiT3lyUlhuaFE5U2xHT3lvY1JhMjFIL2xUOEFERjhCblYyaTJ3SEtGMD18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d80e636a34026be07d19466eea9314ea5848ac51ba1e2264f3482ee004573aec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1005943
expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=Rit2fXxuTUhZSW5MWGcrTkVNdjZXMktXaXhnYzc0aFpENXdYM2crNGlXcS9CQnIxL0VqQnU1NXpUZlY4c055UTg2ekZ6S3BoVUtyM0E0YnNhZDJralF3Q0IrdGVLSWZSQmtUYTEyYzFzRlNibHRYTmFHQ0RCazNTZzUrVnFvSy9uYWQyckpSUldqZUhNV092VGZxM296UXhaaHZxeEZpUHIrUEdpbkVOZEhBL3E0aGM1d2sza3JVdkNUNndvMjU3ZmdMRkF2OUVxTTI0Sm1pZGhNV0EvZmhNOWtjaGNFYjdDOVJBNHZuRWh6eHR6N1JZUlcwSDAwcy9KdjlsMUpNK3ZMNU9jZDdiT3lyUlhuaFE5U2xHT3lvY1JhMjFIL2xUOEFERjhCblYyaTJ3SEtGMD18&cppv=2
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
711702
content-length
0
expires
0
idSync
sync.aralego.com/ Frame 132A 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ft. Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
connection
close
content-length
35
content-type
image/gif
cm
c.holmesmind.com/ Frame 132A 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Rit2fXxuTUhZSW5MWGcrTkVNdjZXMktXaXhnYzc0aFpENXdYM2crNGlXcS9CQnIxL0VqQnU1NXpUZlY4c055UTg2ekZ6S3BoVUtyM0E0YnNhZDJralF3Q0IrdGVLSWZSQmtUYTEyYzFzRlNibHRYTmFHQ0RCazNTZzUrVnFvSy9uYWQyckpSUldqZUhNV092VGZxM296UXhaaHZxeEZpUHIrUEdpbkVOZEhBL3E0aGM1d2sza3JVdkNUNndvMjU3ZmdMRkF2OUVxTTI0Sm1pZGhNV0EvZmhNOWtjaGNFYjdDOVJBNHZuRWh6eHR6N1JZUlcwSDAwcy9KdjlsMUpNK3ZMNU9jZDdiT3lyUlhuaFE5U2xHT3lvY1JhMjFIL2xUOEFERjhCblYyaTJ3SEtGMD18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 10 Nov 2022 17:46:08 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
494757
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A2C0 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a5cf32b1e4c6a1cd4583ad1cd1b6963efeeac98e985698fda19c0824b2fb4f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39919
x-xss-protection
0
server
cafe
etag
6187497077590845470
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 17:46:09 GMT
pubads_impl_2022110301.js
securepubads.g.doubleclick.net/gpt/ Frame 23DD 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131019
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 08:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 10 Nov 2023 17:30:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AA31 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDek0zEbOM3-V_X4GzaqutrM1pWYIHFdU7WcLX1lWBYaORVhimj6RCSATB2GQVGchlFd4XHot4rkd4oeuFd6dGWw5xpP54NufDZYYI-hjOo1ZMYRYzLDoliMfH3J9Ex4g_Ie7U2w&sai=AMfl-YSmO1guah3z1rCKQch_3k78TCS00kNcmLVCaDg0UvDUP77HJnzI17b_JOVsJ9QN99sckYSIiVrCeMEDq7yiPbE7T7tpJy3FpSzOEA&sig=Cg0ArKJSzIOPxOXxkTGGEAE&cid=CAQSKQDq26N9wzz6ueqCadAi_mHt3EuPHfCnxdLVYS-IeNsQXkt4JsrH_WDhGAEgEw&id=lidar2&mcvt=1011&p=0,0,250,300&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20221109&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2180255949&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668102367236&rpt=1098&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EB6D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221108&jk=1636819359330793&bg=!6Oul66_NAAbvMpMzzzI7ACkAdvg8Wv6uCfPlY_8ghBlN3lhUa4MJWiTpeV83sB1-uus5QQnoppj-wQIAAAB4UgAAAARoAQcKALiCGVRqLDzxsNjn73ug0sks0EJAeePNx6cTVY0k-9ebXFfbLkCwC5PwTXAR-VDHyzBYChEqa5PFrGOn25YAijLP6Q2nOelWAzuCrksOoyaWI9FNkTAe1Nc3pz4JKJQ76eZtYELpp_1taTKUdRzNj2auAJ0YnAiAkRfHe-Qsrv5H0lGRglIxqIIok3oRLGEi2A-f8d3qEprRt1n3EckjTxB_P8asFKhYK3bshJIVKlR0eyOraD74OsMOmQK1etlOfPb4lsDRoyUuj_4r1pdyKmFXswNTVycyo8ufOVEv4pRlUDlGJ8h8qOllF6SoFkanRXIWd2SWjtsQ1ebw3UcVhDDU0mnsTnMOVKNF22P9bXh3ex2c-LsZm5mAa9KM_EjY2RDqHsyzwiz8D16qhQb9_WjvF_AQsVT1_CKu-1j09B2D4FMnWv8V4v3cb6Ck35vGUz5JF0Q6U40XwxVSBa_-J41WcMUFA7WJypXz9LvLQIfwrXXEEVbWaSpk7D4jdwcN24glr69I1HBmUQBji516mAOSlkP6kXNlpzE1QjP_NBPDbMn5KMCGs14uRRXSYNwagdmP7OSyNMe7mBtJ2OGNroUN9LzUsiTuRL9jKXZfJVrgz7dGtLC9XTCO5hggy4o1V3hFYElq2zj36VXJG7kmwfHfEt6SqMkI_qb_0DlWaTFzrLsg5Fc9TVKOnUv5yBn6de7ovZtpPzmKLz0dZacsl1YOHL7b4G_rVMUQ2G_B1xO_It-WAnFfRgK37Vw-ECd9DBAdiFHBex_IrzDUkT-OzJ9v8GsE_JoX2Df2wm_HxlnjrhPo2PMOan3nex0VwGAw9uQYUcUrmHrnXUgNcLnm4mzrlONvOp5TOOUW2iRzlUTCwWbCUpMrIO71RVRIuE4NAMXuK9ENgz3J6XQYBXOJdaaAOZwcH04Y_fVaVKy4WNG73VJ3i8GHEbLe3NepECwdxUIXaDMSD70_Qt4qKaMDP4qb5TGg9Gwyw8KEu1iypQuZTdKgNSPgMD5UbqO6io_J4fqt9kgelS116e55gUx-Nmyw1LQm1mNHW0jUShuBBEECRz4F8bHiANiHbJGMsy1Oj_SeABUI90eo9o0uSxupoVh96M3AxZYVxlyeNzjVnO2acPxDHxkt-AZPH0qNhRQQ5PbdIpz9CGka2mFxm8Or6XUR
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/ Frame A2C0 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070830
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a4b5a272a61e5e8516add5a69c6b68e1590bf5740a5421d0c5c6b13cc22b16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119497
x-xss-protection
0
server
cafe
etag
16180257573862015485
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 17:46:09 GMT
integrator.js
adservice.google.de/adsid/ Frame 23DD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 23DD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 23DD 		492 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1592496214425896&correlator=101740364099385&eid=31070746%2C31070738&output=ldjh&gdfp_req=1&vrg=2022110301&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-39&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668102369465&lmt=1644386353&dlt=1668102369197&idt=222&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=b9v11u14vl8w&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1777838791.1668102369&ga_sid=1668102369&ga_hid=518902584&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9351861542d4e20885eb1ef96bd6ff32457cb00df4c6a6d98e35b1ee032a12d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
76bbabe18e3f8cd74c2bfbaa64dcf46e.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 8C70 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://76bbabe18e3f8cd74c2bfbaa64dcf46e.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=5&v=1-0-40
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 17:46:09 GMT
expires
Fri, 10 Nov 2023 17:46:09 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame A2C0 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame A2C0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A2C0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2E6D 		87 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7f0cbbe0d123d3a4e53fae8c5795aa49c2fcaf5ac9c05f8e2f3f7099e3a5692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
27937
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 17:46:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 23DD 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
749387dbeebc506e41a240517782c0ee983f181fcf414d53a1e7d5303e8f03e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11153
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 23DD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 17:46:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B043 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
462
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 17:38:27 GMT
expires
Fri, 10 Nov 2023 17:38:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8DD3 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
827f1a4a9ea547d06d4dec7ff02155f5d390570fceb7fa51b92c650b7b958759
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TSMv8HyxUUWsxlMyws5F_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-TSMv8HyxUUWsxlMyws5F_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 17:46:09 GMT
expires
Thu, 10 Nov 2022 17:46:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 8DD3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110301&jk=1592496214425896&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame B043 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Nov 2023 00:55:48 GMT
generate_204
tpc.googlesyndication.com/ Frame B043 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8obHNw
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 23DD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110301&jk=1592496214425896&bg=!6Oul66_NAAbvMpMzzzI7ACkAdvg8WqZuSNZboPDjEgL0yEjg8JaPBjIgcvzSyh1KeAxgxUtaoSV9RAIAAAB3UgAAAANoAQcKAIGXRgWgy2ARKW06aSi3pfOKaaxisU1-h6Y3qlFX5wRabsaFDOmGQWGkxt87JmnZpKtArNvvA9MAVesvSCz3DLC9Gshoz5potxOYCGnbzlWItsNrMuoeScTSUehNdoeZZYUhevG7pcZhcq8n6pBfhXC58BFnbPkyJhoEVQJi9ynA5haZAvvK5ZeVE7JDmWjdH7_tJyxB1yF-iPWa3Vi1IJDyHzftHl-a6HZLOQMdFoNgrMCfjP6cIQ9R0QPMl_QSHyrh9KZtItTGmKnVAoixsiiJH-V0bgmWHhiuCUB_Cf77tHWj5IVaIR8e-X57lCSdMsk-dlys4jTNzy5QZb_opbLdj3YsYt2GAr_2xgi4US0t0fRAUYiIy8Z2x1i-AnPL02mx63h8THQ6TDAG7FwrqsaEoFE6rQvPOJjnXQIPBhgRpWQVVBtJXWlQQxcX1nAXK_ugvE3NjhIXwJ-oz1UFMW3KN4nX0GW39srtSt0a_FSQs61AqNaKgbnzqNSRwL573JJXUAQBrA7xiJBQnQwKQHVlZLFya0qBkbLfzgx2gS3iOlJ9ylSwrLF9fZulctYYD3fJVDM30wrkJeFLK7F6W3y6h1I_UNxOTsT5nRy9yLO572QZfazc0I5rS9kjwTA3RKQhoeWepdcHHj9zEMa5jYbx_CWk1FJEu2nwDiNhetUZcP4ytQ3UG3In2U1Jvr3VOS-DFxWlZc7-CO1SUXg0JbyZexsNep9cL2pKRTEVuGhuouyKSpsx5NZVq5nAukMOGL9JZZJ6ipWgWq6PRbIE-7Y4SDW4Np-ljE24Te9edlTXzLSqYH_gCfH0Ao2grXYsxOgK5wVwP_EvZe2l5HdGuMTSMQCgId85JeWUm3e5jLoaJP1ExBrOQhDS3qMRSNbgSDfMeV0EpFrMO_GmKYBqhtnQdSAsq6F7mrXmkuRvDLLQ5jUCdxCcHdrf3z3o2-aOpBE6uJkzjvgA2jCOMcCd5AVJ5JRxpXqrgp08hBSw0wOlBEQ4fCLqgk2KuYD-tkXsvHSyVHpjKzmnGFITanvYQXQz89MBWgq0Cy9XX1VnDpAOxFlXaAfHPenrvENEgkhsyIwzlI9D-FXur8Racexka-qH27XeGcYG5mJcT9nUWwmKl_PwawTRJRO0cTomu7luuWYDYrUtJPmj3lkRUL7ra_gzlZ_qaqwmcDUtDcCpGs_M
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame 2E6D 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 17:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 16:59:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Nov 2022 17:46:10 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 2E6D 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 18:05:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
85241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 18:05:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/ Frame 2E6D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d25748100cd828212b1c129e0e8cf70249c8b147a458db5cad88d9b19159b633
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 18:00:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
85565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9353
x-xss-protection
0
server
cafe
etag
2177555007986509113
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 18:00:05 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 2E6D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 14:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
13094
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 14:07:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 2E6D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 18:00:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
85565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 18:00:05 GMT
l
www.google.com/ads/measurement/ Frame 2E6D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZak4mX9npzswsmQU8ADzuqVcwvcBlBHmy6etUzr75OfXcU7IKI9BRBCIq5kzL0Z8UaFlx8SGFYk-HmFRccMMWUXyWuQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E6D 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 17:46:10 GMT
0d3fd3b530a886383bd6b91513e5ed38.js
www.gstatic.com/mysidia/ Frame 2E6D 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 12:55:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14033
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 20:40:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 12:55:04 GMT
truncated
/ Frame 2E6D 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 2E6D
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
  • https://tpc.googlesyndication.com/simgad/4091503581208051288
107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4091503581208051288
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Protocol
H3
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 18:52:46 GMT
x-content-type-options
nosniff
age
82404
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109931
x-xss-protection
0
last-modified
Wed, 23 Oct 2019 12:45:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 09 Nov 2023 18:52:46 GMT

Redirect headers

date
Thu, 10 Nov 2022 08:06:41 GMT
x-content-type-options
nosniff
server
cafe
age
34769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 10 Dec 2022 08:06:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7776 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 14:17:40 GMT
etag
48472445140208031
expires
Fri, 11 Nov 2022 14:17:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2E6D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94d36c0ba3f5fff4cdd449e1fb1566589462c957658838e59395d78dc0081d24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 7776
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO4fAixkoMoCZM_rkAOkyR0&google_cver=1&google_push=ASkJ3FafjoVux2Q3t-PJ5awMGTbKcmqJK5nRS6pXNPjWydvFi-BW-fr4bW-i0YEhhibss7kUIqOvNBBa...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzg5ODM5ODY4MDg5NDM3OTYyMQ&google_push=ASkJ3FafjoVux2Q3t-PJ5awMGTbKcmqJK5nRS6pXNPjWydvFi-BW-fr4bW-i0YEhhibss7kUIqOvNB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzg5ODM5ODY4MDg5NDM3OTYyMQ&google_push=ASkJ3FafjoVux2Q3t-PJ5awMGTbKcmqJK5nRS6pXNPjWydvFi-BW-fr4bW-i0YEhhibss7kUIqOvNBBakF_6_hx-4imlHy76irI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzg5ODM5ODY4MDg5NDM3OTYyMQ&google_push=ASkJ3FafjoVux2Q3t-PJ5awMGTbKcmqJK5nRS6pXNPjWydvFi-BW-fr4bW-i0YEhhibss7kUIqOvNBBakF_6_hx-4imlHy76irI
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 7776 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JPss6hhPOWJTldY2zj0ihaxbaqZoWY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E6D 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 20:10:25 GMT
x-content-type-options
nosniff
age
77745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 20:10:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A2C0 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3fa4b9f81a059c7fbfaa8e521d52d1b163e24769adceee9922c6771e8838bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10993
x-xss-protection
0
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame FCBE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242782&pi=t.ma~as.2784%2F13801&w=300&lmt=1668102369&url=https%3A%2F%2Freurl.cc%2FoQ84A&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668102369366&bpp=22&bdt=479&idt=140&shv=r20221108&mjsv=m202211080101&ptt=5&saldr=sa&cookie=ID%3D9c698d803120f1e0-22439a8e6fce0000%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q&gpic=UID%3D00000b7f8fd42883%3AT%3D1668102367%3ART%3D1668102367%3AS%3DALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ&correlator=2130956270867&frm=23&ife=1&pv=1&ga_vid=1405581982.1668102370&ga_sid=1668102370&ga_hid=348471352&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=792525513&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C44760911%2C31070763%2C31070830%2C44770881%2C44774605%2C44775016%2C44777948&oid=2&pvsid=1647827467651823&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2l71bgtbatht&fsb=1&dtd=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Nov 2023 00:55:48 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A2C0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31070830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 17:46:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C385 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
463
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 17:38:27 GMT
expires
Fri, 10 Nov 2023 17:38:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CA7D 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0df53e7b846798fa4b54ae57bbe53c5f7d22ff9f63e7e49be16509a396ac35c4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0X5QpvbEPO7j_kKupZ6Uig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-0X5QpvbEPO7j_kKupZ6Uig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 17:46:10 GMT
expires
Thu, 10 Nov 2022 17:46:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame C385 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16085
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Nov 2023 00:55:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CA7D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221108&jk=1647827467651823&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C385 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gii5eA
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 17:46:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A2C0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221108&jk=1647827467651823&bg=!Z2SlZCDNAAbvMpMzzzI7ACkAdvg8WtAqu4p6JPQjUmV4LhnT5Gj8l5A3ZhmVn8aoUzS03xwoFeWoxgIAAABeUgAAAAJoAQeZAvXtta8OU9ygb5COnqx5CP_iZKXMCPXyVEv7NuvqDaQBRspV3VxrQ5n3gB0PZyKH124vN8GtAsqddA6tt_lNZwVPrdFC18P217LaavtAfUCzwyuelTAjXcYe2FSKs5VGe99GsuuoOFRkP7m2x61ang6qn4vDpUwyoGYJW8gbyWSO0pN1svXiLPn2WxG4KOfVHepiRlSUzbcQBa7cglMhX-3HKQjnn0wtm6LtJxqe2xKL0AhHOZI6bvH59YdDQmey7KQYk5WD3LNW9e3j87KX2CBVCsspLHP_L5GyXtCK6DuwKGax3IphyHfZgsTKktiaGwDxzXFzNoOjksHbIrZaRMVWeZDwwJ8KxHFcvA_Wk7sDQPPmtEKPD8HY-Ml_OC16ekMfLkoL4FcCaRm3ZOV1IfDhsqzEYHj_ETzGJiy5n8K2K8pY6a6zf286uTW7ynJxvZ2B8zRatDSFY_nP-mlRYMIYwTr3-ulUmE5glniwHTsKWysYIy8k26h8_dQW0Smbb-aQGmreitoJVI1Szo87Gr1SMzZGKP2WiSpp7R8O5qyxAEPKd_j7NBx68NJ_pTAEMQNSjBkS0qkVc-PitJxe4MXjOhP96PSy3JmzNpo1iuj0-vbjmoh9ns6ivwXL3YA9t0r_3y5N7NCDg3XKUw7-FyOZnkK_h-Y8eFQFLzyFtJTgJ1W4Wfy79X_pkGY_b0q5gieceVtv7peBz0djeruuGmQwywhtmaewUMZwfRvY4Oa2fC6u7gSIvsrKrpa4CAmLdhngOwOL4pLWdRS7ssA55lVgoslxlaK9GoBd9CN7RAkmVLyKQKNt3WSTyORGIjYYTSwWjhB9fhej7ujObI2xVVFunjUATJdQb05W5z5oLV4S5CWIxT0NjDc5gcM_tyY-M-EPMYHqe0AqmBcX2IAjpBMegEX8sTT2QF0JecZi1UQ095Y2MY2H2XmhEAXtuc-nOjzNwFv2NEAoBfqF9dZu6LwfRrcei6JzTRQMMwneNOYa6ycJ_ax1
Requested by
Host: reurl.cc
URL: https://reurl.cc/oQ84A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 2E6D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstH51jQp7b68kNijHxr8HzgtpeBqmvd8fAHPO75SHhp8xIdCn1UlQ9HbuGZ5tegCOj1vAreNfh_VU3UisRHb-lY4FzahdmjwdrPYsNerE8g2ftlSXtbTBdlQl_rWYQoRBC-qRVSKnaPYdwl5mET5XIwjXbO-X8T6GFx&sai=AMfl-YS_22XjSZu_Sd8gXUOXUMQQiFJC9H_KRROXyDXKnrsYXmSitVgtKIBl3rPH9gQWYwYZLhmphnzYYkPySFadHyKTHpBQ91YT5vBLEnnSkqzdlvdei41MZP3TefAvOgE&sig=Cg0ArKJSzCgsCJXbQGCGEAE&cid=CAQSPADq26N9Ce2sIEf0101aXI6Z94GEjfNUUIXwNp-qhrUJrtOUKJeBNAjPEiXjxhhUJegmJCMgAcnnDTkpgBgBIBM&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221109&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=727071374&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668102369528&rpt=1070&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 17:46:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fp.holmesmind.com
URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&CFFPCKUUID=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&url=https%3A%2F%2Freurl.cc%2FoQ84A&maindomain=reurl.cc
Domain
fp.holmesmind.com
URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&CFFPCKUUID=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&url=https%3A%2F%2Freurl.cc%2FoQ84A&maindomain=reurl.cc
Domain
fp.holmesmind.com
URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&CFFPCKUUID=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&url=https%3A%2F%2Freurl.cc%2FoQ84A&maindomain=reurl.cc
Domain
fp.holmesmind.com
URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&CFFPCKUUID=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&url=https%3A%2F%2Freurl.cc%2FoQ84A&maindomain=reurl.cc
Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Domain
fp.holmesmind.com
URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1386-yJqUY3forauenp1GxaMiS8tR0cg7R616&CFFPCKUUID=4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF&url=https%3A%2F%2Freurl.cc%2FoQ84A&maindomain=reurl.cc

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| fbq function| _fbq string| partnerId function| hiball object| __hitagCmdQueue function| Vue object| renews function| getRenewsFeeds object| app object| SD object| device function| sitemajiDebugger object| Scupioads function| hasOwnProperty object| scupiosdk number| edmpvct number| edmpcct function| c_tag_mk number| cftkn function| chktkn object| ElandTracker function| stfpjs function| cookie_mapping object| criteo_syncframe_state object| hitag object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

45 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _fbp
Value: fb.1.1668102364548.796692624
reurl.cc/ Name: CFFPCKUUID
Value: 4800-SLN67yXtUFweBMHrfmiCyD8G3oyIDJuF
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 1386-yJqUY3forauenp1GxaMiS8tR0cg7R616
.holmesmind.com/ Name: P
Value: 371177-i8BVm9psy7kYfiZU3Y2EibcRfk2Q49lm
.holmesmind.com/ Name: Vision
Value: 20221111-23:59,20221111-04,20221111-04,20221111-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.prnasia.com/ Name: __cf_bm
Value: aisNvfA8B_5mYC47X1ETh0TJy84hMn12LtvNVQtt.M4-1668102365-0-AQlCcd6+vKcqCM1BNadZpaUbzMAh8sGdPYf5cOCAsISy+9Uk0sM8/D3r6TobDs6WB+ywlzyyZpK/vzsNicJJT7o=
.hinet.net/ Name: uuid
Value: 0cc424a7-22e2-4410-9761-81507f03335d
.reurl.cc/ Name: _ht_em
Value: 1
.reurl.cc/ Name: _ht_50ef57
Value: 1
.reurl.cc/ Name: _ht_a546ca
Value: 1
.c.appier.net/ Name: _auid
Value: 8vD6wGPFCsihbFEC3jhtYw
.holmesmind.com/ Name: fcm
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmUSvrPkdmRU3lr0SlZ6jBmg7xZOiiwervNUl-QgNe79tyGLKC8bxz6wBJ0-4g
.criteo.com/ Name: uid
Value: d2d8982e-b724-44b6-8341-3587ac27d034
.scupio.com/ Name: fxc
Value: 1
.reurl.cc/ Name: __gads
Value: ID=9c698d803120f1e0-22439a8e6fce0000:T=1668102367:RT=1668102367:S=ALNI_MYsLw_BtfMxsT7HPR8gVcRlXOCH_Q
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.reurl.cc/ Name: __gpi
Value: UID=00000b7f8fd42883:T=1668102367:RT=1668102367:S=ALNI_Ma3BlaaMvb-wdBZ95pQpwoupQE-MQ
.scupio.com/ Name: gx
Value: H4sIAF%2bpbWMA%2fxNmYGDg4uZYtvbIivWXF1oLsAqxcNgLMAEAoq34fhcAAAA%3d
.aralego.com/ Name: gdpr
Value: 1
.aralego.com/ Name: sspid
Value: b6437220-4223-3457-896a-4562727c7dbb
.reurl.cc/ Name: _ht_hi
Value: 1
.reurl.cc/ Name: __htid
Value: 0cc424a7-22e2-4410-9761-81507f03335d
.turn.com/ Name: uid
Value: 4330870279648372198
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 249750419b2af926
.mathtag.com/ Name: uuid
Value: 5d0e636d-38e0-4900-a0ef-2542b0328e18
.mathtag.com/ Name: mt_mop
Value: 4:1668102368
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0fdfa0b4-67fc-4039-6453-aa150fe014b3.3e%2F1xupPgukQbJlZxyv3R936EyoZJG7pvW883CGV6g8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AD9-gtGf8QDlkU6oVD-AUs1FfBSY.bCaUrNCMzluFjgiQDlp23nfsPnWhKbDWTU3mKqEdwAk
.w55c.net/ Name: wfivefivec
Value: blDZOHAb1OTbCU5
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid
Value: 1.6979396812593347165
.360yield.com/ Name: tuuid
Value: e018bb82-8e94-4e20-a996-5e78840d3e5e
.360yield.com/ Name: tuuid_lu
Value: 1668102368
.w55c.net/ Name: matchgoogle
Value: 5
.adform.net/ Name: uid
Value: 3898398680894379621
.doubleclick.net/ Name: DSID
Value: NO_DATA
.scupio.com/ Name: gxc
Value: 1
.scupio.com/ Name: OrgKeyValue
Value: CPA20221111014607178982
.tribalfusion.com/ Name: ANON_ID
Value: asnseFxZduB7RApTrruFbQd6X7NpvR6hitQY9ZanZbGgxxKUIPSXnRrpXB0qwdpDXmM5SKYUB2tdf5ZdbGxZaeVGn
.aralego.com/ Name: euconsent-v2
Value:

2 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://fcm.holmesmind.com/cm.php
Message:
Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0cc424a7-22e2-4410-9761-81507f03335d.t.ssp.hinet.net
2f275107-36ea-462b-9dea-529d0acfda06.t.ssp.hinet.net
76bbabe18e3f8cd74c2bfbaa64dcf46e.safeframe.googlesyndication.com
a.tribalfusion.com
ad.holmesmind.com
ad.sitemaji.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bh.contextweb.com
bidder.criteo.com
blog.alphaloan.co
bw.scupio.com
c.holmesmind.com
c1.adform.net
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cm.g.doubleclick.net
connect.facebook.net
creditcards.com.tw
d5p.de17a.com
eus.rubiconproject.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
fp.holmesmind.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i0.wp.com
img.gbyhn.com.tw
img.racingcharger.tw
img.scupio.com
m.holmesmind.com
match.360yield.com
mma.prnasia.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-apac.rubiconproject.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
prebid-asia.creativecdn.com
prebid.scupio.com
re-news.tw
rec.scupio.com
reurl.cc
s.tribalfusion.com
scontent-frt3-1.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
storage.re-news.tw
sync.aralego.com
sync.mathtag.com
sync.srv.stackadapt.com
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
fp.holmesmind.com
www.facebook.com
103.132.192.30
108.157.4.85
162.210.196.208
172.105.199.172
178.250.2.146
185.29.134.248
192.0.77.2
192.0.78.236
192.0.78.244
192.96.200.41
198.148.27.139
2001:678:cb4:bbbb::11
203.75.214.136
210.59.219.175
210.59.219.180
210.59.219.181
213.155.156.168
216.58.212.162
23.203.77.3
2600:9000:2182:1400:3:1794:2540:93a1
2600:9000:2261:9400:0:e06c:e940:93a1
2606:4700:20::ac43:47fe
2606:4700::6810:5814
2606:4700::6810:fc04
2606:4700::6812:18ad
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a02:2638:1::3
2a02:2638::1c
2a02:2638::24
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
3.211.35.247
34.102.176.152
34.95.67.231
34.96.119.68
35.185.130.121
35.185.136.122
35.186.215.140
35.201.76.93
35.227.249.156
35.242.224.42
35.244.196.223
37.157.3.29
52.196.174.187
52.57.54.93
54.217.24.103
66.155.71.25
69.173.144.165
69.173.158.64
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
0637d687bd9461b6ebbcc6893cee2e344cf55a6356b5618005b22db31cf0d239
07ed739ce3c5694105e83410b5e11f3618c27dda13faa8c726d4b005f730ed84
088ff379a240a7fa556491d159810284a17c769074e9eafc98621fd7b5db4335
08c4dde6d75c9e62f963456fe6eeefcb82a70314b43fa915e917a27820f31b10
0b64a8d24e7a166783b9221580c2630de7f3405aa343bbbc3e42be54f6b22436
0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0df53e7b846798fa4b54ae57bbe53c5f7d22ff9f63e7e49be16509a396ac35c4
1219005b1ac715570be263a42b98d63280456e8fc7fcdfdf704536cfe5f9e9b2
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
164f121b76021e9b798c6458310b7cc9815e29fcafec59be78e89a8556027135
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18d9759b7471790f384c1e874ac12b7f72d9d9b1994ea825777bb975e76d5a83
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d3c157a86f004ebf2bb14266c494038246d44d29431bec4d85a941f55ca4f10
1d6490f44a2180305b547c102812f520f01fb334f167db4091c1816b66166b9e
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
200dd172b8a158007f336da517981b09eeee0f772b05090582fdda6f74ca3a3c
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
2545fb2ef78601cf17204a14a6a9a8d48cc0e4ed4801671199b430251f56824e
26bebb3041ca9f054a20a3622385eaf9f8aa7a61b2fac7026111c9ebced41848
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
29cb46aa7e5b570fbffc16785a4ee48a69628958f516099c054937f0b0232d7a
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
2c519a7cd8127b6db551ac0b94b2c0973f5c1b5c97acb759c28f4ae39b836796
2dfe13e4c1c910875165065a50af46eb530759a1016ba830942a5589830e02ed
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31859cb7b312a218ccd661f69aa622bcf2920ca76d994cab7d75d9d327f96afd
345f7a8a8ccc5bc8dee99c4d96311ca303da63e75c194f1a0a4c238d249e2ea3
350bff481258bf844304130acf62114a8fded76c0f6de81a1e23a343cf3f4b45
35a542686a0e6134a9936ebc24a8fb5c94f1c6cc1a661ac52c2528d872f8246e
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400a2c0ad45dc7bb4739f9888e8735f473e0dc3cbd3e8a721a55384666555689
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
461189520515f66d47ef4cf55e7b1b6eeeb50c209e2617f86fd1733ed169d7bb
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b3b41c1788c73a42a2964275557f4928557f448374d7e8df51289db359e3c73
4c36911099a112524ac9e127c5cf8eb8718217dd4fdf01276ede0d38c83609a6
4ce7936cf130f1d043cd1dcd3e9a2cab738b5ac64bc1315e181bed6bd9f86c56
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4f3258622918e2a9d849149e4ac8bb7ac279b86d6ca687f5768345275da6ca40
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
511bb2e3d878baab516a36f721819aa1c99a0e7ca1ffdaad02aaefdffbf87445
51639d0de39c20ca9649824064511d4c04b38d180cf28af212017c74ac86450c
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e8c619d20bc3f1a22efd0fec83dba0d8bd9e898f0d5847eaff094f0887fad3
571da35bdddda7ec4fccd594181c04e2c5db4285be67907abea45daad789ebf7
5aeef0706cbf566ef5868c1ec1b6f91b8911e2c8a0955a6f1c8623c8473859fa
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60fc458c3022ebef22731082c8f34c23772182dcf9a5ce9b595d3322f2b82b05
612c8506974aeed3d175a4043ccd32b682e10a1672e94c4be47683daeb499d2d
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
71b1916fe687bf48ec0a6f1b83a4c83fdd2bb7a73e404048ee5ee1cfec8a3628
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
749387dbeebc506e41a240517782c0ee983f181fcf414d53a1e7d5303e8f03e2
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e
77a6a8986428ff294c58b7fdd35bbdbe41ca44894047b937c0a0ba61aec18df9
7bc755a7981b11386caa85825c1ee80b7d6efbaf7edfa349b733a0e16aa11dc1
7bf1e8474fb3e101ea03fbfabd08e53fb9527b082dc0accf1160ccd923278997
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
827f1a4a9ea547d06d4dec7ff02155f5d390570fceb7fa51b92c650b7b958759
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
860ec3bb125476e3ae0a0fe624a78286bf461bfd5b7bd7ea46b2647e588d33c4
87eb062a0975a9aefc9dc3069c6b52fa2d93e4f789586f82d7ae421fdc32c8d6
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
8930bb719520a583959728696863706e04363560e4c95c4ef7299e19e7b7c4b5
8b0ddbcb04b4cdc6fa3e4e57068c308563efde9dade4583f2a2647975c1a7f35
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8ece289c9fae84acbb22a2544ab116a875968f6656e4fc18bdda40252ca62d04
8fa7d1084215077cda02b61a1e499f6ef07202802e26c6fdeb5c1fbb71cae6e8
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
94d36c0ba3f5fff4cdd449e1fb1566589462c957658838e59395d78dc0081d24
95f185b6aa4dcab13c8717cc9a080683b4cde54cea64623eb66ed3144ce0aa77
96025fe2ac1d49a102c91a781efb98172a55d455255e2b734eaa80e95caa7e69
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9778d9bc81a3011b90d6e45944df383a02e112c1c2a31bd88626aa22fe657e88
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
97c2e91d6db8f5687c77c33b7748b8c911519ee5069619a5e95d20fb7e6cbd32
98b5785c98d9b8fc7ec6ba799a535a37e0fb14331678ae4d4c06b66e979fad5d
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc
9a5cf32b1e4c6a1cd4583ad1cd1b6963efeeac98e985698fda19c0824b2fb4f2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7
a14f4c6905873afa342fbb06fd53049a539beb24490e3f9a0f32d3e9da8bec26
a2efa2b18b2f02b2fb47431e0b183a6a7babc9d99c3eb21b5a285dfd96afc2e5
a3de443431cf25502df67c0eadfbdf3fe304ce32e942ceab9e5ac40c7c8a70fc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a4b5a272a61e5e8516add5a69c6b68e1590bf5740a5421d0c5c6b13cc22b16
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793
a9351861542d4e20885eb1ef96bd6ff32457cb00df4c6a6d98e35b1ee032a12d
aa74efb511cc043738f5b58626c4275547a0254b4c7e7076c95dc04032eb0444
ac1268ec5bf51e037e72c6d466501d404d0c8661b8f418f058ab223edaa6312a
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
af97a6c8d9007c4f6d730468f6e72f3a2d44681cb47348d7a0061443df650a88
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b6e16de28afcb5e22249bbc958b8b7251606824f4b0a68c2b0d80b9effbdf1be
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
beac122a4e7155b3ebdba2799ddc76ae650f5de652175fb710f404b49ce84f45
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c0b901be50c38ed329c453fbe639afa6bab1ca75d9ac0384b66857808a9d19fc
c50fd45820a6af5773995e4b9e67f34b47c42641a13700f10bf2b4de04b93b82
c7f0cbbe0d123d3a4e53fae8c5795aa49c2fcaf5ac9c05f8e2f3f7099e3a5692
c90e8cc30492df108ef65527daa7db0e5632f8ba5f1416740eec599d3686a4bf
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
cd186d4631f89c13d75f68c16f5242a8e4d420b7fefd60bf5f9cd7960c4d58b1
cd517ec991051cdaa3d2553876f217f28cd729fd0323685889ce4744d2b158f1
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267
ce76d4d0ac7e64592945e84232d729d5443f24a97af9b4712628f686e7b9b032
d0a51fa17c1d21ae46a3871afd2f51c47a3fe94296a0cf63ea7dcf1068b3e9ab
d25748100cd828212b1c129e0e8cf70249c8b147a458db5cad88d9b19159b633
d2c7cae2cf58b452b8e61343fa75460d2374c335cfb6623afa575eb51b0f2e06
d4b0e54a4e33e1accee24ea7d55e04320985c433d753687551f9e2730922249c
d4c97cb826a505d096cdbd31e70129c5fe10ee7a20f5511e7ae2d16042813bab
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d7938f8bad31fd68825afbd3a925cc1692386d30c1ef25fea8eebdb7821b17c9
d7994b4c7055c1dbba3b5b88309fcd1327a08f3412ff73d5633cb3b842a156f6
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe
d80e636a34026be07d19466eea9314ea5848ac51ba1e2264f3482ee004573aec
da7e85d96b2d6028e896d186dfb334cdc5933e7e4e1611e42fd8cccdf734b83e
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de196fa938446c7486bcecc14b72919df6f78871a4af22c4f168a2785a0139ff
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5134db7513cf7a700aba7d4b26d12bb062847c785afb0345e10410bf6415650
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8bba666fc7cef1cf595194ac929791183840c7158dfde05eecdb9e537eacb76
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
edb895d4e9b582b4c40ba418883712cf97ce8db09b4850f59744e585924cf221
ee035237c007d31f2a9a485155745bea23568eae712054ab50708424915d1d12
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6e94fcbf7dd1203617eac780ba2c63b5c5be15f67b7343ed8d711b15c77c25
f28bb67943d02b75ca344e7d7403636d1174bbf9af444c11d4a0fd5cc0f8da0c
f39c2d56ebe335aa3e5c7317ecc511e79d6629a0b607b39eebf648974ccd99af
f3fa4b9f81a059c7fbfaa8e521d52d1b163e24769adceee9922c6771e8838bc6
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c
f79aba8dbce500a8807bf01239eeca4459beb5c5379d6536571ffd1016a3dbf0
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
f94fbc7e1883fe6d805d2b4c875d4fc2c21e0873a0f09d99bb9ded4d1f0fe681
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fdb6e4265501e94cf82086f3116626ad056fa394b161523abdd83fe4080310f7
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458