reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://reurl.cc/1eNxG8
Effective URL:
https://reurl.cc/1eNxG8
Submission: On May 12 via manual (May 12th 2023, 6:39:43 pm UTC) from FR — Scanned from FR

Summary HTTP 525 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 70 IPs in 7 countries across 41 domains to perform 525 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 260085.
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	35.185.130.121 35.185.130.121	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.55 151.101.65.55	54113 (FASTLY) (FASTLY)
22	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
96	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
25	13.32.99.37 13.32.99.37	16509 (AMAZON-02) (AMAZON-02)
31	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	203.69.60.97 203.69.60.97	3462 (HINET Dat...) (HINET Data Communication Business Group)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f08e:219:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f08... 2a03:2880:f08e:3:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	13.113.235.121 13.113.235.121	16509 (AMAZON-02) (AMAZON-02)
3	210.59.219.34 210.59.219.34	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
4	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:fc04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.78.135 192.0.78.135	2635 (AUTOMATTIC) (AUTOMATTIC)
1	35.185.136.122 35.185.136.122	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.78.236 192.0.78.236	2635 (AUTOMATTIC) (AUTOMATTIC)
1	35.227.194.51 35.227.194.51	15169 (GOOGLE) (GOOGLE)
1	34.102.176.152 34.102.176.152	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	65.9.66.101 65.9.66.101	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.89.50 143.204.89.50	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
21	2600:9000:223... 2600:9000:223c:aa00:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	143.204.215.39 143.204.215.39	16509 (AMAZON-02) (AMAZON-02)
3	35.79.93.246 35.79.93.246	16509 (AMAZON-02) (AMAZON-02)
2 6	203.69.60.96 203.69.60.96	3462 (HINET Dat...) (HINET Data Communication Business Group)
6	35.73.17.156 35.73.17.156	16509 (AMAZON-02) (AMAZON-02)
3	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 7	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2600:9000:225... 2600:9000:2250:b800:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.110 13.32.99.110	16509 (AMAZON-02) (AMAZON-02)
1	35.208.216.174 35.208.216.174	19527 (GOOGLE-2) (GOOGLE-2)
4 8	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
4 4	139.162.78.222 139.162.78.222	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
4	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 10	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
65	34.204.114.221 34.204.114.221	14618 (AMAZON-AES) (AMAZON-AES)
27	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3 3	23.212.211.47 23.212.211.47	16625 (AKAMAI-AS) (AKAMAI-AS)
6	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
1 8	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
6	2607:f8b0:400... 2607:f8b0:400d:c0f::5e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::ac43:47fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:ba61:0:1... 2a00:ba61:0:126::c	35625 (EURAFIBRE-AS) (EURAFIBRE-AS)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
525	70

7 35.185.130.121 (Taipei, Taiwan) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.55 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6c999d49-58b7-4970-b6a9-84a6f472bb3e.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

96 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 13.32.99.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-37.fra60.r.cloudfront.net

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.69.60.97 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-69-60-97.hinet-ip.hinet.net

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f08e:219:face:b00c:0:3 (Saint-Denis, France)

ASN32934 (FACEBOOK, US)

scontent-cdg4-3.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f08e:3:face:b00c:0:3 (Saint-Denis, France)

ASN32934 (FACEBOOK, US)

scontent-cdg4-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.113.235.121 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-235-121.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 210.59.219.34 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.210.196.208 (Hagerstown, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3a69c1ddca98dabb378d829b3a9279f5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7afaf970d13870117cfa822d98746727.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6559e625a131bf5147f5aa56845625c4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c0e005b7a509c0da35c9243388984091.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fc04 (United States)

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.135 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.185.136.122 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 122.136.185.35.bc.googleusercontent.com

re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.236 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.194.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.194.227.35.bc.googleusercontent.com

www.rayskyinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-101.fra56.r.cloudfront.net

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-50.fra50.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:223c:aa00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-39.fra53.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.79.93.246 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-79-93-246.ap-northeast-1.compute.amazonaws.com

referer-log.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 203.69.60.96 (New Taipei, Taiwan) 2 redirects

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-69-60-96.hinet-ip.hinet.net

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.73.17.156 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-73-17-156.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.201.76.93 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2250:b800:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-110.fra60.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.190.36.98 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.162.78.222 (Tokyo, Japan) 4 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1558-222.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:d::d (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 34.204.114.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-114-221.compute-1.amazonaws.com

p.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.212.211.47 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.96.203.13 (Fort Scott, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:400d:c0f::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:ba61:0:126::c (France)

ASN35625 (EURAFIBRE-AS, FR)

rr1---sn-apaapm4g-apae.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 40227 go.trvdp.com — Cisco Umbrella Rank: 31976 s.trvdp.com — Cisco Umbrella Rank: 32777 p.trvdp.com — Cisco Umbrella Rank: 26773	149 KB
68	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 91 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 pubads.g.doubleclick.net — Cisco Umbrella Rank: 425 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	684 KB
54	googlesyndication.com 3a69c1ddca98dabb378d829b3a9279f5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143 pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 7afaf970d13870117cfa822d98746727.safeframe.googlesyndication.com 6559e625a131bf5147f5aa56845625c4.safeframe.googlesyndication.com c0e005b7a509c0da35c9243388984091.safeframe.googlesyndication.com	233 KB
49	holmesmind.com 2 redirects ad.holmesmind.com — Cisco Umbrella Rank: 111204 cdn.holmesmind.com — Cisco Umbrella Rank: 147386 referer-log.holmesmind.com — Cisco Umbrella Rank: 161916 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 148529 fcm.holmesmind.com — Cisco Umbrella Rank: 171551 c.holmesmind.com — Cisco Umbrella Rank: 116196 adcdn.holmesmind.com — Cisco Umbrella Rank: 156309 m.holmesmind.com — Cisco Umbrella Rank: 306709	196 KB
41	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 83	7 KB
38	scupio.com 2 redirects img.scupio.com — Cisco Umbrella Rank: 81990 bw.scupio.com — Cisco Umbrella Rank: 155485 prebid.scupio.com — Cisco Umbrella Rank: 80240 rec.scupio.com — Cisco Umbrella Rank: 107415	496 KB
35	google.fr www.google.fr — Cisco Umbrella Rank: 15361 adservice.google.fr — Cisco Umbrella Rank: 35780	5 KB
30	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 744 scontent-cdg4-3.xx.fbcdn.net — Cisco Umbrella Rank: 22268 scontent-cdg4-1.xx.fbcdn.net — Cisco Umbrella Rank: 23729	555 KB
22	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 74883 6c999d49-58b7-4970-b6a9-84a6f472bb3e.t.ssp.hinet.net	21 KB
20	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 375	435 KB
17	criteo.com 3 redirects bidder.criteo.com — Cisco Umbrella Rank: 733 gum.criteo.com — Cisco Umbrella Rank: 429 mug.criteo.com — Cisco Umbrella Rank: 2429	23 KB
12	rubiconproject.com 3 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1111 eus.rubiconproject.com — Cisco Umbrella Rank: 589 token.rubiconproject.com — Cisco Umbrella Rank: 600	34 KB
12	appier.net 8 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 43446 gocm.c.appier.net — Cisco Umbrella Rank: 2315	2 KB
10	aralego.com 1 redirects hb.aralego.com — Cisco Umbrella Rank: 31343 sync.aralego.com — Cisco Umbrella Rank: 2738 ads.aralego.com — Cisco Umbrella Rank: 28405	4 KB
9	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 385 imasdk.googleapis.com — Cisco Umbrella Rank: 468 fonts.googleapis.com — Cisco Umbrella Rank: 50	602 KB
7	gstatic.com csi.gstatic.com fonts.gstatic.com	16 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	30 KB
7	reurl.cc 1 redirects reurl.cc — Cisco Umbrella Rank: 260085	6 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 664	123 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39 region1.google-analytics.com — Cisco Umbrella Rank: 2495	21 KB
3	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 12981	41 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	158 KB
3	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 19178	523 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	70 KB
2	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 28994	14 KB
2	re-news.tw storage.re-news.tw re-news.tw	31 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	57 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 85
1	googlevideo.com rr1---sn-apaapm4g-apae.googlevideo.com — Cisco Umbrella Rank: 424353	3 MB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	17 KB
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 20527	713 B
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3706	488 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5465	331 KB
1	rayskyinvest.com www.rayskyinvest.com	31 KB
1	alphaloan.co blog.alphaloan.co	181 KB
1	gbyhn.com.tw img.gbyhn.com.tw	663 KB
1	creditcards.com.tw creditcards.com.tw	65 KB
1	prnasia.com mma.prnasia.com	12 KB
1	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 106230	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	82 KB
1	anymind360.com anymind360.com — Cisco Umbrella Rank: 20490	31 KB
525	41

	Domain	Requested by
65	p.trvdp.com	reurl.cc
34	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
34	adservice.google.fr	securepubads.g.doubleclick.net imasdk.googleapis.com
32	pubads.g.doubleclick.net	imasdk.googleapis.com
28	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
27	pagead2.googlesyndication.com	www.googletagservices.com reurl.cc securepubads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
26	securepubads.g.doubleclick.net	reurl.cc securepubads.g.doubleclick.net www.googletagservices.com cdn.aralego.net ads.aralego.com
25	img.scupio.com	reurl.cc img.scupio.com rec.scupio.com ajax.googleapis.com
23	tpc.googlesyndication.com	reurl.cc securepubads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
21	cdn.holmesmind.com	securepubads.g.doubleclick.net cdn.holmesmind.com ad.holmesmind.com reurl.cc
20	cdn.ampproject.org	securepubads.g.doubleclick.net
18	t.ssp.hinet.net	reurl.cc t.ssp.hinet.net cdn.holmesmind.com
10	gum.criteo.com	3 redirects static.criteo.net img.scupio.com
8	ad2.apx.appier.net	4 redirects reurl.cc
7	c.holmesmind.com	2 redirects cdn.holmesmind.com reurl.cc img.scupio.com
7	www.google.com	1 redirects reurl.cc tpc.googlesyndication.com
7	www.facebook.com	reurl.cc static.xx.fbcdn.net img.scupio.com
7	reurl.cc	1 redirects reurl.cc
6	csi.gstatic.com	imasdk.googleapis.com
6	sync.aralego.com	img.scupio.com reurl.cc ads.aralego.com
6	eus.rubiconproject.com	s.trvdp.com eus.rubiconproject.com reurl.cc
6	googleads.g.doubleclick.net	reurl.cc
6	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
6	rec.scupio.com	2 redirects img.scupio.com ajax.googleapis.com
5	ad.holmesmind.com	img.scupio.com cdn.holmesmind.com
4	static.criteo.net	img.scupio.com static.criteo.net cdn.holmesmind.com
4	gocm.c.appier.net	4 redirects
4	6c999d49-58b7-4970-b6a9-84a6f472bb3e.t.ssp.hinet.net	reurl.cc t.ssp.hinet.net cdn.holmesmind.com
4	bidder.criteo.com	img.scupio.com static.criteo.net
4	ajax.googleapis.com	img.scupio.com rec.scupio.com
4	bw.scupio.com	img.scupio.com ajax.googleapis.com
3	cdn.aralego.net	reurl.cc ads.aralego.com
3	cm.g.doubleclick.net	3 redirects
3	token.rubiconproject.com	eus.rubiconproject.com
3	secure-assets.rubiconproject.com	3 redirects
3	imasdk.googleapis.com	s.trvdp.com imasdk.googleapis.com
3	mug.criteo.com	reurl.cc
3	adcdn.holmesmind.com	cdn.holmesmind.com
3	fcm.holmesmind.com	cdn.holmesmind.com
3	referer-log.holmesmind.com	cdn.holmesmind.com
3	www.googletagservices.com	securepubads.g.doubleclick.net
3	prebid-asia.creativecdn.com	img.scupio.com cdn.holmesmind.com
3	prebid.scupio.com	img.scupio.com cdn.holmesmind.com
3	www.google-analytics.com	reurl.cc www.google-analytics.com
3	connect.facebook.net	reurl.cc connect.facebook.net
2	ads.aralego.com	1 redirects ads.aralego.com
2	fonts.googleapis.com	reurl.cc
2	stg.truvidplayer.com	go.trvdp.com s.trvdp.com
2	hb.aralego.com	img.scupio.com
2	cdn.jsdelivr.net	reurl.cc
1	www.youtube.com
1	rr1---sn-apaapm4g-apae.googlevideo.com
1	c0e005b7a509c0da35c9243388984091.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	6559e625a131bf5147f5aa56845625c4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	7afaf970d13870117cfa822d98746727.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	m.holmesmind.com	cdn.holmesmind.com
1	s0.2mdn.net	imasdk.googleapis.com
1	rt.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	go.trvdp.com	cnt.trvdp.com
1	cnt.trvdp.com	securepubads.g.doubleclick.net
1	i0.wp.com	reurl.cc
1	static.wixstatic.com	reurl.cc
1	www.rayskyinvest.com	reurl.cc
1	blog.alphaloan.co	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	re-news.tw	reurl.cc
1	creditcards.com.tw	reurl.cc
1	mma.prnasia.com	reurl.cc
1	3a69c1ddca98dabb378d829b3a9279f5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.fr	reurl.cc
1	stats.g.doubleclick.net	www.google-analytics.com
1	scontent-cdg4-1.xx.fbcdn.net	www.facebook.com
1	scontent-cdg4-3.xx.fbcdn.net	www.facebook.com
1	region1.google-analytics.com	www.googletagmanager.com
1	storage.re-news.tw	reurl.cc
1	ad.sitemaji.com	reurl.cc
1	www.googletagmanager.com	reurl.cc
1	anymind360.com	reurl.cc
525	80

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
anymind360.com R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
feebee.com.tw R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-19` - `2023-05-20`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2023-04-13` - `2023-07-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.prnasia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-12-08`	a year	crt.sh
tls.automattic.com R3	`2023-03-24` - `2023-06-22`	3 months	crt.sh
re-news.tw R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.gbyhn.com.tw GTS CA 1P5	`2023-03-29` - `2023-06-27`	3 months	crt.sh
*.rayskyinvest.com R3	`2023-05-08` - `2023-08-06`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-05` - `2023-09-01`	6 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-02-22` - `2023-09-23`	7 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2022-09-02` - `2023-10-04`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googlevideo.com GTS CA 1C3	`2023-05-02` - `2023-07-11`	2 months	crt.sh

This page contains 55 frames:

Primary Page: https://reurl.cc/1eNxG8
Frame ID: 18038EEDD96180898596E98CC5CCBC52
Requests: 187 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: BA9B55C8872D034B44777A867883EC9B
Requests: 36 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.67
Frame ID: AAD00CA76E44B1079A37DF378A16AA6B
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.67
Frame ID: ADCC376AB5C2986AEAB384E9D381D55F
Requests: 15 HTTP requests in this frame

Frame: https://3a69c1ddca98dabb378d829b3a9279f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EEF1A77BC47DA954EE87E7C03DCCDCCC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst95CymrDmmXG0Bt3O_aW14cQgItehchaSXRimluC8tOO0vpK7HsppPnED5NeElPDtRpGai34La-94c23q1YMkdALQWHq4rHc3Hd9Vfc0n6ij1C1clBv75gClQ1GqI0HbMsUuVjCAV0zDKYUqjAtfpUaz_QCNPRmyT8iFYpClzHB_y04TkbPOYryQHed7RlcFWUH9J7lnD8-Lk3M_1enhZapD_QAUtA5tDQcv33zaMkC91B4BnJ_B9nsgLHkZYSxbPbu-Y-Nh6kPVVXrxTUaZ_LKSYuP1FMSXFwTKDmbMHhV_t_AQO_dcCWXfLET-kLKLe6inPJTiR3pGzB-41lq7OKo4g&sai=AMfl-YRwfZzdbTtkwt2-iaFTbeanS-gsKdFl8_I7N_rcKNAjH0tSFA9T2j_bvaJRGAn2KE0Fto31SkL6tKKLPPlboeKKWlwYLATkiTKpfn10veCumPz_l1_z3EEPqRys8wqM2wyjkTO-UgSR2tk3EEoa&sig=Cg0ArKJSzGe67vJ2hJvKEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 361E55AD81D98D67BFFF99C6B51DDAEE
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: E3C5B415FAF02C01578F2C3E5AD88F63
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnAF0IIFFd17999A_HitWDBMKzICaeQhOVyQkQ19A4P3caWFMDL7j2-tIbU5S_B4O991a33rk5QpfYnLYYm_ucAV1ZeljLI9HWDk_VP7tRte0AJ7i0STWN693tmGx5PA8_ZG2k2DSbEP_zBm0Xbig_gsrsiTuhNuZSNuowQiWDusXk_IXAYjvONqzUHkj3xapIEF3T6s-Ci5rZ0Zjl3iOjmzyV0URfHMR-f3fA9Vw4rdeurZOV_N-zI3iR_ho0sH-Z-W_fx2DNCZy15EmMsuNNcfTvLwA-o28wyZis5OSQ2yZ6_xqttV2l5kXE5dpEkwiiaI1OISaase6lT-61IBZcCJfWjjf9&sai=AMfl-YR-KhW_wN8P76LMYGhFqUuqfxack5nbvUB3vaAz40NamKJ08UdSijmo2zcA5EGjw_r1u4iTx8PvsKpJlbWKOHOwnRq_mQQYX3NgkXWxZ71raa0jzpsc36V20CvsL-YsJSN5SCsSFneUp-LpvZWp&sig=Cg0ArKJSzAYmGFCqmgMUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 17C162E2A7F240BAB048A4D04902A788
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: 7A47793EE7E70EB946888F60C8C9E59D
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssoMhGYav3hWJAubO7jrknEMLn-aFQOuC68GrDt_IepM2aR7h7y5cBj9K4uKJG0oGNuJn_3KFwuExXv7amlPblwPrv_MutYbvig31igY_Pqa1iicHdsAQE9DxnOhLPpqHwI0CYjq5oIBflBg5Vi2fQrvVWEjmZ1Dl3sxy3RJLSdsFGMqpGEuBe77Xxgdfoh8q6Nd40Cb5Io46lFA6JoUH9o58qjjlgaSxbihS0sv9Fh3Jq4rPYeTe_FUyUdECZC7pXrlZUUoIgh3Hc-ZqayvnSnyulykoTSkh3dmmfdPtYLTYWFW0-s_LAKyonrfRRzsQFl8VfQhX1wVPo_iVxHHvxVmHFqu7uH&sai=AMfl-YSqKFRgSbtlZvgyc_DEPqkKRgyIcoqn_g34ZD2w-es4nNOCdKEQGBx4AoScFJRphEKVcuOkiBtVKLGzcdlfT4PXnZ9eX2zISdX_jtyk8yTmUmHMVweAIHhv1Do9S35MUswDJ4BLyS4Yd8_iR-JZ&sig=Cg0ArKJSzB-I5AnPw6btEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 72E5F24F825DB5BE5A0A5131A29977A8
Requests: 7 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 2896B4F3AC54EE57754316422DC1F7BD
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 1CD080EFB14ED1C5385AE8D5E21F1C75
Requests: 10 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 8FB454255247CD679EDB20256E672F35
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 80FF3FFD9251C399E62292CC2CA62870
Requests: 7 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: 85B36BB8D935325A4ABB6457C7677A41
Requests: 6 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 40C2396EF51EC78EBFB9A5A73C21EC03
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: B56D3B312E8E3E00FDA116AC1A144653
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: B3384C3A0D05A49BC6E494561435A0C0
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 8A157FE4EE8FFD6A6FD44C3E1B80A3BD
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: 0B52FFE09C62A7D5848B429938260D28
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: D87F519A4748F2BC78006FB07C9B7143
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 5FE7C28328F4BD711B799DEB7A2741AF
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Frame ID: AC1BE58D6FB91455086EA475AE9BEF0B
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: C346E3A1A2F72498BA078C1019209278
Requests: 49 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 58C6A56E0EBE94B5E3E338E95B3A4323
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3
Frame ID: D4990243B94683719D8FC1B024FA7E25
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: C7AFE2DB97D7139C0884BE3E05AF1955
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: EB8F2449BE5AC11F362BA4178179630A
Requests: 9 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: B022542511C23FDC2AF7CC5E9B1D549C
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 21CF41B300DE6E1EAD804CE1E17E202C
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 6E8C854778C35B72AAF134BB5079143B
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_error=15
Frame ID: BEAA5E0AAD32BE3E05B4C5EC3ACDBE28
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 1E464B56041244EED639FE7661160C7C
Requests: 3 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=52
Frame ID: 97C7F58C97FAC0DAB64FA940068AFF7D
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 5443C54330E8092AFDF0A83EC20E1612
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_error=15
Frame ID: E90BC2C554E89DDDA0C6D16594580934
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: C48A46B3937E43DDACA257BFD2A647DC
Requests: 3 HTTP requests in this frame

Frame: https://7afaf970d13870117cfa822d98746727.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 21A077008D1EDCE237E99CCA4F6F3484
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: D305BE8B784964A46C77C8BDBEF061E4
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5D0C89B2869A896741F285329DBDA4F1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5E00A0A6BD199E50CF022231AE52384
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: DA29056E2B283FE350532370B90BD5FD
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 62A4C0D2B11835344AB63AE4EB943878
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 5BFB957354C118CDD19FCD141DEB1238
Requests: 9 HTTP requests in this frame

Frame: https://6559e625a131bf5147f5aa56845625c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: 5CA2DCA8F9DB825D85160F2B94EFF285
Requests: 1 HTTP requests in this frame

Frame: https://c0e005b7a509c0da35c9243388984091.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: 03224CF8FCBCABCE386580592C7B9308
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 60D87AE372699C7FCEDADE57E7939C40
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E1E2E38617E7B6127DAC46DF84A2E3EF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9FE1ADC0F1D5F1775DBF746821B844D4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6C3BE1E73A31150CDAD69E29920031D3
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: 0B14BB00ED4D52066E042797294BC1D7
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 4F4D9A7BAF4A41C3A5FEBBBB57975111
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 511059B735F70AB025666BEB08BEA95A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AA7D4D4DD8536D6B110EA9DD5366280D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 7021851667DD8B6A9FB7A8A459FA30B2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Accueil

Page URL History Show full URLs

http://reurl.cc/1eNxG8 HTTP 301
https://reurl.cc/1eNxG8 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

525
Requests

96 %
HTTPS

49 %
IPv6

41
Domains

80
Subdomains

70
IPs

7
Countries

8616 kB
Transfer

16381 kB
Size

38
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://re-news.tw/
Title: 離開此頁

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/4097500_XG97500_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/233069

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/39261

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/48779

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/20451

Search URL Search Domain Scan URL

URL: https://re-news.tw/rayskyinvest/98223

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/643372f4ae3afc3372568f7b

Search URL Search Domain Scan URL

URL: https://re-news.tw/renews/151

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/14027

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/password/zh-Hants
Title: 密碼序號產生器

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: UTM網址

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://reurl.cc/1eNxG8 HTTP 301
https://reurl.cc/1eNxG8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 142

https://rec.scupio.com/recweb/js/rec.js HTTP 301
https://img.scupio.com/js/rec.js

Request Chain 148

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 150

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 155

https://rec.scupio.com/recweb/js/rec.js HTTP 301
https://img.scupio.com/js/rec.js

Request Chain 157

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 168

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA

Request Chain 178

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Hk4X3HxxSU5LSzFxREJCQ2RrbkVrREV4cndId2svR1V5WE5UMlFmOHpXQXJIN09WZnNvUU9PclBjRjdNUC95YVR5MUlWVkNnemxlRzBpY3ZLSzNZUUlXdHk5QWtFSVM1QU9TQjZyVllHTTNuNkNGVVAxelhhRy9EUkNqbHUrT09oNEFZbk1KcWozMXpJdVk5TnlFS011bW8xWXRWaDhOcWhJR1RzS252eXozZGhQYkdLb29LRXcxcUh4WGNRa1lFcGFxeFh2SUF5cDRJdkRMb2E3UHl3N0Nxa3VmNDNyMjg2djhocUFybUw1aGhUU3JLNEFmeng1Z3BUYVJib3B3M1JNU0RzWVU3YkZtZlpoOE1sWVFJZmZ3R3ZWcHB1RU5sd3hDeHMwbXNGWXNpKzVpbz18&cppv=2

Request Chain 185

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=hGAW3XxRRzV5SXBtQU8vc0VsNnZqVE9TTlc2YkhiVkk2RjNwZ1FqUXhGWFVhblZoS3JDdjN2aXI5WkphUlU1RXc4dFFyL25RdElvOE1PQ0FyVGhmSDV3QktPUGJUVUV3Ym9KWUNmbExBV0lzQ0NRUFJRMWZqbXprVGxka3UzYW1CZ2NTOUM0L3llRG9NdC9IQTZxNmpHZFhpVGs2Qi9tTW9VUHlaRU9icVU2RWc2bWZZU2VZSVpsaFdiZ3dMOUppYU5qRlhHUnpEMUF0cytrc3JCV3pmQ1RxUU1UQTNrKzlBT2VTSC9ybkpLcHlXLzl0WFkxNTR1YXZoTGNweWJpaSszQk5sc3hjdS94aDhyeDZyb0t2YzdQZ0NoMGoxT25aaXNFMTRGRm1QWVplczJmQT18&cppv=2

Request Chain 187

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Request Chain 217

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=463479-k5PJc4uyZB22BRNRvdVY3HGsMrygFJVz&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=463479-k5PJc4uyZB22BRNRvdVY3HGsMrygFJVz&uu_m=undefined&google_error=15

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0hBMjAyMzA1MTMwMjM5MzA3ODQ3OTA%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_error=15

Request Chain 229

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 232

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA

Request Chain 235

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA

Request Chain 236

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0RBMjAyMzA1MTMwMjM5MzE2MjQxNjE%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_error=15

Request Chain 247

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 316

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 500

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=rD8VkHx2WCszelEwSEFJV0l0OG5jS2prYklUNGVEZUNqb3djc1A3Z3hPNDFjQnF2ZDhybUozeFd0MnhrZjdLOFlIUzR2cWpZWDRlWWMrYUk4SUtQMVFTdlJUWml4Vi9aSlBFSXU4VWZnbHRxb1YzTlpVYzRZb2Fzc05YeW9lRjJCVitCNmEzczkrUXovSklLaVlSVUZFTkorVHJZcStpWmdmU25OM2dXVmtNaDBxTmd3VHZKMU5lLy83NFBCVTFHS2J6K25YOFVEK0wwTlFTWGF3MHkyUW5qOWpqbG40VnJCTDhmckVERlZiQndQbjgzWk1GNXlDR2o0NUptM2J2czJkVEllc0Mxbm5Wa1B2V0RMODYvWUU5U2N5UT09fA&cppv=2

525 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1eNxG8 Show response
reurl.cc/
Redirect Chain

http://reurl.cc/1eNxG8
https://reurl.cc/1eNxG8

11 KB
3 KB

867ms
289ms

Document
text/html

35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8803f9e3490b2ba4a229876fed8a04b0415032bf855227242b80b6ca6bc06f21

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 12 May 2023 18:39:27 GMT
server: nginx/1.18.0 (Ubuntu)
target: https://sites.google.com/view/securipassagrico/accueil
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Fri, 12 May 2023 18:39:26 GMT
Location: https://reurl.cc/1eNxG8
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
24 KB 83ms
38ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5764974
x-jsd-version: 4.3.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230028-FRA, cache-yyz4557-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tii%2F6aCDesfd9hNnpjeqfw%2Fd%2FxEpLKzRnqgmvGN%2FgaScZw34wv9tdR0lYF36x7%2FGKj4aIsm5673MJvbH8Vr%2FGCzjDlHsPAxJX8G%2FP6HikOx5HSAGWnuDTpxP4H%2B%2FQb%2Fuo2ZaYXTjr4CoIxp2BRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7c64c8d658ab0190-CDG

GET
H2 200 style.css
reurl.cc/stylesheets/rwd/ 2 KB
1 KB 288ms
286ms Stylesheet
text/css 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/1eNxG8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:27 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-9f6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Sat, 11 May 2024 18:39:27 GMT

GET
H2 200 ats.js Show response
anymind360.com/js/9479/ 124 KB
31 KB 509ms
21ms Script
application/javascript 151.101.65.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/9479/ats.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3d9a612f852ba9f3564e53516bcd21b0283341c3b3655c3f439f2e84bdc4faa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: Thu, 11 May 2023 09:08:05 GMT
date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 120682
x-guploader-uploadid: ADPycdvH485xlNa7sopbqxhTlp9QVfio6kc7ZlwRfai8GJgsGevwLQVh5Qbo-OIFkUygQx3gL0H7e0IqJcGg8MT4TlQq
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31540
x-served-by: cache-tyo11954-TYO, cache-lcy-eglc8600040-LCY
last-modified: Thu, 20 Apr 2023 06:30:15 GMT
server: UploadServer
x-timer: S1683916768.177208,VS0,VE3
etag: "952e4c8d56156d3e3cc5e40a9b199ed2"
vary: Accept-Encoding
x-goog-generation: 1681972215759031
x-goog-hash: crc32c=h0V3+Q==, md5=lS5MjVYVbT48xeQKmxme0g==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 31540
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-cache-hits: 1460, 1

GET
H2 200 pixel.js Show response
reurl.cc/javascripts/ 429 B
524 B 288ms
287ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/1eNxG8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:27 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-1ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sat, 11 May 2024 18:39:27 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 5 KB
3 KB 1257ms
292ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 12 May 2023 18:49:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
82 KB 112ms
49ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae0eb1b845a230c95797960ef35b67e243364a04440b56a32cc723c80418badd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83115
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 May 2023 18:39:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 185ms
84ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bf610146b70bb0bc3bdbb3ff2c0a812a31915d1abfcfe2e60b4398012f6a084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25250
x-xss-protection: 0
server: cafe
etag: 234 / 19489 / 31074558 / config-hash: 17614658845055861683
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 May 2023 18:39:28 GMT

GET
H2 200 ysm_reurl.js Show response
ad.sitemaji.com/ 17 KB
6 KB 73ms
20ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_reurl.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 05:48:08 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:48:16 GMT
server: nginx/1.12.1 (Ubuntu)
age: 46280
etag: W/"5d0b4850-4488"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5880
expires: Sat, 13 May 2023 05:48:08 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 76 KB
24 KB 105ms
27ms Script
application/javascript 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/js/ad.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

cfb9efc885f20a99b4de4a37da33b3d25262b880f14df6b13aadd0c3e3754944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
date: Fri, 12 May 2023 18:35:09 GMT
last-modified: Wed, 22 Mar 2023 01:19:47 GMT
server: nginx/1.15.2
x-amz-cf-pop: FRA60-P3
age: 264
etag: W/"641a57b3-12f95"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
x-amz-cf-id: -XUJJl__xALWp2omp920puZMxX5T5-XE4elbh0pbooRodjSkRxyZmQ==
expires: Fri, 12 May 2023 18:50:04 GMT

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
33 KB 76ms
33ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6861935
x-jsd-version: 2.5.16
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230020-FRA, cache-yyz4542-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNxYtLJ2paK9N9nCxVEFbKSAnAWzAt6KtO3Q23kllp1B3iMUjkJs%2BqQVoonF5vPDEcCFoiUEaRHLphAee5JjjDzL3O%2BU76TC4X1b42W4D01NsnucWOw55Md5amDlW2nedW4TuZmJIO%2FejR9f298%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7c64c8d658ad0190-CDG

GET
H2 200 renews.js Show response
reurl.cc/javascripts/ 412 B
493 B 289ms
288ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/1eNxG8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:27 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-19c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sat, 11 May 2024 18:39:27 GMT

GET
H2 200 loading.js Show response
reurl.cc/javascripts/ 134 B
339 B 289ms
288ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/loading.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/1eNxG8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:27 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-86"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sat, 11 May 2024 18:39:27 GMT

GET
H2 200 ga2.js Show response
reurl.cc/javascripts/ 536 B
550 B 289ms
289ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/ga2.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/1eNxG8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:27 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-218"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sat, 11 May 2024 18:39:27 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 81ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 May 2023 18:39:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: EruSJUSQu0sKtgcw4XR5C4UqJnaIqHn1BXe4eG1w7qws5hoxSbPm4rsJE/bxzjoz0Ed9YnxnmnHzdOEktkP+Lg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), screen-wake-lock=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame BA9B 104 KB
29 KB 162ms
104ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4fb82d91fa40f2076bd6f6ea140fb8a8463963fc769ce2a967ab9533e5a1127b

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:39:28 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: wqeFv9ZdZ5irBtBQVF1fdhbOfwVhk9fVzBq1XbdyMP1j/XTROdvsej2Ld8BxtEfTogCnX3BaYTKD6edcS7aHUg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 feeds Show response
storage.re-news.tw/ 7 KB
7 KB 366ms
294ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 260bf19c10fe727e812abcc7a51c337ccdee3c90ca92ac068293f606ce85017a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1c98-aCyA5h6pM3DurZvrNL+PESC8HWk"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7320

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 86ms
25ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 May 2023 17:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5668
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 12 May 2023 19:05:00 GMT

GET
H2 200 17229.json Show response
img.scupio.com/js/config/ 461 B
902 B 74ms
24ms XHR
application/json 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/js/config/17229.json?v=1.0.3839

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

5ad2688e01ce6c1fb55c10933b2fb2f58eadb57f741c9c600b87c7a28be1b456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 18:36:47 GMT
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 177
x-cache: Hit from cloudfront
content-length: 461
last-modified: Fri, 12 May 2023 02:20:45 GMT
server: nginx/1.15.2
etag: "645da27d-1cd"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
x-amz-cf-id: NcD468BV2xA2kWxsPoV9R2cw0VZFrquE0kx6skEb1ro2WSeyC_Lm2w==
expires: Fri, 12 May 2023 21:36:31 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
711 B 1459ms
288ms XHR
application/json 203.69.60.97
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.5199856442297324
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-97.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 12 May 2023 18:39:28 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json
Access-Control-Allow-Origin: https://reurl.cc
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame AAD0 83 KB
22 KB 28ms
26ms Document
text/html 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/html/ad.html?v=1.0.67

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1024
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 12 May 2023 18:22:37 GMT
etag: W/"641a5637-14dfe"
expires: Sun, 11 Jun 2023 18:22:24 GMT
last-modified: Wed, 22 Mar 2023 01:13:27 GMT
server: nginx/1.15.2
strict-transport-security: max-age=31536000
vary: Origin
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-id: fMLNueDszAjs40eBxlirWwBT2oIi3AYv7SNXCpCsaCcsMsdhBC0hew==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H2 200 17253.json Show response
img.scupio.com/js/config/ 461 B
899 B 355ms
314ms XHR
application/json 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/js/config/17253.json?v=1.0.3839

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

44fe894b9de783a018880c44e907c76712c95e0f7965849404747b19305b3ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 18:39:28 GMT
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront
content-length: 461
last-modified: Fri, 12 May 2023 02:20:45 GMT
server: nginx/1.15.2
etag: "645da27d-1cd"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
x-amz-cf-id: kUDw7NkG9IIro-EsNmv4geRFaXjiYoMgUqKl1-ZGnbPCR2hq1zbsfQ==
expires: Fri, 12 May 2023 21:39:28 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
709 B 1450ms
287ms XHR
application/json 203.69.60.97
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.1465309980968834
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-97.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 12 May 2023 18:39:29 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json
Access-Control-Allow-Origin: https://reurl.cc
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame ADCC 83 KB
22 KB 29ms
29ms Document
text/html 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/html/ad.html?v=1.0.67

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1024
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 12 May 2023 18:22:37 GMT
etag: W/"641a5637-14dfe"
expires: Sun, 11 Jun 2023 18:22:24 GMT
last-modified: Wed, 22 Mar 2023 01:13:27 GMT
server: nginx/1.15.2
strict-transport-security: max-age=31536000
vary: Origin
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-id: CiikVMR2qVq26r20Vtfleg5KbdW3WElyT_KAsNaoGMmqLq_D86k9Gg==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 75 KB
21 KB 25ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f69630ede703f500c5dee83d1cf15469265993951d2397c134da8f60af3cfdf

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 May 2023 18:39:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21388
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: U1EaDqBT21+k6JFVVmCeM4EJKaxkU4H5tPs8Lqt+rk1rrQ6lgyIsvo8O6O3zc5zNlGVr1I2XJ05VJKG9HN2EmA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), screen-wake-lock=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
142 B 33ms
33ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1275358318&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2F1eNxG8&ul=en-us&de=UTF-8&dt=Accueil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1002850955&gjid=1944008711&cid=1258364742.1683916768&tid=UA-102456694-1&_gid=808430781.1683916768&_r=1&_slc=1&z=1207007150

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 27ms
26ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1275358318&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2F1eNxG8&ul=en-us&de=UTF-8&dt=Accueil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MTc4LjMzLjE0NC4xNzc&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1258364742.1683916768&tid=UA-102456694-1&_gid=808430781.1683916768&z=830515761

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 13:07:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19937
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame AAD0 95 KB
34 KB 88ms
26ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 14:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 14:13:00 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame AAD0 236 KB
83 KB 29ms
28ms Script
application/javascript 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/js/prebid.js?v=5.20.0

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
date: Fri, 12 May 2023 18:39:28 GMT
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.15.2
x-amz-cf-pop: FRA60-P3
age: 3
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: JvblNd-YeHoQoOGhMCZx-ZEEBPXTLB1JB2K92PWCuf9l2nt5WpS5ew==
expires: Sun, 11 Jun 2023 18:39:24 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame ADCC 95 KB
33 KB 115ms
56ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 14:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 14:13:00 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame ADCC 236 KB
83 KB 27ms
26ms Script
application/javascript 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/js/prebid.js?v=5.20.0

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
date: Fri, 12 May 2023 18:39:28 GMT
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.15.2
x-amz-cf-pop: FRA60-P3
age: 3
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: _c8zThyM9dIEJl1DIAVa35CwZ2PEVkiLKuWEtfQqUJW1UCbRVg2WvQ==
expires: Sun, 11 Jun 2023 18:39:24 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 71ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je35a0&_p=1275358318&cid=1258364742.1683916768&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1683916768&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2F1eNxG8&dt=Accueil&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B30YN55-3KR.css
static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/ Frame BA9B 19 KB
5 KB 79ms
26ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/B30YN55-3KR.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f7bd306a36a6bd71f0e45a65367f0e48082255d89a849874c440bdf201a2551

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: omNgP7RWlWzODTv1QG2/IA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4906
x-fb-rlafr: 0
x-fb-debug: e3qsotnTNs6ygOvdjnHzC8s9MTw9WcwShDs6nQ2Ybch6QVmMo8MpgVlKmvAb7fayWWWz2g/NkIeHZ7Smrp585A==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 00:34:00 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame BA9B 2 KB
1 KB 78ms
25ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: XB37KsUKBjap11Cl2+xcGF+rg7xT7lKZlHBgbMK6OS0lx9WinhQfTv6ExH43wc3OBXWHGWvYZCHvzAZckD7qyQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Thu, 09 May 2024 23:08:04 GMT

GET
H2 200 XMHgiwdrM2B.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame BA9B 33 KB
7 KB 79ms
26ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/XMHgiwdrM2B.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43cef17a32d6403565654fc0972e73949f5cdb2c7e51830898b0738078f89f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: x1EIOauApyTRaW/nXejV3Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6475
x-fb-rlafr: 0
x-fb-debug: VpcLz6X9Cy+CXu2qIKVi1zz2r7t22s2d2+R3KZV8EAxiMpn2Y8ZDB05E5+qMz5v+AQ9VZmljgnFky2FrSgs2Cg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 17:05:50 GMT

GET
H2 200 sGB6q6J_9J9.css
static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/ Frame BA9B 12 KB
3 KB 79ms
26ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/sGB6q6J_9J9.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1dec3f8850c7d132a183fa9a451245ee68bed33dab3da5fe1dce2c7c71232ec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DI/W7WVjLu127rC2rDKqSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2640
x-fb-rlafr: 0
x-fb-debug: ZhNj1/oA1tU75RFNg/MKgpSEG8j5smyq7Q1m1ywKjPJqc20sBxwCnq74T5t1MGJjaWEiurL8Dra+lOCyMW25Zg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 17:06:14 GMT

GET
H2 200 sL2I6O8prnM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame BA9B 304 KB
80 KB 101ms
49ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/sL2I6O8prnM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4793a27348526aa6ae635c6eaac52c87c51275e4687f45e394ce9266a2bd85d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: PLFxzKNw+vKEoW17VICsjw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 81541
x-fb-rlafr: 0
x-fb-debug: dqpHfPoZNsZA4cB+i6plZeg8mwuiKjuH96VQHXkwq5xgXH+Yaazz6nZsewZ5+xy/Y4/cWp5NAV156obCT1nBTQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), gyroscope=()
timing-allow-origin: *
expires: Fri, 10 May 2024 19:07:20 GMT

GET
H2 200 95DyhaE30GQ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame BA9B 45 KB
14 KB 102ms
49ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/95DyhaE30GQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d0ad39da4b97698ffebd5d583a5f8af1198104fc4570fc254d3f5f1c1355376

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qf1+6j4NqW73bo5gCEb3jg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14592
x-fb-rlafr: 0
x-fb-debug: fPiHMyZcSTPcJWs6ZS5Y2ZvquyCPRafB2c9A58RKbKQZRUc+j9ow26FLLBaKiIicwhNqWB9Lt1g5eQVYITteuw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 16:11:27 GMT

GET
H2 200 V6tXz1psgtp.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame BA9B 52 KB
16 KB 102ms
49ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/V6tXz1psgtp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a5dd117eeb441594968e0e44a98ea21e03e9c5778233b43df994909442d18833

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LgItkwi+WKSrIFIqJkEkmw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16478
x-fb-rlafr: 0
x-fb-debug: PU3XdTAQ/xS0xW6h5PorOpCmlUDW+JI7Gf8/x4dCzoZnQVY8HssQ3GdU8qNNVXR78ibjUf9nGRAMhsBztXI1Ag==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 16:11:27 GMT

GET
H2 200 Af0eLEnCOvM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame BA9B 52 KB
15 KB 143ms
91ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/Af0eLEnCOvM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f6295339ecc001a5aad57f7f19f6f26dbfa9a5fbadb83c8ed02400e1890539b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 42pVa2Qc3wUR3qZAM6pkqg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14834
x-fb-rlafr: 0
x-fb-debug: ybeJVRjHcOacHjNYcXHUXR7Lq6I42YJ1dXA2EGsg/lGY8EBcZ66lIsSrPmv5GKQlHHvQSSCfgnYr6/0Ct5YxPw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 16:11:28 GMT

GET
H2 200 BIyo8a40O9A.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame BA9B 20 KB
6 KB 144ms
91ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/BIyo8a40O9A.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c776eeb886a53d0037dc5e54f5c25c0a467b8b4a5bfaa8d3493280de33f2494a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WZAYiPX0JJ5bmclIYaEF+Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6199
x-fb-rlafr: 0
x-fb-debug: TaoxXon4QL1zy0QYVlF7x/bFpuAn/uUOFqMTH+SAN0KRikbCRuTSFpyilRJWw1AQz/PHgQAiYL92xaJ1v6iM5Q==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 16:11:29 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame BA9B 507 B
488 B 144ms
92ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: U/uizRbnpXM8xf877Qo6cIlov0vifrqRTzkwYVmTH+NyLsygEvCLOyev7OBGJvB/rLPX7vSxgTrHgZIzsM+BGw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Thu, 09 May 2024 22:26:14 GMT

GET
H2 200 lWhv2XMtXvP.js Show response
static.xx.fbcdn.net/rsrc.php/v3iek84/yz/l/fr_FR/ Frame BA9B 212 KB
60 KB 143ms
91ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iek84/yz/l/fr_FR/lWhv2XMtXvP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

224b4341984701b19f02e42d32822b7783707a38b73ed199534d252f5245fd4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Rc5riuSyvIqnQoMf1ZxPCA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 61586
x-fb-rlafr: 0
x-fb-debug: QK8r0qSUFihhswJpaVVzvonAIL+qL7Bu1y+m8w+2IIp4X6xTiLsYbC80R68si2G8dxfkFGI5hlpDVVBfZn/nsA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Thu, 09 May 2024 23:05:36 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame BA9B 5 KB
2 KB 144ms
92ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: koakLGY1v5R2GWTxsSnA3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1615
x-fb-rlafr: 0
x-fb-debug: kXEbDiR6JKVWBV94ADQEknVk9DEfqDsxpUqlkwvl7nfXDz8//u37oTtDoxgBueN+dy3BmBbF4XBfdl7cPwFpLg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Thu, 09 May 2024 22:21:36 GMT

GET
H2 200 pwiQD2NVju_.js Show response
static.xx.fbcdn.net/rsrc.php/v3iZPf4/yh/l/fr_FR/ Frame BA9B 71 KB
21 KB 101ms
50ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iZPf4/yh/l/fr_FR/pwiQD2NVju_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa57cab032036971a3cd699753f9b38ebe9b80fcba419c8153388e33b941e491

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3qcjmCjfXme03Y2Er6ebvA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21318
x-fb-rlafr: 0
x-fb-debug: qyhYhCKjlaWvJn66RBEx7X8iGNDsiEPlSpbv4101WcuHA8Xp/lxz3VMwJ7XoSham/m92HgqrE35yu0gpmuTQog==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 17:06:57 GMT

GET
H2 200 ZJ4f0NI4dCd.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame BA9B 22 KB
7 KB 142ms
90ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/ZJ4f0NI4dCd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00cf90a75740d2abf95909398ddcae9e15b37f34ab5d3557164bcfc2be9ee600

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sZr/U2NfvWiariY1YbDY5g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7320
x-fb-rlafr: 0
x-fb-debug: 6S9SjO70y2k4LNx0PdCOm+IwQROPK2dBVrRStl6okgLw2kFg3WmP4wpy3tepavX+O+PRAHOQ8AgIvrSNKCUs8Q==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 16:11:27 GMT

GET
H2 200 CXq6Vm5Jk4S.js Show response
static.xx.fbcdn.net/rsrc.php/v3iMc64/ye/l/fr_FR/ Frame BA9B 329 KB
78 KB 143ms
92ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iMc64/ye/l/fr_FR/CXq6Vm5Jk4S.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e00162dce4a5898ee65feca65f0e7ab6d7cebf605e9b55495cc12d3a572dba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: humrrfYuusPlEViI88Vtmw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 79168
x-fb-rlafr: 0
x-fb-debug: atg4UG8+IZCrtu5K3C55Jk3VTbE/OpqbLsYWichC4VbyvnxDEA7LsZr78AyJoEiLSsEmb690nTjN6McpZTt8dQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), midi=()
timing-allow-origin: *
expires: Fri, 10 May 2024 21:23:25 GMT

GET
H2 200 gBqjKXQZHG4.js Show response
static.xx.fbcdn.net/rsrc.php/v3icEs4/y-/l/fr_FR/ Frame BA9B 412 KB
97 KB 144ms
93ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3icEs4/y-/l/fr_FR/gBqjKXQZHG4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ce58bc0abc8b73877c4e7a8d30c40a193e10f8ab8ce5eb518e1dfeac525de4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: OuSp/uvMEntl372Eh1DT5g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 98865
x-fb-rlafr: 0
x-fb-debug: eQmcxsndpxICKk4DxW/ViLvMuweFDH5ZyVY4mkapbcugyu2I+V2Aw2U1IH3IEWdTfMm9QUt32bs/GLo+jt3ODw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 17:06:57 GMT

GET
H2 200 qxNaG7UVE5C.js Show response
static.xx.fbcdn.net/rsrc.php/v3io-a4/ye/l/fr_FR/ Frame BA9B 45 KB
14 KB 144ms
93ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3io-a4/ye/l/fr_FR/qxNaG7UVE5C.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e2dcaecf27d014836fa96a52d4670749ed931bec7d9a0e28cf51a0d1f5c4fd08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /POtbvuqBk3+AeloEOPrbQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14081
x-fb-rlafr: 0
x-fb-debug: V1cT9JJ3AGYMxcJjP4625X8vw5VwRkWsdqeL6rNUOdBtJQb/uXsodKgUy/xCWXn/cbbqgAnFzE+cysZb25JhyQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Sat, 11 May 2024 03:53:48 GMT

GET
H2 200 7TQpq0fzfu4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame BA9B 2 KB
974 B 142ms
90ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TLChQoDhUYzpJFadDZTs1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 782
x-fb-rlafr: 0
x-fb-debug: mmaE0F8FoMQnT3lGlAG9GfM68W0FMop99201h7E6KM2J1T/W8i6ZqeWoH0sKI5nNj5Wjd0Z2+yqRmVnYoG+iWQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Thu, 09 May 2024 21:42:34 GMT

GET
H2 200 h8ulkmpky8f.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame BA9B 55 KB
15 KB 142ms
91ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lbhbphR1BNPxW6RqDJiiow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15174
x-fb-rlafr: 0
x-fb-debug: ovIUahiSyoTdP+K9s95VlGP1EJWm17LpB6p4j0LbVPrJU9Tj8Cio+014/R23Ry8YNg+cz6MmvRsXOH8Y/yL4IA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Thu, 09 May 2024 22:19:54 GMT

GET
H2 200 325141786_6140032619364934_7377705774471631398_n.jpg
scontent-cdg4-3.xx.fbcdn.net/v/t39.30808-6/ Frame BA9B 16 KB
17 KB 70ms
21ms Image
image/jpeg 2a03:2880:f08e:219:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-cdg4-3.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=dd9801&_nc_ohc=ZFsOLg-f-m8AX9_Ko8l&_nc_ht=scontent-cdg4-3.xx&edm=ADwHzz8EAAAA&oh=00_AfCh_WNpVOM1etlkuO9O7ODSZFQkOfEVLyHN4pj22oUjxQ&oe=6462B045
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f08e:219:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-haystack-needlechecksum: 1290236993
date: Fri, 12 May 2023 18:39:28 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 13 Jan 2023 04:15:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1433450679
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2910780274
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 16853

GET
H2 200 305964663_450890893727816_1742559653774706626_n.jpg
scontent-cdg4-1.xx.fbcdn.net/v/t39.30808-1/ Frame BA9B 1 KB
2 KB 72ms
21ms Image
image/jpeg 2a03:2880:f08e:3:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-cdg4-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=x5NVnY4LqGYAX-qGAot&_nc_ht=scontent-cdg4-1.xx&edm=ADwHzz8EAAAA&oh=00_AfDmiTBzVP58L7loX8lkmULL4-xrMc41ETekjo0IrNXeNQ&oe=64636A15
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f08e:3:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-haystack-needlechecksum: 760809244
date: Fri, 12 May 2023 18:39:28 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2540016234
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1345

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
344 B 72ms
23ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-102456694-1&cid=1258364742.1683916768&jid=1002850955&gjid=1944008711&_gid=808430781.1683916768&_u=IEBAAEAAAAAAACAAI~&z=383638717

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 May 2023 18:39:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 71 KB
21 KB 25ms
25ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 May 2023 18:39:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21675
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: RQyeUIzS9eHslBSuZ9/JDzSR0B+Fudl7OyQpHV3HH7H41zL7VNg/Os7SF1YpTfBYQNCwjP7FTlh9EfTtBuMYMw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), idle-detection=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/ 406 KB
125 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 10:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28991
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128048
x-xss-protection: 0
server: cafe
etag: 352811828592807000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 11 May 2024 10:36:17 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 544 B
296 B 115ms
61ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 271
x-xss-protection: 0
expires: Fri, 12 May 2023 18:39:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
104 B 24ms
23ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2F1eNxG8&rl=&if=false&ts=1683916768507&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=28&fbp=fb.1.1683916768505.1201252114&it=1683916768363&coo=false&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 12 May 2023 18:39:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 133ms
65ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-102456694-1&cid=1258364742.1683916768&jid=1002850955&_u=IEBAAEAAAAAAACAAI~&z=229920465

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
408 B 128ms
63ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-102456694-1&cid=1258364742.1683916768&jid=1002850955&_u=IEBAAEAAAAAAACAAI~&z=229920465

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame AAD0 107 B
536 B 26ms
24ms XHR
application/json 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/js/config/currency.json

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

7ff1c799fcf5d2b13dce465899beeb94eb09dfe26eaeb80ba08aca3bf0fbc987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 18:37:12 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 138
x-cache: Hit from cloudfront
content-length: 107
last-modified: Thu, 11 May 2023 19:15:03 GMT
server: nginx/1.15.2
etag: "645d3eb7-6b"
vary: Accept-Encoding, Origin
content-type: application/json
cache-control: max-age=10800
accept-ranges: bytes
x-amz-cf-id: -_nJSYp4KPz662lftnAVLlcy1gqjpvUJP1o7Jv2irwiA_cdZlAkakw==
expires: Fri, 12 May 2023 21:37:10 GMT

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame AAD0 0
218 B 1005ms
447ms XHR
text/html 13.113.235.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1683916768541&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.235.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-235-121.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 12 May 2023 18:39:29 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame AAD0 2 KB
2 KB 904ms
305ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.2358137491276593
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: 8bdace21591d96e28d3e50f1d2d619ded80e02d5b6f17c5d6c187591f5198508

Request headers

Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Fri, 12 May 2023 18:39:29 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel
Transfer-Encoding: chunked

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame AAD0 0
176 B 417ms
125ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=d7d54a46-605d-4d77-aebb-73aacc68cbd3&u=https%3A%2F%2Freurl.cc%2F1eNxG8&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=43071f2a-e1ae-42d2-9dd4-0b810560de5c&w=300&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hagerstown, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 12 May 2023 18:39:28 GMT
access-control-allow-credentials: true
connection: close

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame AAD0 0
177 B 774ms
254ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 12 May 2023 18:39:29 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame AAD0 0
216 B 90ms
24ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=86529761572

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
531 B 110ms
46ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 98ms
34ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 153 KB
28 KB 633ms
632ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2915345233509665&correlator=2842590311171414&eid=31074171%2C31074538%2C31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13856%2C14210%2C14209&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C1x1%7C320x50%7C300x100%7C320x100&ifi=1&adks=81851380%2C827794272%2C3242553145%2C3271617715&sfv=1-0-40&cust_params=url%3D%252F1eNxG8%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1683916768713&lmt=1683916768&dlt=1683916767683&idt=971&adxs=245%2C245%2C625%2C245&adys=511%2C108%2C108%2C364&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Freurl.cc%2F1eNxG8&frm=20&vis=1&psz=1140x90%7C380x256%7C380x256%7C1140x50&msz=1110x90%7C350x250%7C350x250%7C1110x50&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=1258364742.1683916768&ga_sid=1683916769&ga_hid=1275358318&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0d8f6dd60f1d780db1417895e3d28a0285fc4c4a7b2215f4b88982dd069a681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28462
x-xss-protection: 0
google-lineitem-id: -1,6297987529,-1,6297899953
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138432380646,-1,138432362607
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 457ms
457ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2915345233509665&correlator=2842590311171414&eid=31074171%2C31074538%2C31074558&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=5&adks=3261691140&sfv=1-0-40&cust_params=url%3D%252F1eNxG8%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1683916768725&lmt=1683916768&dlt=1683916767683&idt=971&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Freurl.cc%2F1eNxG8&frm=20&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=1258364742.1683916768&ga_sid=1683916769&ga_hid=1275358318&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58ed0b854ee1abbf7fd5589cb56700214cad63aea103aa15472bec664a4e5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10561
x-xss-protection: 0
google-lineitem-id: 6263003938
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138428653768
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3a69c1ddca98dabb378d829b3a9279f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EEF1 6 KB
3 KB 128ms
34ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3a69c1ddca98dabb378d829b3a9279f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:39:28 GMT
expires: Sat, 11 May 2024 18:39:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 wemix_logo_Logo.jpg
mma.prnasia.com/media2/1867226/ 12 KB
12 KB 92ms
36ms Image
image/jpeg 2606:4700::6810:fc04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/1867226/wemix_logo_Logo.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:fc04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ee4a3ff29706d334b665b5631d7f3d22de61016097a64c83cb0ecef9da4bd0d5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
cf-cache-status: HIT
age: 12587
x-powered-by: ASP.NET
server-timing: intid;desc=d02adb4f702afa3
content-length: 11867
cf-bgj: h2pri
last-modified: Fri, 12 May 2023 15:09:41 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=1
accept-ranges: bytes
cf-ray: 7c64c8dd0c0f017d-CDG
access-control-allow-headers: Content-Type
expires: Fri, 12 May 2023 15:09:42 GMT

GET
H2 200 %E5%8F%B0%E7%81%A3-Pay-%E9%AB%98%E5%9B%9E%E9%A5%8B%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6%E8%88%87%E6%8C%87%E5%AE%9A%E9%80%9A%E8%B7%AF%E5%84%AA%E6%83%A0%E5%BD%99%E6%95%B4-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2020/10/ 65 KB
65 KB 468ms
405ms Image
image/webp 192.0.78.135
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2020/10/%E5%8F%B0%E7%81%A3-Pay-%E9%AB%98%E5%9B%9E%E9%A5%8B%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6%E8%88%87%E6%8C%87%E5%AE%9A%E9%80%9A%E8%B7%AF%E5%84%AA%E6%83%A0%E5%BD%99%E6%95%B4-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.135 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

92f9f001e9f335dc3ba11338e516af016b641679e9195f7aeb9a753b05ee750a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ac: 3.cdg _atomic_ams BYPASS
content-length: 66404
x-nc: HIT bur 7
last-modified: Thu, 03 Feb 2022 19:05:55 GMT
server: nginx
etag: "3693184e25b7d797"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Sun, 04 Feb 2024 07:05:55 GMT

GET
H2 200 renews-title1.png
re-news.tw/images/ 24 KB
24 KB 1283ms
581ms Image
image/png 35.185.136.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re-news.tw/images/renews-title1.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.136.122 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 122.136.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
last-modified: Sun, 28 Nov 2021 04:19:19 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "61a30347-5fad"
content-length: 24493
content-type: image/png

GET
H2 200 1683808826-caa5c6615169bba929d0f9e85739ad18-840x525.png
img.gbyhn.com.tw/2023/05/ 661 KB
663 KB 87ms
28ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2023/05/1683808826-caa5c6615169bba929d0f9e85739ad18-840x525.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15eb7435fb21735b46e2678b269a02d08997954c54ed8bfacd0f8c44b40236e9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41245
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 677316
last-modified: Thu, 11 May 2023 12:40:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kP7e63e6qB1mVk8NRdFlPv47nO0%2Bt65bk8lFxGxeT1dISBqB0ROAF6tAi4H5U6fS0yqhS3t%2FxzjZ3sxTa7r%2F0udliTE%2Bnu%2Fa6qHQRXRRFwjljY4fIY92Osy%2FjwvSY90Eh2D2%2FlQ%2BEU7sNGFwcAR4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7c64c8dd0fca9987-CDG
expires: Thu, 18 May 2023 12:42:18 GMT

GET
H2 200 %E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 180 KB
181 KB 606ms
550ms Image
image/jpeg 192.0.78.236
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
strict-transport-security: max-age=31536000
x-ac: 3.cdg _atomic_ams BYPASS
last-modified: Thu, 27 Apr 2023 05:06:22 GMT
server: nginx
etag: "644a02ce-2d1f7"
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 184823
expires: Fri, 19 May 2023 18:39:28 GMT

GET
H2 200 ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94...
www.rayskyinvest.com/wp-content/uploads/2023/03/ 31 KB
31 KB 139ms
45ms Image
image/webp 35.227.194.51
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/2023/03/ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94%A2%E5%93%81-750x375.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.194.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.194.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 12 May 2023 18:39:28 GMT
expires: Fri, 10 May 2024 19:36:02 GMT
last-modified: Thu, 30 Mar 2023 16:44:53 GMT
server: nginx
etag: "6425bc85-7a08"
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 31240
x-cdn-c: all
x-sg-cdn: 1

GET
H2 200 file.png
static.wixstatic.com/media/08c74d_ba3a5eb8e092499c974acd5b3e418350~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 331 KB
331 KB 80ms
22ms Image
image/png 34.102.176.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/08c74d_ba3a5eb8e092499c974acd5b3e418350~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.21.4.1 /
Resource Hash: fe3c06eeffb10add536e52ac60fb6cccc3ea545d6fa16231830de8c4630d4851

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:17:53 GMT
via: 1.1 google
server: openresty/1.21.4.1
age: 1927295
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338711
wix-tracer: 2OgkB2cQkL27lAScuMqWUX6Tz4s
x-seen-by: image-manipulator-54fd5c7947-48d4c

GET
H2 200 1672766450-7-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/01/ 487 KB
488 KB 71ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg?fit=2560%2C1920&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

81a83ad8c65b893ec909609444e653b7e0be9395ccf59016e03284e0d1a13844

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc: HIT cdg 6
date: Fri, 12 May 2023 18:39:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Jan 2023 09:04:11 GMT
server: nginx
etag: "e36ec6663165a6fd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg>; rel="canonical"
content-length: 498450
expires: Wed, 08 Jan 2025 21:04:11 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame BA9B 573 B
626 B 31ms
30ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/B30YN55-3KR.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/B30YN55-3KR.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: zZMJrl97IK93nu2XkSwBBU8SPXZa+Qa5covv/N29ZvhfDmJgSCoSq4u2E1YtJkcZMhB9AZBYAaz4MkYDazwa8A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 May 2024 03:19:54 GMT

GET
H2 200 _hqc_aMr9C3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame BA9B 257 B
362 B 26ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/_hqc_aMr9C3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/sL2I6O8prnM.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0444b1b5042af5960f90af7acf447c51296ab8f2a25dbe19bd06b043a5099f57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uv2dV8EM/QGJ13tdAmmrUw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 173
x-fb-rlafr: 0
x-fb-debug: syTKtBcdu6Xt86atA45wAh5Dn8SagJ4/rs1DsdUmu/7y/Q5ktSCVr2nyRuFRMdss2u4UbvSpAA0GOh3XYYneyA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Thu, 09 May 2024 22:23:55 GMT

GET
H2 200 zEkQ-Lr4eYp.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame BA9B 10 KB
4 KB 26ms
25ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/zEkQ-Lr4eYp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/sL2I6O8prnM.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e1badd34aa9dc95375d7b705fdb0549bf91bcaf5c788acc6f75d4e56e3b392ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: bRN/8K98407hrt/Vn86PAA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3516
x-fb-rlafr: 0
x-fb-debug: hQ4WFY3kqtanRs2sPSLxOUgqUcZcOw1orawtVyxBelQwku5pugXk3bQXtmrobjw11D4GxxJNEagHd+/zYK4O/g==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Thu, 09 May 2024 22:13:35 GMT

GET
H2 200 Zj4GuFghQl4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame BA9B 12 KB
4 KB 27ms
26ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/Zj4GuFghQl4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/sL2I6O8prnM.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dBSAisRg2e2k/EbKxbTt7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3450
x-fb-rlafr: 0
x-fb-debug: A7O9Y9Aw183slyLjqeF0X83FM+HXPFe9oTPRmJgBkJg1Zu1Lfv0ubKE+uG2wcYFfn6MTLoKn2VeqoDA0Do0KAQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Fri, 10 May 2024 04:14:13 GMT

GET
H2 200 kfum9CaiBLN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ Frame BA9B 335 KB
73 KB 27ms
26ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/kfum9CaiBLN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/sL2I6O8prnM.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c363d8d02bbcf937db6da67eb083cb6bbbd416255901f974b2c5d59c0e6e1eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kIyFR0uw2Apmc64G7ccJ1Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74074
x-fb-rlafr: 0
x-fb-debug: jr99KQXDvk2rrTiJCTdruTAGwA2DuhOdKyfZMzfPeqe7gz9lC4AFcTKrhaQbYJaWianERPWJQeTrMltWvku7Dg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Wed, 08 May 2024 21:43:48 GMT

GET
H2 200 BqEjD1dj1pL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame BA9B 840 B
553 B 27ms
26ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/sL2I6O8prnM.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uknKQ5sJ+8vBWLiIBWWBIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 356
x-fb-rlafr: 0
x-fb-debug: 7IEctsuwKmIDHJI2LzfxwjQnEWEtzkJX2uaETe2gcvAuSMgBMWeDzd3DYJLC+hhKNP1lIIBPwlj5Rh6qoWwFJQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
expires: Thu, 09 May 2024 23:50:57 GMT

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame ADCC 107 B
528 B 24ms
22ms XHR
application/json 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/js/config/currency.json

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

7ff1c799fcf5d2b13dce465899beeb94eb09dfe26eaeb80ba08aca3bf0fbc987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 18:37:12 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 138
x-cache: Hit from cloudfront
content-length: 107
last-modified: Thu, 11 May 2023 19:15:03 GMT
server: nginx/1.15.2
etag: "645d3eb7-6b"
vary: Accept-Encoding, Origin
content-type: application/json
cache-control: max-age=10800
accept-ranges: bytes
x-amz-cf-id: QdVU-JNVSmTE4gRR51u1pwx34S6JpnH1GUjt-CRvN5eknvRp-jGUiw==
expires: Fri, 12 May 2023 21:37:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame ADCC 0
215 B 27ms
23ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=35638205088

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 May 2023 18:39:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame ADCC 0
219 B 660ms
346ms XHR
text/html 13.113.235.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1683916768581&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.235.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-235-121.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 12 May 2023 18:39:29 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame ADCC 0
176 B 534ms
255ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 12 May 2023 18:39:29 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame ADCC 0
176 B 306ms
123ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=d7d54a46-605d-4d77-aebb-73aacc68cbd3&u=https%3A%2F%2Freurl.cc%2F1eNxG8&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=6f9b68f6-33f1-4f5f-9fcb-aed2b02bd134&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hagerstown, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 12 May 2023 18:39:29 GMT
access-control-allow-credentials: true
connection: close

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame ADCC 2 KB
2 KB 884ms
297ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5504426888997069
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: 2cdc22c65a7844cbcdbb680bc9564ec847ff4979b4f2d317d255fc2f7c9d329f

Request headers

Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Fri, 12 May 2023 18:39:28 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel
Transfer-Encoding: chunked

POST
H3 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame BA9B 907 B
569 B 59ms
59ms XHR
application/x-javascript 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iZPf4/yh/l/fr_FR/pwiQD2NVju_.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3906fa97c5adf05a3cc37ba28a77469d689c1ad4e48424724abe8c3e2a79baa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: 1pNOI7xxPeWVz1BoxDOgcb
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 198387
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 12 May 2023 18:39:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: yeAoM1ia7WVMi+B6OBiyJdQhebDCWI7QD24dkB8sd63DrtzKZp5u0FC+Q6B4Q2EzuPwcmbvcVNQGAGaVdtFrjA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), midi=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET /
www.facebook.com/platform/plugin/tab/renderer/ Frame BA9B 0
0

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame BA9B 907 B
555 B 48ms
48ms XHR
application/x-javascript 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iZPf4/yh/l/fr_FR/pwiQD2NVju_.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd0544bff11e121201c062fc6a55c35a56856ddaf573ecd02eb397cc48e5c6ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: 1pNOI7xxPeWVz1BoxDOgcb
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 198387
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 12 May 2023 18:39:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: kdM8UNytxRFu0yAiBgK7/pC8RL0HvYQqz6ajzuY+lM8123ZsLJRgorlc0UjmwFkmapK9ru534U2T7KQQZSub+w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), serial=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame BA9B 12 KB
12 KB 27ms
27ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/XMHgiwdrM2B.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/XMHgiwdrM2B.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
x-fb-rlafr: 0
x-fb-debug: 9QOngrmZx+664eD2+AR3/MISx8iku217mgdM06vYM7mZw+sN0f8Hu34OS6WmkT9pRKOo7JKUSE7QjPVcN6y37Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 May 2024 20:50:25 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame BA9B 1 KB
1 KB 29ms
29ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/B30YN55-3KR.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/B30YN55-3KR.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: u9UUTFY1PzwF3SV1pgfWzDleAotCZH3dc1KboDDVIggFn6Ltkf53yaW12zPnbAvmw79SQBT9p+d0TU4a9XHV/A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 May 2024 23:10:35 GMT

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame BA9B 198 B
256 B 26ms
25ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/sL2I6O8prnM.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: WpTFNGAqaUjYVuhiadWBxucLOggtip/scALuW6Wd0fez+nLUdvdJM6PZERMXMtgg5NR9UnEsxyHvrnf/E1fNWQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=()
timing-allow-origin: *
priority: u=1
expires: Thu, 09 May 2024 19:23:07 GMT

GET /
www.facebook.com/login/ Frame BA9B 0
0

GET
H3 200 /
www.facebook.com/login/ Frame BA9B 0
0 111ms
111ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/sL2I6O8prnM.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 12 May 2023 18:39:29 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: jLAC11VUvapgJZDQbupdVa/jOmfMvH0LChoxYrvkx4tJxSQkRcKqR74RBZUldh4jT7fwj7ETxm7d3Lord5BHHg==
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 361E 0
0 65ms
64ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst95CymrDmmXG0Bt3O_aW14cQgItehchaSXRimluC8tOO0vpK7HsppPnED5NeElPDtRpGai34La-94c23q1YMkdALQWHq4rHc3Hd9Vfc0n6ij1C1clBv75gClQ1GqI0HbMsUuVjCAV0zDKYUqjAtfpUaz_QCNPRmyT8iFYpClzHB_y04TkbPOYryQHed7RlcFWUH9J7lnD8-Lk3M_1enhZapD_QAUtA5tDQcv33zaMkC91B4BnJ_B9nsgLHkZYSxbPbu-Y-Nh6kPVVXrxTUaZ_LKSYuP1FMSXFwTKDmbMHhV_t_AQO_dcCWXfLET-kLKLe6inPJTiR3pGzB-41lq7OKo4g&sai=AMfl-YRwfZzdbTtkwt2-iaFTbeanS-gsKdFl8_I7N_rcKNAjH0tSFA9T2j_bvaJRGAn2KE0Fto31SkL6tKKLPPlboeKKWlwYLATkiTKpfn10veCumPz_l1_z3EEPqRys8wqM2wyjkTO-UgSR2tk3EEoa&sig=Cg0ArKJSzGe67vJ2hJvKEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 18:39:29 GMT

GET
H2 200 7942.js Show response
cnt.trvdp.com/js/1250/ Frame 361E 535 B
899 B 93ms
26ms Script
application/javascript 65.9.66.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1250/7942.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:34:50 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 15:54:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1944280
etag: "f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 535
x-amz-cf-id: cqtPBjAJ4Ka22nVMVOHUkYJDdtoxe_MFQKhH-nOo4-znabWRouLO_w==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 361E 169 KB
53 KB 119ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 18:39:29 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
403 B 294ms
294ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

fa299277b361bb926ed4fc05fcc7515673f288d7baefbc37faee5ce5a43e4146

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 7942.js Show response
go.trvdp.com/init/ 6 KB
6 KB 92ms
25ms Script
binary/octet-stream 143.204.89.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/7942.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:34:50 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified: Sat, 25 Mar 2023 08:02:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 1944280
etag: "cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: _HPu_Lk_PQM-e04zqV0F77q1eDgnnwO7_QWbYlQ05MIESojutRJ4uw==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304262219000/ Frame E3C5 222 KB
61 KB 140ms
28ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61839
x-xss-protection: 0
server: sffe
etag: "ccf36922213b3ec5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame E3C5 15 KB
5 KB 206ms
95ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5222
x-xss-protection: 0
server: sffe
etag: "4fd619331b8f64df"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame E3C5 94 KB
28 KB 207ms
96ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28884
x-xss-protection: 0
server: sffe
etag: "6451d33588c99856"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame E3C5 5 KB
2 KB 214ms
103ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1906
x-xss-protection: 0
server: sffe
etag: "83933b769a9f5701"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame E3C5 40 KB
13 KB 215ms
104ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12938
x-xss-protection: 0
server: sffe
etag: "3f9bab308b30f46e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/11031165163331131163/ Frame E3C5 19 KB
20 KB 102ms
37ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11031165163331131163/6592766407814317453

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a79d6f759283d99062dab2ca98ef817e90a076f6d407cb8ed4e8c47be43f88c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 01:31:58 GMT
x-content-type-options: nosniff
age: 580051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19749
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 05:17:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 May 2024 01:31:58 GMT

GET
DATA 200
OK truncated
/ Frame E3C5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba5e7bb0e889bfc0c49670758735c0a05fe1c395d1b3d8a569ff84ebd7676e28

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E3C5 3 KB
4 KB 100ms
38ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:28:44 GMT
x-content-type-options: nosniff
server: cafe
age: 4245
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 13 May 2023 17:28:44 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E3C5 344 B
449 B 112ms
50ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 22:24:04 GMT
x-content-type-options: nosniff
server: cafe
age: 72925
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 12 May 2023 22:24:04 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E3C5 0
0 72ms
71ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CP3-_4IdeZOuHMeiTmLAP58C8iAjHqsGmcJTRy9qIEdrZHhABINLMgRpg-wGgAZ7lirMpyAEJqQLTpM-sbWaDPuACAKgDAcgDCqoE6gFP0CZTGKWnKxzMKzxR467ur8ChaotHhv8WL16Rg9hGO9xp2iaAa4DUDO9wwQw3oquGe1uX0TVIE1oXvFZwC87SCGvzl9bY1ZvBNzUEYAzLy071ZL0SqwrwMSIbERC0PZf3OB5PArEosLp0H3YSqM57KwBqBMPCj3nkQRBlQfBxYAAfoNb-l-UrINoMcgECf2uiYakgj-0I3V8r2dHTCtzO6OSMZ9MdzYgapf4639whKnzwywJmQzVMVwKW9rjKxvSa43valQURvEYCBbHITB0yUDknXr0aHBXQSU75GKwxP4VVVDiSvVywKLLABLryn66tBOAEAZIFBAgEGAGSBQQIBRgEoAYugAeenduSBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENnKFNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwG4E-QD2BMC0BUBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=jsrBqFmPUXg&uach_m=[UACH]&cid=CAQSTABygQiDNAbgC91pSyeBxaYAo4dUN6QFgfXg1w3QQCc8xLmo_b8mQrZROTcUWR6768knoxBph47XoSA4J4SOs1x9aXmmBip-TgsxIxIYAQ&template_id=484
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 17C1 0
0 65ms
65ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnAF0IIFFd17999A_HitWDBMKzICaeQhOVyQkQ19A4P3caWFMDL7j2-tIbU5S_B4O991a33rk5QpfYnLYYm_ucAV1ZeljLI9HWDk_VP7tRte0AJ7i0STWN693tmGx5PA8_ZG2k2DSbEP_zBm0Xbig_gsrsiTuhNuZSNuowQiWDusXk_IXAYjvONqzUHkj3xapIEF3T6s-Ci5rZ0Zjl3iOjmzyV0URfHMR-f3fA9Vw4rdeurZOV_N-zI3iR_ho0sH-Z-W_fx2DNCZy15EmMsuNNcfTvLwA-o28wyZis5OSQ2yZ6_xqttV2l5kXE5dpEkwiiaI1OISaase6lT-61IBZcCJfWjjf9&sai=AMfl-YR-KhW_wN8P76LMYGhFqUuqfxack5nbvUB3vaAz40NamKJ08UdSijmo2zcA5EGjw_r1u4iTx8PvsKpJlbWKOHOwnRq_mQQYX3NgkXWxZ71raa0jzpsc36V20CvsL-YsJSN5SCsSFneUp-LpvZWp&sig=Cg0ArKJSzAYmGFCqmgMUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 17C1 17 KB
18 KB 120ms
34ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: ob.gyCU597Y5NXDvo34ZIxNtuayfkMGL
date: Fri, 12 May 2023 18:38:40 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 50
x-amz-server-side-encryption: AES256
etag: "6c37b2eb5706a6225b62a75a80493f4a"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17750
x-amz-cf-id: lJr8YznjzRCY0xD3I9noHN2b52wbQ4lViWMa2s86E4HYBfbIuiC9bw==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 17C1 169 KB
52 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 18:39:29 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304262219000/ Frame 7A47 222 KB
60 KB 121ms
56ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61839
x-xss-protection: 0
server: sffe
etag: "ccf36922213b3ec5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 7A47 15 KB
5 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5222
x-xss-protection: 0
server: sffe
etag: "4fd619331b8f64df"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 7A47 94 KB
28 KB 114ms
113ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28884
x-xss-protection: 0
server: sffe
etag: "6451d33588c99856"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 7A47 5 KB
2 KB 116ms
116ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1906
x-xss-protection: 0
server: sffe
etag: "83933b769a9f5701"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 7A47 40 KB
13 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12938
x-xss-protection: 0
server: sffe
etag: "3f9bab308b30f46e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7A47 3 KB
3 KB 71ms
51ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:28:44 GMT
x-content-type-options: nosniff
server: cafe
age: 4245
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 13 May 2023 17:28:44 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7A47 344 B
402 B 81ms
62ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 22:24:04 GMT
x-content-type-options: nosniff
server: cafe
age: 72925
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 12 May 2023 22:24:04 GMT

GET
DATA 200
OK truncated
/ Frame 7A47 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe5f9124c8f43688997b9be0920c82860c284410f6183f447608e05ed39a3d14

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 72E5 0
0 65ms
63ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssoMhGYav3hWJAubO7jrknEMLn-aFQOuC68GrDt_IepM2aR7h7y5cBj9K4uKJG0oGNuJn_3KFwuExXv7amlPblwPrv_MutYbvig31igY_Pqa1iicHdsAQE9DxnOhLPpqHwI0CYjq5oIBflBg5Vi2fQrvVWEjmZ1Dl3sxy3RJLSdsFGMqpGEuBe77Xxgdfoh8q6Nd40Cb5Io46lFA6JoUH9o58qjjlgaSxbihS0sv9Fh3Jq4rPYeTe_FUyUdECZC7pXrlZUUoIgh3Hc-ZqayvnSnyulykoTSkh3dmmfdPtYLTYWFW0-s_LAKyonrfRRzsQFl8VfQhX1wVPo_iVxHHvxVmHFqu7uH&sai=AMfl-YSqKFRgSbtlZvgyc_DEPqkKRgyIcoqn_g34ZD2w-es4nNOCdKEQGBx4AoScFJRphEKVcuOkiBtVKLGzcdlfT4PXnZ9eX2zISdX_jtyk8yTmUmHMVweAIHhv1Do9S35MUswDJ4BLyS4Yd8_iR-JZ&sig=Cg0ArKJSzB-I5AnPw6btEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 72E5 17 KB
18 KB 39ms
33ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: ob.gyCU597Y5NXDvo34ZIxNtuayfkMGL
date: Fri, 12 May 2023 18:38:40 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 50
x-amz-server-side-encryption: AES256
etag: "6c37b2eb5706a6225b62a75a80493f4a"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17750
x-amz-cf-id: 3VdwQtlPHO01BXey3MbUqxfwxivQdT7ZxRBaficADJBwJSLe8bfiQw==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 72E5 169 KB
52 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 18:39:29 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7A47 0
0 72ms
70ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CcfEG4IdeZO2HMeiTmLAP58C8iAjHqsGmcJTRy9qIEdrZHhABINLMgRpg-wGgAZ7lirMpyAEBqQLTpM-sbWaDPuACAKgDAcgDCqoE8QFP0BideLAb10zmAiEINYOLtWXQ173P0bnAKD8lExdctojKyLFbRQrVqvdJwGOOxHxRRHfuDFvbtW35IwbIrR0ypajRC7_gP3lBiGoKWIYT_YYq3ZSYGlcPotbL_sCBxiyVxBaQ0qXIB20Fseq5lGWawB9Idj-rUbvcB_2pL_TN4SSj5-O_-y7Rtbz2_hBp-nGfgFqwEclY99yypX29WdlfCUTF1-wiQ5IVpPuJ9lsd_SMNg7-fhtJxX63WyFPvkdWuPwmtro38bbR5y0DlF6q_BLGducBUPzu-JSUIC8EMW5atpBU8lq_Xmq1lK5CgBwyhwAS68p-urQTgBAGSBQQIBBgBkgUECAUYBIAHnp3bkgSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDGkCjSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMC0BUBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=NYxc9mxMfjw&uach_m=[UACH]&cid=CAQSTABygQiDNAbgC91pSyeBxaYAo4dUN6QFgfXg1w3QQCc8xLmo_b8mQrZROTcUWR6768knoxBph47XoSA4J4SOs1x9aXmmBip-TgsxIxIYAQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 361E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a6cd22aedbd56745488e6a0c6387a92aa7919102ab24f7aeae10dbd6ca123dc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 361E 0
0 68ms
68ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwpPKG9vfevMwLxJbYEplt0aCYRSHLxunLY-DnXNlTrM-mm6vopsOBNU9HfjVeFp88QI1dNdWmuaGosaiqooGly-n3x5ue63eDFXf3qpgZjnWyoJBynMAWJfQm1lFn02bwwFzoYCJzmoQL-lggniYkJPgpBYh6HOaC0hcLcTTzrQ7rRNbSKbCxJHFfuaJ3zU6ngH65sS5ociJ8c70eFEcltATeRc_ONgp-51irxPSEWDNpAmrpcD5IojqFktvYQDZfpTT3m1EXlx92DPqreTu3bcEapTwQP4lxJr_dZik9ZadFu9TQfnNeVlyybWeyMOzoth4uyqt8hnQV4xIBW3Q8BYsbVA&sai=AMfl-YTtGd9md5S_qM7bjiioRM0RU_QoVaiINy3K05AZ_YlnW6gJBrb-aZvYG-yIikyAXULT_D8MimlZmzwMoH_Ze1ZxwOFkWUqoRSuxh5OGXkEGzrhmfYH5yatYfNr-dYvJ1qwULqByqvk8FZ-FK_d-&sig=Cg0ArKJSzBKQvzlPKMOcEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 18:39:29 GMT

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
271 B 294ms
294ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=6c999d49-58b7-4970-b6a9-84a6f472bb3e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 193ms
127ms XHR
application/json 143.204.215.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=9950.84024585156&pid=5434&url=https%3A%2F%2Freurl.cc%2F1eNxG8
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-39.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 13c6ae2cace8d583fdb484388cdb6d1d00e2c8ad20914b6d4ff4c6d209a80a06

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
content-encoding: gzip
via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: 5XVWCSbKd-6Ez0j3FBqjj6PTMmOMaiwwDQxxCWYGB8ZMYvIBrR5CTg==

GET
H2 200 create Show response
referer-log.holmesmind.com/api/v1/kinesis/ Frame 72E5 51 B
261 B 819ms
271ms Fetch
application/json 35.79.93.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=14209&domain=reurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.79.93.246 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-79-93-246.ap-northeast-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ce6009784549f23bc40aad1f3d36249eaea5ec40bda20b7d6fde9d991ec5d3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 2896 7 KB
8 KB 32ms
32ms Document
text/html 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 55
content-length: 7381
content-type: text/html
date: Fri, 12 May 2023 18:38:35 GMT
etag: "7043648f76be8783efb738bc06c56fa0"
last-modified: Fri, 12 May 2023 12:41:50 GMT
server: AmazonS3
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-id: JlIIj3x3VgKmjz0ZdN2zx-TtfGENVM-YvPkWFML9klB6kBteXPMkMQ==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: g0kJBd1d_6cwYERnWXoezO5Gp4kZNFd5
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 72E5 662 B
1 KB 32ms
32ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: He2DoP0Ha8zOttRAwAGr.7jLYX29y3Yi
date: Fri, 12 May 2023 18:38:41 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 48
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: kr_lgL1ApvkVTlKGPZQI08K6wFTtIrivDCyw6ZZZqeNFBK0rtYiNoA==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 1CD0 15 KB
16 KB 30ms
30ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 2jfS5niCqaEjgvqNpSrOn8SIzVSO.B71
date: Fri, 12 May 2023 18:39:12 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 17
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: kwRW6agbKwRRsaZqds9xeJxuVuCwNY7q8jsFupsINOVkbIlLYbFSKQ==

GET
H2 200 create Show response
referer-log.holmesmind.com/api/v1/kinesis/ Frame 17C1 51 B
260 B 802ms
273ms Fetch
application/json 35.79.93.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=13856&domain=reurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.79.93.246 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-79-93-246.ap-northeast-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

1bfc2e2068ee2ce434a9273fee1accffeeacdad69ce3c220d9daa5fbed639a62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 8FB4 7 KB
8 KB 28ms
27ms Document
text/html 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 55
content-length: 7381
content-type: text/html
date: Fri, 12 May 2023 18:38:35 GMT
etag: "7043648f76be8783efb738bc06c56fa0"
last-modified: Fri, 12 May 2023 12:41:50 GMT
server: AmazonS3
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-id: i6Nd5FSmsyi6uX6Z45a9BKMbOH-tRIaTZY_UOSvSlDFMPEmiUKm9sw==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: g0kJBd1d_6cwYERnWXoezO5Gp4kZNFd5
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 17C1 662 B
1 KB 31ms
30ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: He2DoP0Ha8zOttRAwAGr.7jLYX29y3Yi
date: Fri, 12 May 2023 18:38:41 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 48
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: 3Gl-D739d8a_hODNv_pGfB70loYnnvegU67qNzxzfyOeTLE2c-g_8g==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 80FF 15 KB
16 KB 31ms
31ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 2jfS5niCqaEjgvqNpSrOn8SIzVSO.B71
date: Fri, 12 May 2023 18:39:12 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 17
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: NroLlu1l45vD7VO0AEuU4rg4LgnMAggjBoBbYVDao8nJeyMTM4UKvw==

GET
DATA 200
OK truncated
/ Frame 17C1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f291a1b521c7dcb68cdcccd779552796eb231f04beb3341115f65dd3e41f8f57

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 72E5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e927a36fd3ed96e5651c982cb686a5a63221228336be12442a1149bbea3e93b6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

rec.js Show response
img.scupio.com/js/ Frame 85B3
Redirect Chain

https://rec.scupio.com/recweb/js/rec.js
https://img.scupio.com/js/rec.js

21 KB
8 KB

24ms
24ms

Script
application/javascript

13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/js/rec.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
date: Fri, 12 May 2023 18:38:10 GMT
last-modified: Tue, 27 Dec 2022 03:54:11 GMT
server: nginx/1.15.2
x-amz-cf-pop: FRA60-P3
age: 81
etag: W/"63aa6c63-54dc"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=10800
x-amz-cf-id: 4JhS-F81-gVbGLkxdhWBcdoOgbvhRXBQMFbmQ_FpakvLDEoZlzEdvw==
expires: Fri, 12 May 2023 21:38:10 GMT

Redirect headers

Location: https://img.scupio.com/js/rec.js
Date: Fri, 12 May 2023 18:39:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 155
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame AAD0 2 KB
2 KB 1436ms
287ms XHR
application/javascript 203.69.60.97
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.9470761463733459
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-97.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bc344e2de5408abbf807cbe3ac1d6748df67fa270e4f679e1e16376b049bfcfa

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 12 May 2023 18:39:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: application/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1475

GET
DATA 200
OK truncated
/ Frame AAD0 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 40C2 0
217 B 844ms
267ms Document
text/html 35.73.17.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.73.17.156 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-73-17-156.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 12 May 2023 18:39:30 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame B56D 39 B
191 B 3160ms
3107ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Fri, 12 May 2023 18:39:32 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 2896 5 KB
3 KB 295ms
293ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 12 May 2023 18:49:29 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 2896
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
508 B

135ms
134ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Fri, 12 May 2023 18:39:29 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 2896 0
217 B 841ms
266ms Image
text/html 35.73.17.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.73.17.156 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-73-17-156.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame 8FB4
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
509 B

130ms
130ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Fri, 12 May 2023 18:39:29 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 8FB4 0
218 B 830ms
262ms Image
text/html 35.73.17.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.73.17.156 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-73-17-156.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame B338 0
217 B 831ms
267ms Document
text/html 35.73.17.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.73.17.156 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-73-17-156.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 12 May 2023 18:39:30 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 8A15 39 B
97 B 6122ms
6080ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Fri, 12 May 2023 18:39:35 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 8FB4 5 KB
3 KB 294ms
292ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 12 May 2023 18:49:29 GMT

GET
H2

200

rec.js Show response
img.scupio.com/js/ Frame 0B52
Redirect Chain

https://rec.scupio.com/recweb/js/rec.js
https://img.scupio.com/js/rec.js

21 KB
8 KB

23ms
23ms

Script
application/javascript

13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/js/rec.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
date: Fri, 12 May 2023 18:38:10 GMT
last-modified: Tue, 27 Dec 2022 03:54:11 GMT
server: nginx/1.15.2
x-amz-cf-pop: FRA60-P3
age: 81
etag: W/"63aa6c63-54dc"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=10800
x-amz-cf-id: huJQnJfVmUpquYO3zrhiz4pDsZwWhjRFjeUUF3mjOliivpiVW_NrRA==
expires: Fri, 12 May 2023 21:38:10 GMT

Redirect headers

Location: https://img.scupio.com/js/rec.js
Date: Fri, 12 May 2023 18:39:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 155
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame ADCC 2 KB
2 KB 1434ms
288ms XHR
application/javascript 203.69.60.97
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.325460718827963
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-97.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 564d0cec8fcd3d283892d8df0b7c42eb20bc51bf9051967ba6255899491df633

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 12 May 2023 18:39:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: application/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1476

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7A47
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

45ms
39ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date: Fri, 12 May 2023 18:39:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 cm Show response
t.ssp.hinet.net/ 0
187 B 295ms
294ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=6c999d49-58b7-4970-b6a9-84a6f472bb3e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:29 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
6c999d49-58b7-4970-b6a9-84a6f472bb3e.t.ssp.hinet.net/ 0
79 B 663ms
291ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6c999d49-58b7-4970-b6a9-84a6f472bb3e.t.ssp.hinet.net/pixel?bd=6c999d49-58b7-4970-b6a9-84a6f472bb3e&t=a546ca&referrer=%25%25%20referrer%20%25%25

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
DATA 200
OK truncated
/ Frame ADCC 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 1CD0 7 KB
1 KB 126ms
29ms Script
text/html 2600:9000:2250:b800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=14209
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:b800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 67988687e1abdb7513a40ec60f8ed45c834949e86c1c9fa76983d00590ce0da4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:31:51 GMT
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
age: 458
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: e399RTMV0iPy08jxMivKmF380vJC_AnlfC1X25RgPhq-vq3L60Kn7Q==

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.802/ 466 KB
139 KB 97ms
29ms Script
application/javascript 13.32.99.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.802/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-110.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86df418d759487f91b379ac929723336e45cf28b31395bb383bc4439b2150125

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:43:27 GMT
content-encoding: gzip
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2023 13:09:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 1907763
etag: W/"bc1129a1d65d16ce761ff5637cdc8f53"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ttIffacY4t5NDdzZCcu4xjoqrc3w6AIoQ7Y4CstTsmjM6sQqWd-qkw==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 80FF 634 B
639 B 120ms
30ms Script
text/html 2600:9000:2250:b800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:b800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9521562582cce8c20dc4e62e619a707d5484ee08f7ae6644888bbe19637afee7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:36:48 GMT
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
age: 160
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: wQxuajSxQ0pOmiI-fPbRHnxapEYzIH8WnhvHeojpLqkZ-YLAE3UOng==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 1CD0 2 KB
1 KB 454ms
453ms Script
text/html 13.113.235.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2F1eNxG8&n=707&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=4635-kEQhgs5GSvkpeNsDBL6qbSjzF8rDdkdc&fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.235.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-235-121.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c9aaf4004039d5ff52eb1349fe0caad024453df1de1fb739611732659af1fe99

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 12 May 2023 18:39:30 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 1CD0 6 KB
7 KB 29ms
28ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: YmcQm9NZcUCbyDpn5EKebTYjJUisXdJ6
date: Fri, 12 May 2023 18:39:29 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 9
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: BZOcu97rJvdJPivr0BUK8Ca0a8OOAoDLIY3ea9NhpMoafHankNSxlQ==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 80FF 2 KB
966 B 378ms
378ms Script
text/html 13.113.235.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2F1eNxG8&n=595&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=4635-kEQhgs5GSvkpeNsDBL6qbSjzF8rDdkdc&fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.235.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-235-121.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fda868c63d69eb6fa8e6bae75a033cbf2958f5f23d6c4d8e85d9aba612b39292

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 12 May 2023 18:39:30 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 48 B
713 B 487ms
125ms XHR
text/plain 35.208.216.174
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=FR&l4=desktop&l5=5.802&cb=0.9624558700401977
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/float.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: 6edd68731e514566c05a3e9332505817102a8b5db834a80176856647b4162ad9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 May 2023 18:39:30 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://reurl.cc
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 48

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 1CD0
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA

2 B
20 B

305ms
303ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 12 May 2023 18:39:31 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 8FB4 36 B
409 B 295ms
294ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

dc6ea806465fdf1a48a1a18d760c4c1c34b7679044d3a3a93d7a84c8a93648fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 2896 36 B
409 B 294ms
294ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

dc6ea806465fdf1a48a1a18d760c4c1c34b7679044d3a3a93d7a84c8a93648fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 1CD0 5 KB
3 KB 292ms
292ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 12 May 2023 18:49:30 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 80FF 5 KB
3 KB 292ms
291ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 12 May 2023 18:49:30 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame AAD0 87 KB
28 KB 89ms
41ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 18:39:30 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D87F 15 KB
6 KB 65ms
22ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:39:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 363831
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame AAD0 87 KB
28 KB 78ms
38ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 18:39:30 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 80FF 10 KB
11 KB 28ms
27ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2F1eNxG8&n=595&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=4635-kEQhgs5GSvkpeNsDBL6qbSjzF8rDdkdc&fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: p9KFUDDWRO3BYYYEMVPNj1hfUD1eD.B0
date: Fri, 12 May 2023 18:38:47 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 44
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: Mu6pV0WNdEgXFu3S1iRi4rWvWPKCrFSC12-dBB0vfwNocssHZfGJAg==

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 8FB4 30 B
278 B 294ms
294ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=6c999d49-58b7-4970-b6a9-84a6f472bb3e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2

200

sid Show response
mug.criteo.com/ Frame D87F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Hk4X3HxxSU5LSzFxREJCQ2RrbkVrREV4cndId2svR1V5WE5UMlFmOHpXQXJIN09WZnNvUU9PclBjRjdNUC95YVR5MUlWVkNnemxlRzBpY3ZLSzNZUUlXdHk5QWtFSVM1QU9TQjZyVllHTTNuNkNGVVAxelhhRy9EUkNqbH...

452 B
661 B

89ms
23ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Hk4X3HxxSU5LSzFxREJCQ2RrbkVrREV4cndId2svR1V5WE5UMlFmOHpXQXJIN09WZnNvUU9PclBjRjdNUC95YVR5MUlWVkNnemxlRzBpY3ZLSzNZUUlXdHk5QWtFSVM1QU9TQjZyVllHTTNuNkNGVVAxelhhRy9EUkNqbHUrT09oNEFZbk1KcWozMXpJdVk5TnlFS011bW8xWXRWaDhOcWhJR1RzS252eXozZGhQYkdLb29LRXcxcUh4WGNRa1lFcGFxeFh2SUF5cDRJdkRMb2E3UHl3N0Nxa3VmNDNyMjg2djhocUFybUw1aGhUU3JLNEFmeng1Z3BUYVJib3B3M1JNU0RzWVU3YkZtZlpoOE1sWVFJZmZ3R3ZWcHB1RU5sd3hDeHMwbXNGWXNpKzVpbz18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4420cb2de37c9758c356de714a235385d18759cfea20e97ac6668d2a045edd80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1548917
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Hk4X3HxxSU5LSzFxREJCQ2RrbkVrREV4cndId2svR1V5WE5UMlFmOHpXQXJIN09WZnNvUU9PclBjRjdNUC95YVR5MUlWVkNnemxlRzBpY3ZLSzNZUUlXdHk5QWtFSVM1QU9TQjZyVllHTTNuNkNGVVAxelhhRy9EUkNqbHUrT09oNEFZbk1KcWozMXpJdVk5TnlFS011bW8xWXRWaDhOcWhJR1RzS252eXozZGhQYkdLb29LRXcxcUh4WGNRa1lFcGFxeFh2SUF5cDRJdkRMb2E3UHl3N0Nxa3VmNDNyMjg2djhocUFybUw1aGhUU3JLNEFmeng1Z3BUYVJib3B3M1JNU0RzWVU3YkZtZlpoOE1sWVFJZmZ3R3ZWcHB1RU5sd3hDeHMwbXNGWXNpKzVpbz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 375813
content-length: 0
expires: 0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 1CD0 10 KB
11 KB 27ms
26ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2F1eNxG8&n=707&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=4635-kEQhgs5GSvkpeNsDBL6qbSjzF8rDdkdc&fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: p9KFUDDWRO3BYYYEMVPNj1hfUD1eD.B0
date: Fri, 12 May 2023 18:38:47 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 44
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: BQupcYdAMk2h7KuyEoeJREM6NJTzBKUL3iN3KixieDZgT-k9v9yMkg==

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame ADCC 87 KB
28 KB 30ms
30ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 18:39:30 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 1CD0 36 B
402 B 294ms
294ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

dc6ea806465fdf1a48a1a18d760c4c1c34b7679044d3a3a93d7a84c8a93648fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5FE7 15 KB
6 KB 26ms
26ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:39:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 1207542
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 360 KB
121 KB 121ms
45ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/float.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122883
x-xss-protection: 0
expires: Fri, 12 May 2023 18:39:30 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
51 B 285ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=5+wZ9R1jSZC/TTrY6bBrnq5s6iSvtNo3YL0uza8ZN6nIJRcJlzwC37Fx3f92QAWRjwPmMmngOyS8YU8FukIpOWfT2HLb6j+dGAmd18OzMXAHwixVGIoyJWQwH3YsbTwrJyS0fEaLMeh8czxzo5lL41bn9XM+/VORXB9M21eOndNKcBY6Uo6T4BNTj8IYFtN+WYsvf7W6cv3tL3B/sy9SqJGcl5hmCU1YGczrwRmR9YcXo3ai+3QBHROz42yuptv/
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
server: nginx/1.6.2

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5FE7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=hGAW3XxRRzV5SXBtQU8vc0VsNnZqVE9TTlc2YkhiVkk2RjNwZ1FqUXhGWFVhblZoS3JDdjN2aXI5WkphUlU1RXc4dFFyL25RdElvOE1PQ0FyVGhmSDV3QktPUGJUVUV3Ym9KWUNmbExBV0lzQ0NRUFJRMWZqbXprVGxka3...

430 B
650 B

24ms
24ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=hGAW3XxRRzV5SXBtQU8vc0VsNnZqVE9TTlc2YkhiVkk2RjNwZ1FqUXhGWFVhblZoS3JDdjN2aXI5WkphUlU1RXc4dFFyL25RdElvOE1PQ0FyVGhmSDV3QktPUGJUVUV3Ym9KWUNmbExBV0lzQ0NRUFJRMWZqbXprVGxka3UzYW1CZ2NTOUM0L3llRG9NdC9IQTZxNmpHZFhpVGs2Qi9tTW9VUHlaRU9icVU2RWc2bWZZU2VZSVpsaFdiZ3dMOUppYU5qRlhHUnpEMUF0cytrc3JCV3pmQ1RxUU1UQTNrKzlBT2VTSC9ybkpLcHlXLzl0WFkxNTR1YXZoTGNweWJpaSszQk5sc3hjdS94aDhyeDZyb0t2YzdQZ0NoMGoxT25aaXNFMTRGRm1QWVplczJmQT18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

33727cd7b09ccc39017b45fe0fae4921e6f7c5669aa8c544fcc60aba874cb77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1025862
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=hGAW3XxRRzV5SXBtQU8vc0VsNnZqVE9TTlc2YkhiVkk2RjNwZ1FqUXhGWFVhblZoS3JDdjN2aXI5WkphUlU1RXc4dFFyL25RdElvOE1PQ0FyVGhmSDV3QktPUGJUVUV3Ym9KWUNmbExBV0lzQ0NRUFJRMWZqbXprVGxka3UzYW1CZ2NTOUM0L3llRG9NdC9IQTZxNmpHZFhpVGs2Qi9tTW9VUHlaRU9icVU2RWc2bWZZU2VZSVpsaFdiZ3dMOUppYU5qRlhHUnpEMUF0cytrc3JCV3pmQ1RxUU1UQTNrKzlBT2VTSC9ybkpLcHlXLzl0WFkxNTR1YXZoTGNweWJpaSszQk5sc3hjdS94aDhyeDZyb0t2YzdQZ0NoMGoxT25aaXNFMTRGRm1QWVplczJmQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 311563
content-length: 0
expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 361E 42 B
404 B 192ms
131ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxWuDAvKNtYn4yCkE9c5kEuiGOB0B3OpklilMo6beFQTavVRxta6nvnQfdFTPpkfHkPzYaprcWgT2U-h0ud0UbSdAThmw7IaFR6ZCxd3gtrFBFil_F&sig=Cg0ArKJSzFV4piTGiYG7EAE&id=lidar2&mcvt=1008&p=1181,1599,1182,1600&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683916769198&rpt=342&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame AC1B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

281 B
554 B

129ms
49ms

Document
text/html

23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/float.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 May 2023 18:39:30 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 12 May 2023 18:39:30 GMT
location: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
server: AkamaiGHost

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bridge3.572.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C346 707 KB
226 KB 27ms
26ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 85156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231061
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 11 May 2023 19:00:14 GMT
expires: Fri, 10 May 2024 19:00:14 GMT
last-modified: Thu, 04 May 2023 18:03:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 120ms
38ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 18:39:30 GMT

GET
H2 200 v.php Show response
stg.truvidplayer.com/v5.802/ 166 KB
12 KB 140ms
139ms XHR
text/xml 143.204.215.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.802/v.php?st=GBCar6mZVsgr55zrEeDLrQ&e=1684003169&ver=5.802&adid=29e9a&videoUrl=//vid1250.trvdp.com/media/9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d/hls/9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d.m3u8&height=360&width=640&pageHref=https%253A%252F%252Freurl.cc%252F1eNxG8&videoId=9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d&d=reurl.cc&wid=7942&suid=1250&env_browser=Chrome%20113.0.5672
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/float.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-39.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 29e3c9f8912162548ee7aa860f6fbb84c0f890858c997b69e63d78ccc61b8d9f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
content-encoding: gzip
via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: SU5MbvbIV79b_PZ9YMQChfrCqI5P_GTmSkyWFZbMjxj9GdnunD95ew==

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=xbxXW9JJxaQSR19NsFN7HK5s6iSvtNo3YL0uza8ZN6nIJRcJlzwC37Fx3f92QAWRjwPmMmngOyS8YU8FukIpOWfT2HLb6j+dGAmd18OzMXB/TD8y9gjmIC5absRZnXQGLdIRVtQxZIFJxbruvZzn9FXyD8OO3hZOZk4dlFcVgmvXW+4dYz+Bee3wHhKVwILx1FpqpSn2Wqx7hL+Y++IZQC1z5xphU72+P1DbmUOWdwCGA3FebT0Zrb3n3kkGimur&cb=29505599
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QFUUq1oS0kin+UNSo2YreaoFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtdF62l+ELS0PzgO9kxrQrRht39DXoHcBRD5H/hdgcKiDwM2ZCua1Zl8BebX7mVYKVbgdSdEkWot+bD41+inQdqzzNn58VS1TkNpow1KO3qs/6lIh02LwacMuQ5if5E2FWvGikhlKkjTlRWklHJjhG1A=&cb=92211078
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
server: nginx/1.6.2

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
165 B 39ms
38ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 40ms
39ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QFUUq1oS0kin+UNSo2YreaoFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtdF62l+ELS0PzgO9kxrQrRht39DXoHcBRD5H/hdgcKiDsLIVIFKtBeoKjLL/Bzxmh3N/Ft7WYz/LeYjPfhNVGzPzNn58VS1TkNpow1KO3qs/6lIh02LwacMuQ5if5E2FWvGikhlKkjTlRWklHJjhG1A=&cb=87694654
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
server: nginx/1.6.2

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E3C5 42 B
64 B 187ms
134ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvV8RTgLIRdVcoZCQRHZUS5AEzbZ3k2l_j5PRxY2CCgHQYrdXDFq7rkrtnewKr58fuuKksH81la3AxUqW7kdY3tD-FzJJyodjpBV-oZiQtZTBuqd270xgd8AA0usdUm8q6e5xE2Rw&sai=AMfl-YRarRW772XP0jZVTx5JlQyanYrmNMP9DbmhoYRQL5K1r8xYlbEV5W_YgTCaoyTM8bp60BgYAtSscKizMceTrTUXd3mquus_puc_GLsBjDxWh3khgtdvSwTWm9-7ApE9zJorYuq8-VA84Q7GJg&sig=Cg0ArKJSzNBb0vb66a2LEAE&cid=CAQSTABygQiDNAbgC91pSyeBxaYAo4dUN6QFgfXg1w3QQCc8xLmo_b8mQrZROTcUWR6768knoxBph47XoSA4J4SOs1x9aXmmBip-TgsxIxIYAQ&id=ampim&o=315,511&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1031&mtos=0,0,1031,1031,1031&tos=0,0,1031,0,0&tfs=513&tls=1544&g=100&h=100&tt=1544&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7A47 42 B
64 B 185ms
133ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwE6i7HpvmdKYaXQidk7RdM2yTywUGSPbe4B97s5RUPbbXqBubSur9W4JEO4P89oxtLBjMd53BcCT80f9G7g8yqx0T-M_LjyFLTrotDTvpwa41anoNNWGIs-_pwDRRKq6BDdTrTg&sai=AMfl-YTleJKndu4qVEV4sOXuNSekz1Nte0NvOssSGqK4fQB7u-MuplICWWHoH93CCRpwfT0irJYOJQt3IrIn4keVy2l51ZZi0KpXLyONPKV-MLKeGxYJCtNhTB1Dtej43-yy_TmRPej1GlM3cyFoLA&sig=Cg0ArKJSzJQx52LlAxiyEAE&cid=CAQSTABygQiDNAbgC91pSyeBxaYAo4dUN6QFgfXg1w3QQCc8xLmo_b8mQrZROTcUWR6768knoxBph47XoSA4J4SOs1x9aXmmBip-TgsxIxIYAQ&id=ampim&o=650,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1034&mtos=0,0,1034,1034,1034&tos=0,0,1034,0,0&tfs=473&tls=1507&g=100&h=100&tt=1507&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
385 B 316ms
285ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVVBTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916770952&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 58C6 17 KB
18 KB 28ms
27ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: ob.gyCU597Y5NXDvo34ZIxNtuayfkMGL
date: Fri, 12 May 2023 18:38:40 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 51
x-amz-server-side-encryption: AES256
etag: "6c37b2eb5706a6225b62a75a80493f4a"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17750
x-amz-cf-id: A6h4jMoXp1h873W4F9upPa5hMzhfUlurc-GOqYLhEkpPCg3sPMiY0A==

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AC1B 34 KB
10 KB 27ms
27ms Script
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c8fcb56caf9cbe84a2f9bf49ffdad370f4d26f2988d7565a10be0bb2f40cc826

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 18:39:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 May 2023 11:59:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=62452
Connection: keep-alive
Content-Length: 10021
Expires: Sat, 13 May 2023 12:00:23 GMT

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 1CD0 0
187 B 300ms
298ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=4635-kEQhgs5GSvkpeNsDBL6qbSjzF8rDdkdc&mp=6c999d49-58b7-4970-b6a9-84a6f472bb3e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
6c999d49-58b7-4970-b6a9-84a6f472bb3e.t.ssp.hinet.net/ Frame 1CD0 0
79 B 299ms
297ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6c999d49-58b7-4970-b6a9-84a6f472bb3e.t.ssp.hinet.net/pixel?bd=6c999d49-58b7-4970-b6a9-84a6f472bb3e&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 pixel
6c999d49-58b7-4970-b6a9-84a6f472bb3e.t.ssp.hinet.net/ Frame 80FF 0
79 B 298ms
297ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6c999d49-58b7-4970-b6a9-84a6f472bb3e.t.ssp.hinet.net/pixel?bd=6c999d49-58b7-4970-b6a9-84a6f472bb3e&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 80FF 0
187 B 298ms
298ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=4635-kEQhgs5GSvkpeNsDBL6qbSjzF8rDdkdc&mp=6c999d49-58b7-4970-b6a9-84a6f472bb3e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 create Show response
referer-log.holmesmind.com/api/v1/kinesis/ Frame 58C6 51 B
260 B 276ms
275ms Fetch
application/json 35.79.93.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=13857&domain=reurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.79.93.246 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-79-93-246.ap-northeast-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

aee80027210ae75f2e8fb3327baa7cb67340c226af488b7aeba254096073e4e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame D499 7 KB
8 KB 28ms
27ms Document
text/html 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 57
content-length: 7381
content-type: text/html
date: Fri, 12 May 2023 18:38:35 GMT
etag: "7043648f76be8783efb738bc06c56fa0"
last-modified: Fri, 12 May 2023 12:41:50 GMT
server: AmazonS3
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-id: f_ACPWCeRXJ_x0k3253y4j5NR4ubB4lhZmnWYtrEH6Fk7_8I3c247A==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: g0kJBd1d_6cwYERnWXoezO5Gp4kZNFd5
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 58C6 662 B
1 KB 27ms
26ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: He2DoP0Ha8zOttRAwAGr.7jLYX29y3Yi
date: Fri, 12 May 2023 18:38:41 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 50
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: HOu_lNh1rXktD0N58GXMI-hzfAlPoByExuKf23D9fxgDI4oP-TZrxw==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame C7AF 15 KB
16 KB 28ms
27ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 2jfS5niCqaEjgvqNpSrOn8SIzVSO.B71
date: Fri, 12 May 2023 18:39:12 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 19
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: rsQK-E0CK_--qVlp8bSQKYz7Qo0RKKundCivRzBIycmjKPt-JIlxBg==

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame AC1B 284 B
536 B 125ms
25ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EB8F 74 KB
25 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8147d9b52e7fd16d9527f6d94a3706ec4ec9dc76800703cdbdf365b230963a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25241
x-xss-protection: 0
server: cafe
etag: 551 / 19489 / m202305090101 / config-hash: 17614658845055861683
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 May 2023 18:39:31 GMT

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame B022 0
217 B 267ms
263ms Document
text/html 35.73.17.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.73.17.156 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-73-17-156.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 12 May 2023 18:39:31 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 21CF 95 B
243 B 6111ms
6108ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Fri, 12 May 2023 18:39:37 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame D499 5 KB
3 KB 295ms
291ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 12 May 2023 18:49:31 GMT

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame D499 0
217 B 269ms
264ms Image
text/html 35.73.17.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.73.17.156 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-73-17-156.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H3 200 cm
c.holmesmind.com/ Frame D499 0
15 B 1185ms
1181ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame D499
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=463479-k5PJc4uyZB22BRNRvdVY3HGsMrygFJVz&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=463479-k5PJc4uyZB22BRNRvdVY3HGsMrygFJVz&uu_m=undefined&google_error=15

0
479 B

346ms
267ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=463479-k5PJc4uyZB22BRNRvdVY3HGsMrygFJVz&uu_m=undefined&google_error=15
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
x-guploader-uploadid: ADPycdvQ6SiHSjgYxeV2rIoDaKVeZ9s-8PztQ-R9MEsIi0Ns29_VgG-MeRKkNh3LOFJeH7C2-U6qZuO3hBkyasvFdjPLcEI50lNq
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Fri, 12 May 2023 19:39:31 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=463479-k5PJc4uyZB22BRNRvdVY3HGsMrygFJVz&uu_m=undefined&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame C7AF 1 KB
789 B 28ms
27ms Script
text/html 2600:9000:2250:b800:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:b800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8aa2fd2ba5f420936e45859aa1a7bdd856759604a02f91e1cc67ece7faa7de26

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:36:50 GMT
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
age: 161
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: YBWRVJvwepkRjVgXSyjXirBKJ6Tg5U-wqkjBbO9MMMeLVQ75Ga7R8A==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame C7AF 2 KB
1 KB 481ms
478ms Script
text/html 13.113.235.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2F1eNxG8&n=809&o=1&fc=4635-kEQhgs5GSvkpeNsDBL6qbSjzF8rDdkdc&d=1&b=2&ts=1&ii=2&FPCK=4635-kEQhgs5GSvkpeNsDBL6qbSjzF8rDdkdc&fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.235.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-235-121.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e9deabf9bce626df13b63392483730a9a288b4e9ad831c3ae4bc9067b01c139a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame C7AF 3 KB
3 KB 33ms
30ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: jZWRMF6DfgGAEuxV7OiKa5zXilO4_9M3
date: Fri, 12 May 2023 18:38:55 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 37
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: 0uEwaTz2piPDWhj5uJWkNVQBookF1tQlhdNUnwQLV7k_LepAJlrXGQ==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame C7AF 121 KB
40 KB 31ms
28ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-1e357"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 May 2023 18:39:31 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame C7AF 2 KB
3 KB 32ms
30ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: LGS_Q5gC0tPurvaHKUi6xVDk9WhcKf0f
date: Fri, 12 May 2023 18:38:55 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:40:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 36
x-amz-server-side-encryption: AES256
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: njP5zAbW282gDIG_qJrbs5JrfxgsyXfRCU8zSPID2wshVeha8MD9Ng==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame C7AF 4 KB
5 KB 32ms
31ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: u_HCojVE_YP5dbedhtJquNNFnU4zU8nR
date: Fri, 12 May 2023 18:39:06 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 28
x-amz-server-side-encryption: AES256
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: YqOesWxDVSSaj4rafvgoXHgcl5GSVlavmD3lCHCgF0Ak-7s-axhlag==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame C7AF 3 KB
3 KB 33ms
31ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: dhrqT1KgsnAlPqpr4boqwV8YobiVv2d1
date: Fri, 12 May 2023 18:39:27 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 11
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: fHMvyf2BPXG8SFd8701eW-WVJKsPCfmMrVv0Xwe47p3noH2ryO0GcA==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame C7AF 6 KB
7 KB 30ms
28ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: YmcQm9NZcUCbyDpn5EKebTYjJUisXdJ6
date: Fri, 12 May 2023 18:39:29 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 11
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: hDIkCi5aJZy2aNoYL6q6RB4KNM5sdSQ-op3BchIW-GqaPlTMOn42_g==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ Frame 85B3 93 KB
93 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:21:02 GMT
x-content-type-options: nosniff
age: 4709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94840
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 17:21:02 GMT

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 6E8C 1 KB
1 KB 27ms
25ms Document
text/html 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/html/ls.html

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3044
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 12 May 2023 17:48:47 GMT
etag: W/"583295c9-4dc"
expires: Fri, 19 May 2023 17:48:47 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.15.2
strict-transport-security: max-age=31536000
vary: Origin
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-id: OvEosZjUIVSUBqISf0mV6cL1d2D8YzVen-Z6o7-ycXUCTpa1y1bCNg==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame BEAA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0hBMjAyMzA1MTMwMjM5MzA3ODQ3OTA%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_error=15

0
209 B

290ms
289ms

Script
text/javascript

203.69.60.96
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_error=15
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Server: 203.69.60.96 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-96.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 18:39:30 GMT
Cache-Control: private
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 0
Content-Type: text/javascript

Redirect headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 266
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1E46
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

43ms
42ms

Document
text/html

23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 May 2023 18:39:31 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 12 May 2023 18:39:31 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H3 200 /
www.facebook.com/tr/ Frame BEAA 0
15 B 28ms
27ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&if=true&ts=1683916771128&cd[SBST]=17&cd[PuID]=reurl

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 12 May 2023 18:39:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame BEAA 35 B
413 B 372ms
91ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CHA20230513023930784790
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 18:39:31 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame C7AF
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA

2 B
20 B

300ms
300ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 12 May 2023 18:39:31 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame C7AF 0
170 B 260ms
253ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 12 May 2023 18:39:31 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame C7AF 2 KB
2 KB 300ms
298ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.14286469476692254
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: 12bfdb0fa8e9c1df655e569fb27015d8e5cd3ff493ab191c47c5a552d621cc82

Request headers

Referer: https://reurl.cc/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://reurl.cc
Date: Fri, 12 May 2023 18:39:30 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel
Transfer-Encoding: chunked

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame C7AF
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA

2 B
20 B

299ms
299ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 12 May 2023 18:39:31 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame C7AF
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA

2 B
20 B

297ms
297ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 12 May 2023 18:39:31 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=CF20NzyMC5CDdyQA44deZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame C7AF 2 B
289 B 24ms
24ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=60866821836

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ Frame 0B52 93 KB
93 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:21:02 GMT
x-content-type-options: nosniff
age: 4709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94840
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 17:21:02 GMT

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 97C7 1 KB
1 KB 25ms
25ms Document
text/html 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/html/ls.html?mid=52

Requested by

Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 166
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 12 May 2023 18:36:49 GMT
etag: W/"583295c9-4dc"
expires: Fri, 19 May 2023 18:36:45 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.15.2
strict-transport-security: max-age=31536000
vary: Origin
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-id: T2Fvm6okFiWcASzzxDWFnQfCarVG1QEuKS9q4oIB2M0AOaQb_XI_vg==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

POST
H/1.1 200
OK rec.aspx Show response
rec.scupio.com/recweb/ Frame 85B3 3 KB
2 KB 290ms
289ms XHR
text/javascript 203.69.60.96
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/rec.aspx?cb=0.447023805863318
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 203.69.60.96 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-96.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 984234e80c878bba750a5458e564e2851c83c88bc84c0e7d26d423037fda7a2d

Request headers

Accept: */*
Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 12 May 2023 18:39:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: text/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1744

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ Frame EB8F 402 KB
124 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3854
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127184
x-xss-protection: 0
server: cafe
etag: 3263738860219486170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 11 May 2024 17:35:17 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame EB8F 544 B
296 B 62ms
61ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 271
x-xss-protection: 0
expires: Fri, 12 May 2023 18:39:31 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame C7AF 0
209 B 24ms
20ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 May 2023 18:39:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1E46 34 KB
10 KB 42ms
41ms Script
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c8fcb56caf9cbe84a2f9bf49ffdad370f4d26f2988d7565a10be0bb2f40cc826

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 18:39:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 May 2023 11:59:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=62452
Connection: keep-alive
Content-Length: 10021
Expires: Sat, 13 May 2023 12:00:23 GMT

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 5443 1 KB
1 KB 23ms
22ms Document
text/html 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/html/ls.html

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3044
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 12 May 2023 17:48:47 GMT
etag: W/"583295c9-4dc"
expires: Fri, 19 May 2023 17:48:47 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.15.2
strict-transport-security: max-age=31536000
vary: Origin
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-id: vVBBfaHmfsoiopnbKOda9_KcBtGkYm2xfR2WVADjpijvTTuTJDaPdg==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame E90B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0RBMjAyMzA1MTMwMjM5MzE2MjQxNjE%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_error=15

0
209 B

465ms
289ms

Script
text/javascript

203.69.60.96
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_error=15
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Server: 203.69.60.96 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-96.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 18:39:30 GMT
Cache-Control: private
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 0
Content-Type: text/javascript

Redirect headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 266
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C48A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

27ms
26ms

Document
text/html

23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 May 2023 18:39:31 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 12 May 2023 18:39:31 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H3 200 /
www.facebook.com/tr/ Frame E90B 0
15 B 24ms
24ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 12 May 2023 18:39:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame E90B 35 B
413 B 382ms
98ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CDA20230513023931624161
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 18:39:31 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

POST
H/1.1 200
OK rec.aspx Show response
rec.scupio.com/recweb/ Frame 0B52 11 KB
3 KB 294ms
294ms XHR
text/javascript 203.69.60.96
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/rec.aspx?cb=0.17056026177427186
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 203.69.60.96 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-69-60-96.hinet-ip.hinet.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dc71dd0711e1e34c13aee1a80f75405469eafd22740d6002704612aba7c0bf6b

Request headers

Accept: */*
Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 12 May 2023 18:39:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: text/javascript; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 3080

POST
H2 204 csi
csi.gstatic.com/ Frame C346 0
225 B 318ms
101ms Ping
image/gif 2607:f8b0:400d:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhkwkg13&c=286247961035&slotId=143123980517.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0f::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1E46 284 B
536 B 26ms
25ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 94ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QCZBoJPBtUDc6CYv0fqC3cEFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtYSHfJrhn+7EaKpeUhhgjG8FpL/XS6n3JDUtuF2LFFt/2wrLExwEDBX/VU/6b2ZUPgDqLhrDPec2v3OpiGhfzKOapKaKR2wAVfMUjVZ1EzAxiEssKvzQSRgW99IdNG5fYK6Eew8RzbYbRznr+pgcvpg=&cb=69117951
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 36ms
35ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 38ms
37ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QCZBoJPBtUDc6CYv0fqC3cEFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtYSHfJrhn+7EaKpeUhhgjG8FpL/XS6n3JDUtuF2LFFt/F3HZOstDfNv1HQozQYeXxdXALHgM1WNDdp0kWkWlWLyapKaKR2wAVfMUjVZ1EzAxiEssKvzQSRgW99IdNG5fYK6Eew8RzbYbRznr+pgcvpg=&cb=65959521
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
server: nginx/1.6.2

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame C7AF 5 KB
3 KB 292ms
291ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 12 May 2023 18:49:31 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C48A 34 KB
10 KB 29ms
29ms Script
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c8fcb56caf9cbe84a2f9bf49ffdad370f4d26f2988d7565a10be0bb2f40cc826

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 18:39:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 May 2023 11:59:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=62452
Connection: keep-alive
Content-Length: 10021
Expires: Sat, 13 May 2023 12:00:23 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ Frame EB8F 107 B
122 B 36ms
36ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame EB8F 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EB8F 54 KB
13 KB 345ms
345ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1950118780903752&correlator=698547060165016&eid=31074171%2C31074475%2C31074544%2C31074604&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14209&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x100%7C320x100%7C320x50&ifi=1&adks=2995874615&sfv=1-0-40&sc=1&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&abxe=1&dt=1683916771362&lmt=1683916771&dlt=1683916771046&idt=282&adxs=800&adys=384&biw=1600&bih=1200&isw=320&ish=100&scr_x=0&scr_y=0&btvi=0&ucis=hvthjhd7ddf1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Freurl.cc%2F1eNxG8&ref=https%3A%2F%2Freurl.cc%2F1eNxG8&top=https%3A%2F%2Freurl.cc%2F1eNxG8&frm=23&vis=1&psz=320x100&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=1258364742.1683916768&ga_sid=1683916771&ga_hid=1346668004&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8c9b3a47d4d01d1f563d6e894ae1c04eb0e7a9e3d5c2ea2bd6c5821643f53ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12925
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EB8F 15 KB
11 KB 86ms
85ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75e8698416aa97f5ab1ae138d244f481311cf60eb4bda64c511edb834eb6fb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11249
x-xss-protection: 0

GET
H2 200 container.html Show response
7afaf970d13870117cfa822d98746727.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 21A0 6 KB
3 KB 49ms
34ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7afaf970d13870117cfa822d98746727.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:39:31 GMT
expires: Sat, 11 May 2024 18:39:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
142 B 195ms
194ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEGATRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2401263701&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916771392&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C48A 284 B
536 B 26ms
25ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame D499 36 B
409 B 294ms
294ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

dc6ea806465fdf1a48a1a18d760c4c1c34b7679044d3a3a93d7a84c8a93648fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EB8F 17 KB
7 KB 368ms
368ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 May 2023 18:39:31 GMT

GET
H2 200 adimg.js Show response
img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/ Frame 85B3 4 KB
2 KB 24ms
24ms XHR
application/javascript 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/adimg.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

96ab2c962212f8af22ffc89817fe5094db6a0d27b8cbaacd34323aa9007ca7fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 07:30:55 GMT
content-encoding: gzip
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
last-modified: Tue, 09 May 2023 07:26:44 GMT
server: nginx/1.15.2
x-amz-cf-pop: FRA60-P3
age: 299316
etag: W/"6459f5b4-1128"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: GtYRJOy5ElCrglWLLcYad3zIKyw2OvXtCh8nwUP2NpxMFy7OwkFmyA==
expires: Wed, 08 May 2024 07:30:55 GMT

GET
H2 200 CoverImage.js Show response
img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/ Frame 85B3 1 KB
1 KB 25ms
24ms XHR
application/javascript 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/CoverImage.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

4f2550e7b2d196012cba43a5342aa57a7a577c7b212f0f168be54b0ba7ba90b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 07:30:07 GMT
content-encoding: gzip
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
last-modified: Tue, 09 May 2023 07:26:44 GMT
server: nginx/1.15.2
x-amz-cf-pop: FRA60-P3
age: 299364
etag: W/"6459f5b4-514"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 4rQDMlCrXHpnV48He3_17BX60vYJwGFJ5cFTwdeIAT3WfhvzrpwiaA==
expires: Wed, 08 May 2024 07:30:07 GMT

GET
H2 200 4ce7464e-044a-40c9-805b-f546f30e30da.jpg
img.scupio.com/dsp/ad-image/1015/4/ Frame 85B3 137 KB
138 KB 25ms
25ms Image
image/jpeg 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.scupio.com/dsp/ad-image/1015/4/4ce7464e-044a-40c9-805b-f546f30e30da.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

e33bdba6d6f3c2bad88f882a4d269c5af1fce07b2093d601e2b4dcaa7d1b78e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 18:36:50 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 161
x-cache: Hit from cloudfront
content-length: 140334
last-modified: Thu, 20 Apr 2023 04:24:55 GMT
server: nginx/1.15.2
etag: "6440be97-2242e"
vary: Origin
content-type: image/jpeg
cache-control: max-age=21600
accept-ranges: bytes
x-amz-cf-id: rmfegkxiCLHMY7xTSDf8c6DBpHQCFBvkb6zCt1as8APGS_QOUyFFbw==
expires: Sat, 13 May 2023 00:36:50 GMT

GET
H2 200 ad469.js Show response
img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/ Frame 0B52 25 KB
10 KB 25ms
24ms XHR
application/javascript 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/ad469.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

f2c2202fdd3403d84d4ccacdcb4f8fd66b00af46808097f4332242536fa28c45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 07:31:03 GMT
content-encoding: gzip
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
last-modified: Tue, 09 May 2023 07:26:44 GMT
server: nginx/1.15.2
x-amz-cf-pop: FRA60-P3
age: 299308
etag: W/"6459f5b4-62ae"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: s2u0Tc897ZIqvNwqh-83pZBp6EIXi1i5-AzsxWai0nWam8_NUJUhJg==
expires: Wed, 08 May 2024 07:31:03 GMT

GET
H2 200 CoverImage.js Show response
img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/ Frame 0B52 1 KB
1 KB 23ms
23ms XHR
application/javascript 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/CoverImage.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

4f2550e7b2d196012cba43a5342aa57a7a577c7b212f0f168be54b0ba7ba90b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 07:30:07 GMT
content-encoding: gzip
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
last-modified: Tue, 09 May 2023 07:26:44 GMT
server: nginx/1.15.2
x-amz-cf-pop: FRA60-P3
age: 299364
etag: W/"6459f5b4-514"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: A_e8ODnDzopEG-dD79DI4Ulejypb9kXDj_SRiZb1Ex4D8VyzBJX2hg==
expires: Wed, 08 May 2024 07:30:07 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame C7AF 10 KB
11 KB 30ms
29ms Script
application/javascript 2600:9000:223c:aa00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2F1eNxG8&n=809&o=1&fc=4635-kEQhgs5GSvkpeNsDBL6qbSjzF8rDdkdc&d=1&b=2&ts=1&ii=2&FPCK=4635-kEQhgs5GSvkpeNsDBL6qbSjzF8rDdkdc&fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:aa00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: p9KFUDDWRO3BYYYEMVPNj1hfUD1eD.B0
date: Fri, 12 May 2023 18:38:47 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:41:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 45
x-amz-server-side-encryption: AES256
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: FcEsKdwEZvP_lWgOaM_9xfnWddp5xYQwgcJBcUUtlRgz3k9IyHE7dw==

POST
H2 204 csi
csi.gstatic.com/ Frame C346 0
45 B 101ms
101ms Ping
image/gif 2607:f8b0:400d:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhkwkgd5&c=286247961035&slotId=143123980517.5&ghmsh_eids=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0f::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QLtU5so1sqe5N7ff+1fw/O8FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtawOROhSLinjWH3rvU701kTK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=32356133
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QLtU5so1sqe5N7ff+1fw/O8FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtawOROhSLinjWH3rvU701kTK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=15529013
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
142 B 184ms
184ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVEATRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916771598&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 0B52 2 KB
644 B 99ms
36ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@900

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5700bfcb505c60e0f1a05212cb1f4d394dee20e56920da711271b926938f4d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 18:39:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 18:39:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 0B52 2 KB
2 KB 98ms
35ms Image
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@900

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 May 2023 18:36:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 May 2023 18:39:31 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304262219000/ Frame D305 222 KB
60 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61839
x-xss-protection: 0
server: sffe
etag: "ccf36922213b3ec5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame D305 15 KB
5 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5222
x-xss-protection: 0
server: sffe
etag: "4fd619331b8f64df"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame D305 94 KB
28 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28884
x-xss-protection: 0
server: sffe
etag: "6451d33588c99856"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame D305 5 KB
2 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1906
x-xss-protection: 0
server: sffe
etag: "83933b769a9f5701"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame D305 40 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12938
x-xss-protection: 0
server: sffe
etag: "3f9bab308b30f46e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D305 3 KB
3 KB 27ms
26ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:28:44 GMT
x-content-type-options: nosniff
server: cafe
age: 4247
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 13 May 2023 17:28:44 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D305 344 B
368 B 28ms
27ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 22:24:04 GMT
x-content-type-options: nosniff
server: cafe
age: 72927
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 12 May 2023 22:24:04 GMT

GET
DATA 200
OK truncated
/ Frame D305 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea8b9b393a2914eeed95889a14481c60d628fa1de7fc8a24f5e7e187aa5af76d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 l
www.google.com/ads/measurement/ Frame D305 0
0 38ms
37ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTp6h6RUqZMrTp-2Uoqb6xK-kyehhtSp0azQbrc6kkiOXCPEkuU87jIzJuSDgCtj0BN9Tg-igbXj8BJEQB8iNLsGiLJVQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D305 0
0 71ms
71ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdJNj44deZO_RGYnh1gaWtJaACceqwaZwlNHL2ogR2tkeEAEg0syBGmD7AaABnuWKsynIAQGpAtOkz6xtZoM-4AIAqAMByAMKqgTxAU_QBgZpH3YciDOMsendOJnSwwssW_W7QRvFP7gtxl-NsaGWR9wALXuLrNO7NPs7nQWNee9sT5Yx3-pGfqQmL_ADDrfa3r2s1MLXnGt4_Fen0oLYJeM2mzKtbEjfMP4lraBbzIoE-KERq0i9PiBmY173j2m-sTw393F3qVhXqZNPFxZa2TlRzk3jqp3NNHwbaZt2adeSCub05D7hCb04PRmPsNSXs4CG8qlfo63xrBJbpZF_z1dvcLJ4Dw56LsnE3zP3VlIaIcnW81Z7xBB6Re8oX3LgSQRZbJLsA9EUfkDbKGTcxo__I6r-Wac1s54VQtHABLryn66tBOAEAZIFBAgEGAGSBQQIBRgEgAeenduSBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELDEBdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=e2FRJvZZf2Y&uach_m=[UACH]&cid=CAQSPABygQiDEFSs1hTsj3ovPKxISQPwu2U_3ODm91kZyYHGyJI67agE5kYrRGAlBOLqopQgP2l0QlwehuDKgxgB
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 ddca71f2-8ccd-41ea-ba09-ca891c903419.jpg
img.scupio.com/dsp/ad-image/1125/d/ Frame 0B52 32 KB
32 KB 36ms
25ms Image
image/jpeg 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.scupio.com/dsp/ad-image/1125/d/ddca71f2-8ccd-41ea-ba09-ca891c903419.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

9dcb97a68a752b64c7962e23147454a8269d1ff3434d635371f673b26ffbe494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 May 2023 18:21:36 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 1075
x-cache: Hit from cloudfront
content-length: 32668
last-modified: Fri, 02 Sep 2022 07:25:47 GMT
server: nginx/1.15.2
etag: "6311affb-7f9c"
vary: Origin
content-type: image/jpeg
cache-control: max-age=21600
accept-ranges: bytes
x-amz-cf-id: 8RfrEJq80W4VpY0yF58mf8xIeG0lilXwxN06RLxD3WgU64vV8y-EZA==
expires: Sat, 13 May 2023 00:21:36 GMT

GET
H2 200 GW4354.jpg
img.scupio.com/ec/x/1125/250/354/ Frame 0B52 6 KB
7 KB 38ms
28ms Image
image/jpeg 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.scupio.com/ec/x/1125/250/354/GW4354.jpg?h=e3a3208fccbd63eb3b5d68144114dabe&v=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

26bd909327013c41bbededbdffbf3f99275825a3d019b970905131b975852f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:04:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 5678
x-cache: Hit from cloudfront
content-length: 6579
last-modified: Fri, 12 May 2023 16:27:46 GMT
server: nginx/1.15.2
etag: "645e6902-19b3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=21600
accept-ranges: bytes
x-amz-cf-id: d_EQe_J78FK5eQm37tTopJNZFyT7595qJ_nST_NnZeZeXU2ggDPB6g==
expires: Fri, 12 May 2023 23:04:53 GMT

GET
H2 200 HP8638.jpg
img.scupio.com/ec/x/1125/250/638/ Frame 0B52 8 KB
8 KB 39ms
29ms Image
image/jpeg 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.scupio.com/ec/x/1125/250/638/HP8638.jpg?h=ea631ea7b2a116479ba3cbc95f47fe74&v=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

a43d6826bf5648f544c51c8f4be5ad3aefc15c724868de6c0fac6f216e1175fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:04:54 GMT
strict-transport-security: max-age=31536000
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 5677
x-cache: Hit from cloudfront
content-length: 7749
last-modified: Fri, 12 May 2023 14:21:56 GMT
server: nginx/1.15.2
etag: "645e4b84-1e45"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=21600
accept-ranges: bytes
x-amz-cf-id: 6Inj47xoqCx-W-xHyI5RmB3obDgHgUcLebkhuwli_y-AlRmL7hSmLg==
expires: Fri, 12 May 2023 23:04:54 GMT

GET
H2 200 GW1490.jpg
img.scupio.com/ec/x/1125/250/490/ Frame 0B52 8 KB
8 KB 39ms
29ms Image
image/jpeg 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.scupio.com/ec/x/1125/250/490/GW1490.jpg?h=d182144d9f88b6d5b74e79dd311b3ed3&v=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

2b5db8e470470e1b9e5034b6cc6ff27da56601ed7137eb20d0c307a1217fea2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:12:48 GMT
strict-transport-security: max-age=31536000
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 5203
x-cache: Hit from cloudfront
content-length: 8194
last-modified: Fri, 12 May 2023 16:29:01 GMT
server: nginx/1.15.2
etag: "645e694d-2002"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=21600
accept-ranges: bytes
x-amz-cf-id: 3Og7XRoNeKsRKRu9sUvag3ImFkqfSwy9hnp-REOIMaQh_uCwHPqByw==
expires: Fri, 12 May 2023 23:12:48 GMT

GET
H2 200 HT5795.jpg
img.scupio.com/ec/x/1125/250/795/ Frame 0B52 5 KB
5 KB 341ms
331ms Image
image/jpeg 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.scupio.com/ec/x/1125/250/795/HT5795.jpg?h=9b1183f862d5b1bd16f9edd0aeebcd7e&v=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

ef60d4e301c3e05ac60acef0d2d239fc29ac4ec9dd539463986d357d230bf3ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
strict-transport-security: max-age=31536000
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 12:48:56 GMT
server: nginx/1.15.2
x-amz-cf-pop: FRA60-P3
etag: "645e35b8-12cb"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=21600
accept-ranges: bytes
content-length: 4811
x-amz-cf-id: r1MW352D47d2Dz9f8vlx5wOFRz72WwYDzlFakmsNEcqPt-uIAboYdQ==
expires: Sat, 13 May 2023 00:39:31 GMT

GET
H2 200 IC5463.jpg
img.scupio.com/ec/x/1125/250/463/ Frame 0B52 8 KB
8 KB 40ms
30ms Image
image/jpeg 13.32.99.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.scupio.com/ec/x/1125/250/463/IC5463.jpg?h=9586be2940484e518d2c6cde84787ae9&v=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-37.fra60.r.cloudfront.net

Software

nginx/1.15.2 /

Resource Hash

9c625b2dee0ad6874d1a0ad9f5af6af48f9fdb74e2db20a8e39fc8536636a38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:36:48 GMT
strict-transport-security: max-age=31536000
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 3763
x-cache: Hit from cloudfront
content-length: 7763
last-modified: Fri, 12 May 2023 14:23:36 GMT
server: nginx/1.15.2
etag: "645e4be8-1e53"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=21600
accept-ranges: bytes
x-amz-cf-id: GyAO3lTALWPR6W_-75g8Q4DoQEIC3C0fGNxtFsPeyFCLLdLI7CWh1Q==
expires: Fri, 12 May 2023 23:36:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0B52 15 KB
16 KB 93ms
26ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://img.scupio.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 16:38:09 GMT
x-content-type-options: nosniff
age: 266482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 May 2024 16:38:09 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QIIVgvLfxatFR7OsobncBrQFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtVSWocA9oeUtxFRFFVIdEawFpL/XS6n3JDUtuF2LFFt/2wrLExwEDBX/VU/6b2ZUPgDqLhrDPec2v3OpiGhfzKOapKaKR2wAVfMUjVZ1EzAxiEssKvzQSRgW99IdNG5fYK6Eew8RzbYbRznr+pgcvpg=&cb=38254154
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QIIVgvLfxatFR7OsobncBrQFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtVSWocA9oeUtxFRFFVIdEawFpL/XS6n3JDUtuF2LFFt/F3HZOstDfNv1HQozQYeXxdXALHgM1WNDdp0kWkWlWLyapKaKR2wAVfMUjVZ1EzAxiEssKvzQSRgW99IdNG5fYK6Eew8RzbYbRznr+pgcvpg=&cb=42215551
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:31 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
142 B 238ms
238ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEBATRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2401263701&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916771856&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5D0C 13 KB
5 KB 27ms
26ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:36:18 GMT
expires: Sat, 11 May 2024 18:36:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B5E0 783 B
533 B 38ms
36ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e2efa959490e8690ee22e57c7f551571aece6416129ce186cb86edee761b7973

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SikRacNOKf0iZroo1FdzYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-SikRacNOKf0iZroo1FdzYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:39:31 GMT
expires: Fri, 12 May 2023 18:39:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame D499 0
194 B 297ms
296ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=463479-k5PJc4uyZB22BRNRvdVY3HGsMrygFJVz&mp=6c999d49-58b7-4970-b6a9-84a6f472bb3e

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
6c999d49-58b7-4970-b6a9-84a6f472bb3e.t.ssp.hinet.net/ Frame D499 0
79 B 292ms
291ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6c999d49-58b7-4970-b6a9-84a6f472bb3e.t.ssp.hinet.net/pixel?bd=6c999d49-58b7-4970-b6a9-84a6f472bb3e&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame 5D0C 37 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 05:49:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 05:49:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B5E0 0
0 126ms
126ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305090101&jk=1950118780903752&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5D0C 0
10 B 26ms
26ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?d7N1Kg
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QB+A4jrZDU4m0lYYWVThTP8FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtaGShH9T7aqO6j56Wp/Q7sINgKsnF2fSu2nDjTnPDenr2wrLExwEDBX/VU/6b2ZUPmjawHHtTVm9Acirlto/Y7U6oCccattW3DQwCGsxVHkcvOAamaPyeL29Emyx6+y0Mtk6bHTlIdEjmTcrj7e/sDs=&cb=20800135
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 36ms
35ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QB+A4jrZDU4m0lYYWVThTP8FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtaGShH9T7aqO6j56Wp/Q7sINgKsnF2fSu2nDjTnPDenr11vuHWM/gXnt8B4SlcCC8XgwzsOyGJSAqbKrBKK5goM6oCccattW3DQwCGsxVHkcvOAamaPyeL29Emyx6+y0Mtk6bHTlIdEjmTcrj7e/sDs=&cb=24812093
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
142 B 214ms
214ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVVATRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916772104&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame DA29
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
39 KB

82ms
26ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7072
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39829
last-modified: Tue, 25 Apr 2023 05:37:58 GMT
server: cloudflare
etag: "64476736-9b95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LH2Skahx078AbaY7u7b3eDYO4WyRVl0bhZDY0gA9YTgyrobptB9dNFYou60II4RfbjkSBkWswDoXf9iKO6Blu2XJtLRsDckMiqVx6HZnq4jhiEfShr8Png7Img5gk0eK9ZiEKAbexN%2FRYhtmsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c64c8f54bcb0274-CDG

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QJdJ2AfS43FPTDvTBPGN5XkFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtesQWU44o9nLY5VhuFqOMpLK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=48402810
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QJdJ2AfS43FPTDvTBPGN5XkFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtesQWU44o9nLY5VhuFqOMpLK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=21320403
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
142 B 196ms
196ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEIVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2401263701&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916772327&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QClSx+0Xn6BE58xYz3DN2lUFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtbMUyltTeR9zfB+ANX3goGwZzhot0SyIu41octV/2mwL2wrLExwEDBX/VU/6b2ZUPuq1/hIfo8XV537Nl4VRw5FNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=21476630
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QClSx+0Xn6BE58xYz3DN2lUFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtbMUyltTeR9zfB+ANX3goGwZzhot0SyIu41octV/2mwLWo5MjD/Bz+AwOLWI+Oomrit77Wi9GWtipmKd4YD93FRNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=97349573
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
142 B 175ms
175ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVIVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916772532&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EB8F 0
0 132ms
131ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305090101&jk=1950118780903752&bg=!6eql6r7NAAYldGN0BXQ7ADkAdvg8WpKh8Pwb0LU95uOlQ3XHzULHR-EDAouvTCDAlnDgbN7IJj7JtwEglmcbnWC6ZGrOmkZ2198CAAAAVFIAAAACaAEHmQLi9uiaOsBPYp3eE03ht-LP6eWuVCajLGYhOw0lFAocdxEQTr5UcCJbEjk9pkOfo_Wu5CkvNAf4GYbwQGZiG8pkbRjt_-uBq3Vf60ay9X4R3-DPxcZ7PqKnqXJEhqfBig2H9zcnwLU6EHakQYZx-A-_dDDB9FjvdkWMKd4h8yzUvuPlH3CvNPnqIaXMMo7q3t38eIApjhuNXcvibe1aoYOFZfEJFwiwwMSBfCH9PaEphpMIzT5VYayyJUjEPq65ayv4XlwAsbkDDkSNzP-RQm2Am7j54_b3XTIQDssl_wHOadhAII-QIyAZVtH9Xm08hnc5F8fSCW70ZiBv0hUlmgSezeWa8Wla_HdFUFJfMl1IokKUwRP0eSNFVHfzlbqivFix1wihIPxSiBQdILGRxtQf8EMLz1-c1bqC5vUsEFVymoRhQuBekob38LixUK_jSsKGeTd49cLgS68d6J_5Gx0u3Bsb-ib9_fCfwVOOZOmLSPhZntYSsQBoyf-X1u_EHVZ36RClvtaY68cOmd72tZhMVrTokvgFUg7ShDckOEFLHeL7Adf5HAl__mebLNGluRcfyQhv05EPQHergM3aVQxlAti-KrxBfzJfJ2zelNPMS3c8iNQRO5tDdAISoZB-jfWNCxQEtzY8WKbmrYoUNV10k9E6n0-1Mh3_E6oRDnf__djE4efn1ovu78xmoUmy0m-n_nyBcEU2iHZ5_DAej0sWa-W7Jz0078SOJVhPfs77vibsC4ojgxNt_lbGzskuK5zLVM8WO4cvSQSP4lpPnc5psnJIM1SCWS_LxADNAl4EVOLPM0RG3o9aS7C9-7ASds0BVLss1PiyZV7QbKqMh_uS1D_xQF-_7uDQjiLE5ie_szSiBFFZlqTQrgTCcNFRouNqmU2B3ivTbml6WP6LnBkviHn1dyEHdMK7SqgOLYl_-cKwRSWrvcJqyZaqWbqnkBYHVOIQlKY_1cu4YBUtNoi6RbS6
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 59ms
20ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 12 May 2023 18:39:31 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 265084
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame AAD0 2 B
372 B 24ms
23ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 296531
expires: 0

GET
H3 200 cm
c.holmesmind.com/ Frame AAD0 0
13 B 124ms
123ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame AAD0 35 B
266 B 325ms
92ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 18:39:32 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QD3Ah3MVBY8QzGzQLHWIpEAFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtd1A0rnRyp5DD2KVPvXzFcTK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=94296835
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QD3Ah3MVBY8QzGzQLHWIpEAFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtd1A0rnRyp5DD2KVPvXzFcTK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=56523426
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
142 B 244ms
244ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEHVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2401263701&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916772717&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame DA29 975 B
631 B 27ms
27ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8149
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCFAkZksFRQwIreopok8sW9FpturwAqAnYf53EYPiUpTSBhVNsCDZZRQ9Aw4uFIyl%2FcsGn5yRDMIjuUb3EnNSvBhShWt9lipyq9LW%2BQXXqCB%2BTD6tPUPPDz3KWj57qdHJVSjI3JGnfdGA9MK3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7c64c8f59c0d0274-CDG

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame DA29 46 B
486 B 226ms
93ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: f9e5aa0fb28ac99f2b3eab96136b09e35b7a7d1eb8f0de20a1a1d115560d9372

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 18:39:32 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame DA29 686 B
1 KB 302ms
122ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2F1eNxG8&adid=ad-BE7A8D43E47B3D23C77A9993A9B8A778&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.06493154806385859&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 200ef97a4ddfb724323a78acf5ac4565b869c9916c26f5e3e04a2a0622759f52

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 18:39:32 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: bf6e9033-b29a-366d-9e14-0d542be61e09
X-Adtype: html
Connection: close
Content-Length: 686

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 21ms
20ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 12 May 2023 18:39:32 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 276096
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame ADCC 2 B
372 B 21ms
20ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 294459
expires: 0

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame ADCC 35 B
266 B 272ms
91ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 18:39:33 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cm
c.holmesmind.com/ Frame ADCC 0
13 B 129ms
129ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 72E5 0
0 64ms
64ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9N8S5MuYR4QY564ItWPsdTEUXu-KBhj6b2adgjtP-KdQPaXs2tyvpToP_NytOF4sHaZpTCq6SxbfKace9_LujfgMi0ClVRPattk0bembi0XKVQTAhRR-pZIOdeQNMMHsaN5op5ZqRa6xL4zf02G3AcI-IdWJ0BFuCt1X6ZQw-nqxIQbMpmG4NtCJm94Dq9ECVuZ61CV1IR1-CMVSWiyVJySzDwnvdFHXJWUQuy5MFrn5m71YUxQKHSK3zeSPWPFaQSKOaID90JQzixXk2mfC_6ADdoO2OYJTShAqo9sUqw9xDv7deViioddn54nFinbVZ_J0sle0HoWjTLZJque7Gwi4QXELJC4g&sai=AMfl-YT9q9enku-6P5QzZ1CIqvjXvj_0Di0b8z7iV0ffFOeTIt1nAYuD9tndZQx_mn8UmuKKYQge9ELpQLwfnbzPvo2L14Bvj3g2WIM6yD1zStTYuWBuKxTwHVC2p4RbBiGX-4xrKxU5Ey2x1pTtTNWO&sig=Cg0ArKJSzMvpt0498ad6EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 18:39:32 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 62A4 714 B
816 B 27ms
27ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
age: 5745
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7c64c8f70a57d70e-CDG
content-encoding: br
content-type: text/html
date: Fri, 12 May 2023 18:39:32 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcET16nR1mIj%2FAvi%2FWJReDT%2FCu%2F13jYLDfoNc9lWnVB%2BEwXrmo3b%2BpdyKqvShVYqmY%2Bf7j6Oduhz8UaG5cbdSI6B5bKalirLTgwicE4ygAF34YB0aZfnspQ%2BS3AnZMM5c4%2F2umxW5pbxoaFdIg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame DA29 35 B
384 B 278ms
93ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 18:39:33 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QN2+Clq+7E3mUq8m5zn9UN4FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtaw4tb5Ej6vnA2RF7EJF7Z0Zzhot0SyIu41octV/2mwL2wrLExwEDBX/VU/6b2ZUPuq1/hIfo8XV537Nl4VRw5FNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=25698499
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 47ms
46ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QN2+Clq+7E3mUq8m5zn9UN4FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtaw4tb5Ej6vnA2RF7EJF7Z0Zzhot0SyIu41octV/2mwLWo5MjD/Bz+AwOLWI+Oomrit77Wi9GWtipmKd4YD93FRNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=96227120
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
142 B 171ms
170ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVHVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916772972&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 62A4 74 KB
25 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcfafe22b8e5b8ecc7968f696adf971ba72c181c438bce9bd34a0dd6a2eeed2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25241
x-xss-protection: 0
server: cafe
etag: 349 / 19489 / m202305090101 / config-hash: 17614658845055861683
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 May 2023 18:39:33 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5BFB 74 KB
25 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c80a750fe1491cd99b4b774c84102f3524ad54b1caa314391e6a5846dd88b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25241
x-xss-protection: 0
server: cafe
etag: 970 / 19489 / m202305090101 / config-hash: 17614658845055861683
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 May 2023 18:39:33 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ Frame 62A4 402 KB
124 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3856
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127184
x-xss-protection: 0
server: cafe
etag: 3263738860219486170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 11 May 2024 17:35:17 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ Frame 5BFB 402 KB
124 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3856
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127184
x-xss-protection: 0
server: cafe
etag: 3263738860219486170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 11 May 2024 17:35:17 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 5BFB 544 B
296 B 62ms
61ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 271
x-xss-protection: 0
expires: Fri, 12 May 2023 18:39:33 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 94ms
94ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QMsD09YqqVXViLrtn4kY9MkFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtb0wru9+ilk9nuOf3BFE083K5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=58955344
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 94ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QMsD09YqqVXViLrtn4kY9MkFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtb0wru9+ilk9nuOf3BFE083K5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=08167853
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
142 B 148ms
148ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEGVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2401263701&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916773154&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ Frame 62A4 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 62A4 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 62A4 492 B
266 B 63ms
62ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4369492487695154&correlator=4400284563331873&eid=31074470%2C31074539&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1683916773180&lmt=1644386353&dlt=1683916772991&idt=169&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=n4v6udgv61y4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=6&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1180550349.1683916773&ga_sid=1683916773&ga_hid=1923404584&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31668a5ba57259635575401d1228d49c3e995d4106b78d128f81e816df4d3685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6559e625a131bf5147f5aa56845625c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5CA2 6 KB
3 KB 50ms
34ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6559e625a131bf5147f5aa56845625c4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:39:33 GMT
expires: Sat, 11 May 2024 18:39:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ Frame 5BFB 107 B
122 B 37ms
37ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5BFB 107 B
122 B 36ms
36ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5BFB 50 KB
12 KB 338ms
338ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=789888948059410&correlator=2038253106169787&eid=31074303%2C31074536%2C31074539&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13856-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3792348143&sfv=1-0-40&sc=1&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&abxe=1&dt=1683916773228&lmt=1683916773&dlt=1683916772733&idt=484&adxs=270&adys=233&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=c6izx6778gif&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=6&url=https%3A%2F%2Freurl.cc%2F1eNxG8&ref=https%3A%2F%2Freurl.cc%2F1eNxG8&top=https%3A%2F%2Freurl.cc%2F1eNxG8&frm=23&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1258364742.1683916768&ga_sid=1683916773&ga_hid=1426172671&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7b7fd1f23b83c777ba7875de33710da9c2d25c2cd8ae130364870acc294499d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12413
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5BFB 15 KB
11 KB 86ms
86ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0dd6bab5cf6dbfe257549d1d98e2f13884bf4a8084ecd5dc90f14b2c2cc8ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11472
x-xss-protection: 0

GET
H2 200 container.html Show response
c0e005b7a509c0da35c9243388984091.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0322 6 KB
3 KB 49ms
33ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c0e005b7a509c0da35c9243388984091.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:39:33 GMT
expires: Sat, 11 May 2024 18:39:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 62A4 15 KB
11 KB 75ms
75ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

664bad5b9fb7cae627480f4bf8f143a59965622aaa076badc72dfd1277bb73a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11385
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QLFfpPCaf294kPm0mfenOrMFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtRKd8z7T0RRRQC6PrZJFhYQZzhot0SyIu41octV/2mwL2wrLExwEDBX/VU/6b2ZUPuq1/hIfo8XV537Nl4VRw5FNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=59615022
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 40ms
39ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QLFfpPCaf294kPm0mfenOrMFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtRKd8z7T0RRRQC6PrZJFhYQZzhot0SyIu41octV/2mwLWo5MjD/Bz+AwOLWI+Oomrit77Wi9GWtipmKd4YD93FRNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=50097162
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
142 B 176ms
175ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVGVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916773316&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5BFB 17 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 May 2023 18:39:33 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 62A4 17 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 May 2023 18:39:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 60D8 13 KB
5 KB 28ms
26ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:36:18 GMT
expires: Sat, 11 May 2024 18:36:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E1E2 783 B
533 B 36ms
35ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

64ddcd1b63de5ac31289f308e1f2510236cdfa328406d0c35dfcfc7526e2b185

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-10ax_mTnlxmZHCePzhwTvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-10ax_mTnlxmZHCePzhwTvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:39:33 GMT
expires: Fri, 12 May 2023 18:39:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9FE1 13 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:36:18 GMT
expires: Sat, 11 May 2024 18:36:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6C3B 783 B
535 B 37ms
35ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

542d7b76e782411217c025c99777d8d1c29f1a2788e1129ccb78d5f6625890c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0o8NOTs5c69c3Za9mVGobw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-0o8NOTs5c69c3Za9mVGobw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:39:33 GMT
expires: Fri, 12 May 2023 18:39:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame 60D8 37 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 05:49:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 05:49:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E1E2 0
0 126ms
126ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305090101&jk=789888948059410&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9FE1 37 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 05:49:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 05:49:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6C3B 0
0 126ms
126ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305090101&jk=4369492487695154&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QL6K17oPPvjNKX6FoGyU+BgFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtbsy+OWbJboqooMz8eiC8ZfK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=98310644
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 39ms
38ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QL6K17oPPvjNKX6FoGyU+BgFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtbsy+OWbJboqooMz8eiC8ZfK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=40825739
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
server: nginx/1.6.2

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304262219000/ Frame 0B14 222 KB
60 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61839
x-xss-protection: 0
server: sffe
etag: "ccf36922213b3ec5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 0B14 15 KB
5 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5222
x-xss-protection: 0
server: sffe
etag: "4fd619331b8f64df"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 0B14 94 KB
28 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28884
x-xss-protection: 0
server: sffe
etag: "6451d33588c99856"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 0B14 5 KB
2 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1906
x-xss-protection: 0
server: sffe
etag: "83933b769a9f5701"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 0B14 40 KB
13 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 343746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12938
x-xss-protection: 0
server: sffe
etag: "3f9bab308b30f46e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0B14 344 B
368 B 27ms
27ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 22:24:04 GMT
x-content-type-options: nosniff
server: cafe
age: 72929
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 12 May 2023 22:24:04 GMT

GET
DATA 200
OK truncated
/ Frame 0B14 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0B14 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ef1fddce92642f05db3ac9ab0c8f72c573cad67532f2abe0e5c2bbe1dce407f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zh_tw_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0B14 3 KB
3 KB 27ms
26ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw_bl.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3734c01100f54eb39e2612827645a197465b209f0b058efd22d2aa04f34fb66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:22:20 GMT
x-content-type-options: nosniff
server: cafe
age: 58633
etag: 4870481765684750750
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3412
x-xss-protection: 0
expires: Sat, 13 May 2023 02:22:20 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0B14 0
0 70ms
69ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVLaZ5YdeZJD1EMTW1gasmL6oBMeqwaZwlNHL2ogR2tkeEAEg0syBGmD7AaABnuWKsynIAQGpAtOkz6xtZoM-4AIAqAMBqgT0AU_QiINcEjyngx27PEMs94syxS3SwpSVSD0c-ZAXpAu2INk8nCe45egp9NDItZZNxxpNh_hl2QHkC-eAaHGsdkGE1ZfPbBm42hjZ_OzQpwpQZNiTXWN1PPjXyHusNh9FRnuVKG_naLxzunoqwXuK5Fkb_uLBtQZu36vgfyDT-eZK_1fakHGLics7ca9jpABZF2T1HML2E36omy-FEXc0I1a2kW0-eJUbK364nytZargLs_GRio1kmIw2-bz_u-9B0196QtQguSY8q7xjIo10QfFhn5d1G5zTw0fza6gi69GFRFoR-hyzc7YK6UxBbrrS_-qP-lvABLryn66tBOAEAZIFBAgEGAGSBQQIBRgEgAeenduSBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMTJDdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=ifV0hqCUdxY&uach_m=[UACH]&cid=CAQSPABygQiDa8VpPWBycKGNJhLuxOax9MV45Bjtc4DoWIK2qqe-jxlcqntWkZ490Sj_9wjb2H7NBb4jQldQ1BgB&template_id=5028
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
142 B 150ms
148ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVEFVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916773621&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td6_tt3_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 60D8 0
10 B 26ms
25ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ACFJFg
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9FE1 0
10 B 26ms
26ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4c2Aow
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QPgFvssT7B4x0IEXS06nOXgFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdteK9S47jWb88FphqfIljSILK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=19868753
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QPgFvssT7B4x0IEXS06nOXgFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdteK9S47jWb88FphqfIljSILK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=62418135
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
142 B 176ms
176ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FEBFVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2401263701&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916773828&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td6_tt3_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QPKmQJXPuWNuGe45FksdORsFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtcPFF4IeqektTf8YRhCGO7EZzhot0SyIu41octV/2mwL2wrLExwEDBX/VU/6b2ZUPuq1/hIfo8XV537Nl4VRw5FNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=57646498
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QPKmQJXPuWNuGe45FksdORsFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtcPFF4IeqektTf8YRhCGO7EZzhot0SyIu41octV/2mwLWo5MjD/Bz+AwOLWI+Oomrit77Wi9GWtipmKd4YD93FRNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=70039082
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
145 B 324ms
324ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVFVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916774015&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td6_tt3_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5BFB 0
0 133ms
132ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305090101&jk=789888948059410&bg=!-_il-KzNAAYldGN0BXQ7ADkAdvg8WrRdovL_45FKYa6QPZfgwqX0XwnbTqLKLq_u5Gy7p2htRbyxwi38a2ek43c2gdk83xmxPBMCAAABR1IAAAADaAEHmQL5Fbqw8jgeBPkhGtRLl4jctC77mqzxThzXlyb-miGTov-popgITrgzrTrk4V7EoZo1MLRwG3bwDxWXHzq9e7N-qirPRo0F4LIxVa6Nz730I11xp4LtTeIgh1ulg7wca6qu2GzbiB45ja8wmNnZ0N0c4HN8iFQNX4UFsI3UPcWYmRf1NwKJ5I1wv5b2Co2yK_zyLGjBrOHVrQ76M9rPUD7yzH7Qfv56A6fFWO6JLbeeVOrRjHap50nVREjKvmea-zI62p7ybvDiLnaymcpSErUdIbEtUH-gRKO65xVHqRYSL_54_Qy-pDVC1dhPwi8sI7ER06WaMe9t6ItJUrhlL4eGaQKW29oUGyACYq0pOctYLlXV4bWe-vSZwDwlwjPMdUX-98mkNVTVcgCdtSQvpmy2RT3lrAu1G0bdah_NJ_PsEk_nXCVHtMpXrYAnj3wtgqduYmx1vubfQ0Z6wbcBmWeHO-vtCcd3DlWES35RiHpKLaL3xflwyVN47nfytZSSOfdqk9MBIh9xh-tTBANT2Wq8vlCLb3QBPXEuN0tNut5vkOoawvKbPAP2K0s4klZ1OfhiFj5zL-xMXAapll62CWV8rc1VhTu9yVc3u986gmUrWZIixFIuZHLCOXLoothMJJ2T0JsiDFGIOXohL9d4VyFe6XPVTFdmFKo2a52RUyjqeNyRHV7_WYEQfnL9vgpM5XCIYEoQPEr9SlUu1VRkjPK5BZ6LtrOMZchC-biLhuo6se3xXLwxRI9nJMbybylZiItOxUXuT3DRFLDLcOxXBvUlAuRYvJ5i5lYjuK1qLwKJnTIyATOWOn85G0N872g5j3YAw-w41eBq_1RO07mHIKs5kmcOKQv77AfI1_pH4UG_hFBPvFQyntuZYqZdeQT6G5QFniLYlOjFo7g09Ufj4aO0gkDbckNc2O2ttf4fZHrIRMpc4O3qHqVZnI03Zvqw2thk7RtV8IbtnaKLjm11TZwX5Tr0tFxrH6RhcMEzLALLUuA9MsTBWvtJ7Sg
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 62A4 0
0 133ms
132ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305090101&jk=4369492487695154&bg=!s7ClsOTNAAYldGN0BXQ7ADkAdvg8WmypMoPR5HYqwdiwV3ownMFD-n9wO5wUA17IYwBnFd0uW7_6bpv9HoQpyqDOhh2_O_WYwNkCAAABVVIAAAAEaAEHmQMLkCNWXyoOuM27sIcNZ3WCUmVm1aIfAjON3pP1-KN3ZepgX4OQX3ckyvnVDNvE7x9m7itInte7ZSnpb4ML7QjtnAlliyap5OY4gAjaL78Skpy2fOzAPfXfLLR1WjpZfKjuQKc469BJJ-D-tg1J29lons72D25FvczjjyLJak-M-iMUH4RsAry2mA5mhaUiRgSsxyyTyx2S0mK0m1gSp52HOU81GCDqH8hXyV4f8lbLgKh7XyZKTzkQZzanNmBohxUh0ge6cE9OgobVsBuMY63z1s6zOYYw30SVj1lYUbtEi3zcqcfyEKHAhLl01R-LyF-m7tL-s6s-gi2uNcePNbumLH1MhUjTLqZ3VQT27uvjuavoh-Pbv6izXu5er4s60Hg9tUlRtx7D-Q1gZUMThO7p0kZdbCZ_MGZKqccDfKxBZqdRkmv-qCDGw2TI7iMeISWMcUcHo6Wv7dNc5Or7I_jRKiu-9PE274bjiUljnu9GCOfnG77lLFIPSQbkrGmpaCPwtfuXzplIW3SLazKcxSktatXaelD2rw7K1xCCp3J3lYyn7oqBECUoU-LPf2xWPvHqFU4_WP5RcKDtVWCYXDG3cuT4-V351a74E7BQ1V4JTMYahC14fhTeVumD0FsKSeCwwgDdGWN5JKrgXl5nqxpV_RVdWeCfilKsQqoNK76Bhq014Tgt7ExRX1MV6oct5HiyZ7oYRfoXvSVysBru6V0SfM_mAfiMssxneYVAXznWj2DjrXdh-YXUFTbP3lKecz1gT3TXDOVPvtIbgDYLic6-r2UgKqPTRMzNtsB2wsPPz0FP_KUcTlHX_1LnsUuJ5bssirtE4f1JgAetVyLz7x1xjSQOIot7U_DA9Cv0i2GEyAG7a8VimkMMBy_k3InTdVQrBMDQvjo6an5Ejcz83M7Notzt-urbjNWCuHa-g9cEnJTwwiD0NS4OGJMUD4B10uuz66Y-tEXY8R_aTQk68K1tqPCEN2gIKcq23LQL4EL3Eu2dTcK21_ydh8GKP44-6yjOClPceeUjtf9yjw8
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QMkMy2WrkE+3LFPsG6LAZ9IFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtZbMGEYye3dkp2sDpxJqJonK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=82893927
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QMkMy2WrkE+3LFPsG6LAZ9IFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtZbMGEYye3dkp2sDpxJqJonK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=50624785
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
145 B 246ms
246ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEEVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2401263701&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916774353&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td6_tt3_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QOW1w0HEEAFLkFQbevKnrg0FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtbpCCTXvq8l2PcQmm+PwP7sZzhot0SyIu41octV/2mwL2wrLExwEDBX/VU/6b2ZUPuq1/hIfo8XV537Nl4VRw5FNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=91974946
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QOW1w0HEEAFLkFQbevKnrg0FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtbpCCTXvq8l2PcQmm+PwP7sZzhot0SyIu41octV/2mwLWo5MjD/Bz+AwOLWI+Oomrit77Wi9GWtipmKd4YD93FRNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=47061564
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
145 B 158ms
157ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVEVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916774609&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td7_tt4_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QBh7EvGqqIpZGBgD7I0w7r0FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtT2LenupZovBOmaAiWaZszDK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=68308581
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 36ms
35ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
36ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QBh7EvGqqIpZGBgD7I0w7r0FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtT2LenupZovBOmaAiWaZszDK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=84784419
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
145 B 153ms
152ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEDVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2401263701&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916774777&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td7_tt4_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0B14 42 B
64 B 138ms
138ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuK1D47CfyHa9gp3FjpIab35uvuaz1BKCMtUF7l-qt3FXAs1UqxLCi3C8OvIIym47_a5z291D6dyzxPTAn8xq01G4knb8Q3vB4s1Mb7zwegMtK5AJad4TOJuB9A_94diU5CP2EFZg&sai=AMfl-YTTkButJ_zqaJK-QRvB7zYy4LiP1fLFnj1cCMadui1g3C2sCu8ML-4jJxM8kvG3pemG4-csybuBwfcMCiGbJZmm60czVfURgYDXgZcXEcI7_I8bk15g6eScxLkN&sig=Cg0ArKJSzF81_us_Gp2fEAE&cid=CAQSPABygQiDa8VpPWBycKGNJhLuxOax9MV45Bjtc4DoWIK2qqe-jxlcqntWkZ490Sj_9wjb2H7NBb4jQldQ1BgB&id=ampim&o=270,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=208&tls=1208&g=100&h=100&tt=1208&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/1eNxG8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QFAtyrL48l7Bpgo3tEl3yhkFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdteITi/P2dMTmQeYkshqLQr8Zzhot0SyIu41octV/2mwL2wrLExwEDBX/VU/6b2ZUPuq1/hIfo8XV537Nl4VRw5FNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=53155567
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QFAtyrL48l7Bpgo3tEl3yhkFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdteITi/P2dMTmQeYkshqLQr8Zzhot0SyIu41octV/2mwLWo5MjD/Bz+AwOLWI+Oomrit77Wi9GWtipmKd4YD93FRNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=84428622
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:34 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
146 B 190ms
189ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVDVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916774939&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td7_tt4_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QHXk70lxs1FgvSW7P4gju40FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtZvt9sOxLGZT3z3AouOT7unK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=57845264
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 36ms
35ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QHXk70lxs1FgvSW7P4gju40FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtZvt9sOxLGZT3z3AouOT7unK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=12424978
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
146 B 143ms
143ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVECVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2401263701&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916775137&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td7_tt4_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QISGYHIhejQYGaWZvM4zhy4FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtZpBYRIYjQ5JKBb/1VdJXj8Zzhot0SyIu41octV/2mwL2wrLExwEDBX/VU/6b2ZUPuq1/hIfo8XV537Nl4VRw5FNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=76116540
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
36ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QISGYHIhejQYGaWZvM4zhy4FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtZpBYRIYjQ5JKBb/1VdJXj8Zzhot0SyIu41octV/2mwLWo5MjD/Bz+AwOLWI+Oomrit77Wi9GWtipmKd4YD93FRNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=50113264
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
146 B 164ms
164ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVCVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916775290&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td7_tt4_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QD+qvtztnhBFk4nGS3fpvzIFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtS1R0k6mfY0wL/jxaPBc6obK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=10373446
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 36ms
36ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 38ms
37ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QD+qvtztnhBFk4nGS3fpvzIFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtS1R0k6mfY0wL/jxaPBc6obK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=90418966
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
146 B 162ms
161ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEBVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2401263701&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916775464&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td7_tt4_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QMn/Rjj4GuLHv3xNRLNdHHQFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtTS7+9McRlbiBQHof08QjwMZzhot0SyIu41octV/2mwL2wrLExwEDBX/VU/6b2ZUPuq1/hIfo8XV537Nl4VRw5FNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=41925034
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
36ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QMn/Rjj4GuLHv3xNRLNdHHQFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtTS7+9McRlbiBQHof08QjwMZzhot0SyIu41octV/2mwLWo5MjD/Bz+AwOLWI+Oomrit77Wi9GWtipmKd4YD93FRNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=26867228
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
146 B 163ms
162ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVBVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916775636&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td8_tt5_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QOKLUgqQnMNi9KJ08EMlss8FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtdri+i7eUyzFn1vicP9/HmjK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=03432737
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 36ms
35ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
36ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QOKLUgqQnMNi9KJ08EMlss8FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtdri+i7eUyzFn1vicP9/HmjK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=01096980
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
146 B 153ms
153ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVHAVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4090810122352377&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2401263701&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916775813&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td8_tt5_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QFB0tkKQwG6mI9/QkRpngOwFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtdEUweJVqp6HMTJgIQ1Ng/XK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=62378432
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 36ms
36ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QFB0tkKQwG6mI9/QkRpngOwFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtdEUweJVqp6HMTJgIQ1Ng/XK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=96224328
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
147 B 172ms
172ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVGAVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2842590311171414&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916775982&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td8_tt5_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QB+q5wtaWQDKki17EYHstFsFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtcsT8zlsQEMpY6lGWFLRl5vK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=87665639
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
36ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QB+q5wtaWQDKki17EYHstFsFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtcsT8zlsQEMpY6lGWFLRl5vK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=03897322
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
147 B 213ms
212ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVFAVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2842590311171414&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2401263701&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916776163&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td8_tt5_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QF7mdwc/Ih2QTyKs+c3TBDMFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtZdF20U8LbstnhDt+RNkjg7K5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=29052406
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 39ms
38ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QF7mdwc/Ih2QTyKs+c3TBDMFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtZdF20U8LbstnhDt+RNkjg7K5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=31678249
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
147 B 167ms
166ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVEAVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2842590311171414&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916776386&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td8_tt5_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QLMsByZwW2ewXJVQimTUqwgFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtVWzclh+A+FyyurbzsgI5F7K5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=54461322
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 37ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QLMsByZwW2ewXJVQimTUqwgFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtVWzclh+A+FyyurbzsgI5F7K5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=49133619
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
147 B 196ms
195ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVCAVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2842590311171414&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2401263701&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916776582&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td9_tt6_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QBGsx9AClKGklfMsZFVIbxUFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtROGEQXQRm5849whFVhOmOTK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=16169403
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QBGsx9AClKGklfMsZFVIbxUFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtROGEQXQRm5849whFVhOmOTK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=92380110
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
147 B 158ms
158ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVBAVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2842590311171414&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916776789&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td9_tt6_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QCRysuK9NaGRy9L32uw0lGwFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtYvhcS887bhDLApLDHuXs+nK5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXOHUfDUxRoMEhmC/Kcwu7EQGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=18094161
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QCRysuK9NaGRy9L32uw0lGwFMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtYvhcS887bhDLApLDHuXs+nK5mKfSOaPtT31YiPdUXTefTByheM6l0l7UC8W+mjYUXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4NzNd49rcGxx+nHM/eED1tHyeWpWXpSorok3JnMEANOFGY=&cb=44194028
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:36 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 156 B
147 B 164ms
163ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVAAVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2842590311171414&vad_type=linear&pod=1&pmad=2&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2401263701&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916776958&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td9_tt6_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
93ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=SBTzXbyq2LPByXruDLNupdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QAakcbCWxEz/RbjpGsNaFV0FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtWCBy73KVnd/h5yLhPeMQB8Zzhot0SyIu41octV/2mwL2wrLExwEDBX/VU/6b2ZUPuq1/hIfo8XV537Nl4VRw5FNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=83779437
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:37 GMT
server: nginx/1.6.2

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 39ms
38ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
36ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=pGsoD5va4jLBUTrNW9jqqdH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QAakcbCWxEz/RbjpGsNaFV0FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtWCBy73KVnd/h5yLhPeMQB8Zzhot0SyIu41octV/2mwLWo5MjD/Bz+AwOLWI+Oomrit77Wi9GWtipmKd4YD93FRNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=25615770
Requested by: Host: reurl.cc
URL: https://reurl.cc/1eNxG8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:37 GMT
server: nginx/1.6.2

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C346 80 KB
17 KB 215ms
215ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVAVTRVD_reurl.cc&description_url=https%3A%2F%2Freurl.cc%2F1eNxG8&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2842590311171414&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.572.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=482189538&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.572.0&sid=19B64489-E6F0-4111-B881-4CA165782E70&nel=0&eid=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Freurl.cc%2F1eNxG8&dlt=1683916767683&idt=3201&dt=1683916777138&cookie=ID%3Db48308993571ca5c%3AT%3D1683916768%3AS%3DALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ&gpic=UID%3D00000c1523dfc046%3AT%3D1683916768%3ART%3D1683916768%3AS%3DALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ&scor=973804035073448&ged=ve4_td9_tt6_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be35f43ec965ec35ede5aff287f5238e3fd4ab80f5953b0e63d98351ad572e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17570
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 17C1 0
0 64ms
63ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0fyAehSbtwFsF5rRkMyBQoeBTgnvO9Qkn60RglKqduED9eq-bp7vefWaMwh5jXBHbHjt-7SsEj-Cu14PF2nbpP6cpj6tK9nu7SHMJ-lkCqgii03--RUH2Vj20Kpy-90OFw54JtcCScRiNLXvVqwB7vRvxIe2Imp1IIpuM5_6WosevPQ70b8tAF3rIcPFu8TuRbq1tBKMlE7vstmXu1rMfFinykENwLlHdzeSagiOBymCPcWz5djc6fRLgRZpGVjKwRU1BRwuQI-J234N1gRa6oJGMdHz4v8SVAMW-DWBnzhqTp5KN2fl1-mA_cRus4X9STpjE9yiRfKUE0gUoy_lBibCVxeBv36s&sai=AMfl-YRDMiScpsioaHTbIOAwKuX_lOk4q6H7QIB11dP0uGXEUDc1LhV7cjCIvIQ3XyMHyV7gMHCaZAQ5FVSPkWFPto5k5iYaGPiPZJrfGIfkxltx_pap3CDI74NkzkRNCSgMi-LwbDOkx6OlJeJUzRt7&sig=Cg0ArKJSzH_PgXY7Dr7iEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 18:39:37 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 76ms
75ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c776814cf728ec02e050a5cec7108742050e4783f7aff9a1b432ba847985ba04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11442
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4F4D 15 KB
6 KB 24ms
24ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:39:37 GMT
server: Kestrel
server-processing-duration-in-ticks: 1290954
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4F4D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=rD8VkHx2WCszelEwSEFJV0l0OG5jS2prYklUNGVEZUNqb3djc1A3Z3hPNDFjQnF2ZDhybUozeFd0MnhrZjdLOFlIUzR2cWpZWDRlWWMrYUk4SUtQMVFTdlJUWml4Vi9aSlBFSXU4VWZnbHRxb1YzTlpVYzRZb2Fzc05YeW...

425 B
655 B

23ms
23ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=rD8VkHx2WCszelEwSEFJV0l0OG5jS2prYklUNGVEZUNqb3djc1A3Z3hPNDFjQnF2ZDhybUozeFd0MnhrZjdLOFlIUzR2cWpZWDRlWWMrYUk4SUtQMVFTdlJUWml4Vi9aSlBFSXU4VWZnbHRxb1YzTlpVYzRZb2Fzc05YeW9lRjJCVitCNmEzczkrUXovSklLaVlSVUZFTkorVHJZcStpWmdmU25OM2dXVmtNaDBxTmd3VHZKMU5lLy83NFBCVTFHS2J6K25YOFVEK0wwTlFTWGF3MHkyUW5qOWpqbG40VnJCTDhmckVERlZiQndQbjgzWk1GNXlDR2o0NUptM2J2czJkVEllc0Mxbm5Wa1B2V0RMODYvWUU5U2N5UT09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8148f9d824b7e3e14f3cfc9d489abb3625ccf446b1dec8e53a1b6ac213b8457c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:37 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1064575
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=rD8VkHx2WCszelEwSEFJV0l0OG5jS2prYklUNGVEZUNqb3djc1A3Z3hPNDFjQnF2ZDhybUozeFd0MnhrZjdLOFlIUzR2cWpZWDRlWWMrYUk4SUtQMVFTdlJUWml4Vi9aSlBFSXU4VWZnbHRxb1YzTlpVYzRZb2Fzc05YeW9lRjJCVitCNmEzczkrUXovSklLaVlSVUZFTkorVHJZcStpWmdmU25OM2dXVmtNaDBxTmd3VHZKMU5lLy83NFBCVTFHS2J6K25YOFVEK0wwTlFTWGF3MHkyUW5qOWpqbG40VnJCTDhmckVERlZiQndQbjgzWk1GNXlDR2o0NUptM2J2czJkVEllc0Mxbm5Wa1B2V0RMODYvWUU5U2N5UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 342460
content-length: 0
expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 May 2023 18:39:37 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C346 0
45 B 103ms
102ms Ping
image/gif 2607:f8b0:400d:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lhkwkglj&c=286247961035&slotId=143123980517.5&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=QEGx472uSkw&hghme=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0f::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5110 13 KB
5 KB 27ms
26ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:36:18 GMT
expires: Sat, 11 May 2024 18:36:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AA7D 783 B
535 B 38ms
37ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

171804a6fba37601e88d08f781560b483d8be6c763e76f2f2d42dd2c0346616c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AcMh5vFxLLvG3PuW63nrdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-AcMh5vFxLLvG3PuW63nrdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 18:39:37 GMT
expires: Fri, 12 May 2023 18:39:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 csi
csi.gstatic.com/ Frame C346 0
54 B 101ms
101ms Ping
image/gif 2607:f8b0:400d:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lhkwkl20&c=286247961035&slotId=143123980517.5&qqid=CPWz2Oq28P4CFYjV3godt68JkQ&gqid=6YdeZLC8Ceu8-wbe9KjYDg&fb=ima_html5-lima&sdkv=h.3.572.0&ppt=truvid&ppv=1.0.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.lhkwkl24~ghmsh_s.lhkwkl25&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=QLrfpQIWMghVPFbT
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0f::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C346 0
0 127ms
127ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.572.0&e=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=3042440490745153&domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame C346 453 B
478 B 27ms
26ms Image
image/png 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-8787923930478618

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:57:44 GMT
x-content-type-options: nosniff
age: 2513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 May 2023 18:47:44 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C346 42 B
68 B 64ms
63ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CYWmX6YdeZLWbDIir-wa336aICebRkJJwtKvxrPoQsJAfEAEgk7rOgAFg-wGgAZyv-6gCyAEF4AIAqAMBmAQAqgT_AU_Qw8x8bdLazb715NxEjE6fkB0eLQNgTFI-vtFGcEmZKoZLPySfPfVoFy163tIxNnNnxC0iPt4mocMWqyssOBjFXa3DXStUDlq68xDRWHMzBPj6KSAQK50jzHCIHsjU8vgrrFs_k4GL2p8Loma7CoCl0WpqO3Ld-FwTuDk-IslDcu8N6sXF6Btp3ILb8h33otIPHxnF_-TPbR0SIIKEn0AeG5cCVfCYfGRAbmPWy5VvjId1jQSa9DPjO8OmuJG6_4UFDomQWoB188BNGMMghfdapCaAZ1pZC5qWmGussO1GGd1kEfkvNJ3Yp4iz2IL6DMysVEemVN1ANmwxZ7EC88AEp53m_qAE4AQBoAZUgAfM0ITXAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqaCRpodHRwczovL3d3dy5oZXJvLXdhcnMuY29tL7EJ4XjpdKKcL_OACgPICwHQCw7gCwG4DAGaDQEO2BMM0BUBmBYB4hYCCAH4FgGAFwE&sigh=FGkr9g8YWQ4&label=show_ad&sdkv=h.3.572.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MjU5OTA3MTE1NjIMNjU2MTY3NjI4MzA1QN4BUiMQDyUAAGRCKAE6C1FFR3g0NzJ1U2t3Qglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame C346 0
0 65ms
65ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CNJX46YdeZLWbDIir-wa336aICebRkJJwtKvxrPoQsJAfEAEgk7rOgAFg-wGgAZyv-6gCyAEF4AIAqAMBmAQAqgT8AU_Qw8x8bdLazb715NxEjE6fkB0eLQNgTFI-vtFGcEmZKoZLPySfPfVoFy163tIxNnNnxC0iPt4mocMWqyssOBjFXa3DXStUDlq68xDRWHMzBPj6KSAQK50jzHCIHsjU8vgrrFs_k4GL2p8Loma7CoCl0WpqO3Ld-FwTuDk-IslDcu8N6sXF6Btp3ILb8h33otIPHxnF_-TPbR0SIIKEn0AeG5cCVfCYfGRAbmPWy5VvjId1jQSa9DPjO8OmuJG6_4UFDomQWoB188BNGMMghfda_CcqWlBrvLoEU7A17gLfJl-aN0_5JL3SOYOdwCpr6uoaiMmNeMWJyO1viMAEp53m_qAE4AQBoAZUgAfM0ITXAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqIw9qAgB0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAcITBhicr_uoAtgTDNAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTU3Njc1NjMxODc5MzYwMDYYqLx4&sigh=8HjSmciraCQ&cmd=Ch1jYS12aWRlby1wdWItODc4NzkyMzkzMDQ3ODYxOBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&cid=CAQSPABygQiD_PBGi_96tF3PHm5GkmJkjuWv7mrlM2O4WnH355_ErY8PdKFjIm4ax6vj0k0yrj2EIPta7QEuqxgB&vt=10&sdkv=h.3.572.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MjU5OTA3MTE1NjIMNjU2MTY3NjI4MzA1QN4BUiMQDyUAAGRCKAE6C1FFR3g0NzJ1U2t3Qglnb29nbGVhZHNQABgB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=C539hZwZWj80VvZcqhMTkK5s6iSvtNo3YL0uza8ZN6mtCkSKbn9FR1c/B51u/4V6//CKWQX8agWhGIvjj116/48D5jJp4DskvGFPBbpCKTlN7vBqDTXR2jS6nu7TGWz+/3W1VijP5Gi8D9JkRIrbQJsTYfxDoXqZNOcbYQdrm/xRFSW7p2mSnnGzxXjtJ7Zy6GKp5a7RNyO2WAXtcDlIlI4oaOo94bYhN+MA+wU77OBt39DXoHcBRD5H/hdgcKiDILtp8McPekHGFYjmc3vxUXN/Ft7WYz/LeYjPfhNVGzPzNn58VS1TkNpow1KO3qs/6lIh02LwacMuQ5if5E2FWvGikhlKkjTlRWklHJjhG1A=&cb=79944868
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:37 GMT
server: nginx/1.6.2

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 101ms
100ms Ping
image/gif 2607:f8b0:400d:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lhkwkfww&c=286247961035&slotId=143123980517.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0f::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr1---sn-apaapm4g-apae.googlevideo.com/ 3 MB
3 MB 118ms
71ms Media
video/mp4 2a00:ba61:0:126::c
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1683945577&ei=6YdeZLXqEeHjxN8P7teNsA8&ip=2001:41d0:d:364d::5&id=4041b1e3bdae4a4c&itag=22&source=youtube&requiressl=yes&mh=Hp&mm=31&mn=sn-apaapm4g-apae&ms=au&mv=m&mvi=1&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=57.051&lmt=1683051791611958&mt=1683916386&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgEXXtpQ_6ZvYUcF5-ntwio0Nd_Uj83xnkJv6hgVzazw0CIQDfwGiWoOULF4PLxx8eFcwZTE0xlSuqIw1iIEi6CwmJHA==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgGdX4mQ-8a8M-qcf3g1l0xn0tqF_stkWsciCsEK9h8CMCIQCVB3PKVY7iL8ir2wWprivLR0_6IV4wCA_dodPOgxZdaQ==&cpn=QLrfpQIWMghVPFbT

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:ba61:0:126::c , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c09b6c73cf4770126260625233af685c356cd39329f6d99d9c8e574a8d7acedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 12 May 2023 18:39:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 May 2023 18:23:11 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2763871/2763872
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2763872
Expires: Fri, 12 May 2023 18:39:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AA7D 0
0 127ms
126ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305110101&jk=2915345233509665&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame 5110 37 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 05:49:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 05:49:54 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5110 0
10 B 26ms
25ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?A-Ynlw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C346 42 B
68 B 66ms
66ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CYWmX6YdeZLWbDIir-wa336aICebRkJJwtKvxrPoQsJAfEAEgk7rOgAFg-wGgAZyv-6gCyAEF4AIAqAMBmAQAqgT_AU_Qw8x8bdLazb715NxEjE6fkB0eLQNgTFI-vtFGcEmZKoZLPySfPfVoFy163tIxNnNnxC0iPt4mocMWqyssOBjFXa3DXStUDlq68xDRWHMzBPj6KSAQK50jzHCIHsjU8vgrrFs_k4GL2p8Loma7CoCl0WpqO3Ld-FwTuDk-IslDcu8N6sXF6Btp3ILb8h33otIPHxnF_-TPbR0SIIKEn0AeG5cCVfCYfGRAbmPWy5VvjId1jQSa9DPjO8OmuJG6_4UFDomQWoB188BNGMMghfdapCaAZ1pZC5qWmGussO1GGd1kEfkvNJ3Yp4iz2IL6DMysVEemVN1ANmwxZ7EC88AEp53m_qAE4AQBoAZUgAfM0ITXAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqaCRpodHRwczovL3d3dy5oZXJvLXdhcnMuY29tL7EJ4XjpdKKcL_OACgPICwHQCw7gCwG4DAGaDQEO2BMM0BUBmBYB4hYCCAH4FgGAFwE&sigh=FGkr9g8YWQ4&label=video_ad_loaded&sdkv=h.3.572.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MjU5OTA3MTE1NjIMNjU2MTY3NjI4MzA1QN4BUiMQDyUAAHhCKAE6C1FFR3g0NzJ1U2t3Qglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame C346 41 KB
15 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 18:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2024 18:07:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C346 0
0 127ms
126ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.572.0&e=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&id=ima_html5&c=3042440490745153&domain=reurl.cc

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame C346 0
0 69ms
69ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CNJX46YdeZLWbDIir-wa336aICebRkJJwtKvxrPoQsJAfEAEgk7rOgAFg-wGgAZyv-6gCyAEF4AIAqAMBmAQAqgT8AU_Qw8x8bdLazb715NxEjE6fkB0eLQNgTFI-vtFGcEmZKoZLPySfPfVoFy163tIxNnNnxC0iPt4mocMWqyssOBjFXa3DXStUDlq68xDRWHMzBPj6KSAQK50jzHCIHsjU8vgrrFs_k4GL2p8Loma7CoCl0WpqO3Ld-FwTuDk-IslDcu8N6sXF6Btp3ILb8h33otIPHxnF_-TPbR0SIIKEn0AeG5cCVfCYfGRAbmPWy5VvjId1jQSa9DPjO8OmuJG6_4UFDomQWoB188BNGMMghfda_CcqWlBrvLoEU7A17gLfJl-aN0_5JL3SOYOdwCpr6uoaiMmNeMWJyO1viMAEp53m_qAE4AQBoAZUgAfM0ITXAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqIw9qAgB0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAcITBhicr_uoAtgTDNAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTU3Njc1NjMxODc5MzYwMDYYqLx4&sigh=8HjSmciraCQ&cmd=Ch1jYS12aWRlby1wdWItODc4NzkyMzkzMDQ3ODYxOBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&cid=CAQSPABygQiD_PBGi_96tF3PHm5GkmJkjuWv7mrlM2O4WnH355_ErY8PdKFjIm4ax6vj0k0yrj2EIPta7QEuqxgB&sdkv=h.3.572.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C346 42 B
68 B 67ms
66ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CnpLZ6YdeZLWbDIir-wa336aICebRkJJwtKvxrPoQsJAfEAEgk7rOgAFg-wGgAZyv-6gCyAEF4AIAqAMBmAQAqgT8AU_Qw8x8bdLazb715NxEjE6fkB0eLQNgTFI-vtFGcEmZKoZLPySfPfVoFy163tIxNnNnxC0iPt4mocMWqyssOBjFXa3DXStUDlq68xDRWHMzBPj6KSAQK50jzHCIHsjU8vgrrFs_k4GL2p8Loma7CoCl0WpqO3Ld-FwTuDk-IslDcu8N6sXF6Btp3ILb8h33otIPHxnF_-TPbR0SIIKEn0AeG5cCVfCYfGRAbmPWy5VvjId1jQSa9DPjO8OmuJG6_4UFDomQWoB188BNGMMghfda_CcqWlBrvLoEU7A17gLfJl-aN0_5JL3SOYOdwCpr6uoaiMmNeMWJyO1viMAEp53m_qAE4AQBoAZUgAfM0ITXAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqACgPICwHYEwzQFQGYFgHiFgIIAfgWAYAXAQ&sigh=Jww_3iFzk3A&cmd=Ch1jYS12aWRlby1wdWItODc4NzkyMzkzMDQ3ODYxOBAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D57004%26vmtime%3D-1%26is%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D6573%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D449887552%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D6900%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1683916777398&sdkv=h.3.572.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MjU5OTA3MTE1NjIMNjU2MTY3NjI4MzA1QN4BUiYQDyUAAHhCKAE6C1FFR3g0NzJ1U2t3Qglnb29nbGVhZHNIzAFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C346 42 B
64 B 133ms
132ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBuH2XTkCQvslp-loSSFBLpypz4rXCPjhFmQyQINv3dFZFe-FNJwORS0Kz_cHTfgXpbp1q-lfQvLPAYGByw0ZyN4i1dv49ZpjaHwJfwrZC_fovY24dWTfcPRVUD-HfXUTtm6zcfWuiFDylg_6NFbR49prwXK4E5Cpd&sai=AMfl-YQrI7_l2qXJ21sSIVSuruaXyGOxEa_5lfTQ4JBXe_-QC0rPJcXhe-WeHoVBZXhQhRRm11sYBI4EhAuk2DzNB1l_Bxx0TTCXBXHUMvjB_GDEcTC8sUXbV0i1Hfr2&sig=Cg0ArKJSzBrsF7ZKAZBxEAE&cid=CAQSPABygQiD_PBGi_96tF3PHm5GkmJkjuWv7mrlM2O4WnH355_ErY8PdKFjIm4ax6vj0k0yrj2EIPta7QEuqxgB&id=lidarv&acvw=sv%3D951%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D57004%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D6573%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D449887552%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D6901%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1683916777398&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C346 42 B
68 B 66ms
65ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CnpLZ6YdeZLWbDIir-wa336aICebRkJJwtKvxrPoQsJAfEAEgk7rOgAFg-wGgAZyv-6gCyAEF4AIAqAMBmAQAqgT8AU_Qw8x8bdLazb715NxEjE6fkB0eLQNgTFI-vtFGcEmZKoZLPySfPfVoFy163tIxNnNnxC0iPt4mocMWqyssOBjFXa3DXStUDlq68xDRWHMzBPj6KSAQK50jzHCIHsjU8vgrrFs_k4GL2p8Loma7CoCl0WpqO3Ld-FwTuDk-IslDcu8N6sXF6Btp3ILb8h33otIPHxnF_-TPbR0SIIKEn0AeG5cCVfCYfGRAbmPWy5VvjId1jQSa9DPjO8OmuJG6_4UFDomQWoB188BNGMMghfda_CcqWlBrvLoEU7A17gLfJl-aN0_5JL3SOYOdwCpr6uoaiMmNeMWJyO1viMAEp53m_qAE4AQBoAZUgAfM0ITXAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqACgPICwHYEwzQFQGYFgHiFgIIAfgWAYAXAQ&sigh=Jww_3iFzk3A&cmd=Ch1jYS12aWRlby1wdWItODc4NzkyMzkzMDQ3ODYxOBAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D57004%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D6573%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D449887552%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D6903%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1683916777398&sdkv=h.3.572.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MjU5OTA3MTE1NjIMNjU2MTY3NjI4MzA1QN4BUiYQDyUAAHhCKAE6C1FFR3g0NzJ1U2t3Qglnb29nbGVhZHNIzAFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C346 42 B
68 B 67ms
66ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CnpLZ6YdeZLWbDIir-wa336aICebRkJJwtKvxrPoQsJAfEAEgk7rOgAFg-wGgAZyv-6gCyAEF4AIAqAMBmAQAqgT8AU_Qw8x8bdLazb715NxEjE6fkB0eLQNgTFI-vtFGcEmZKoZLPySfPfVoFy163tIxNnNnxC0iPt4mocMWqyssOBjFXa3DXStUDlq68xDRWHMzBPj6KSAQK50jzHCIHsjU8vgrrFs_k4GL2p8Loma7CoCl0WpqO3Ld-FwTuDk-IslDcu8N6sXF6Btp3ILb8h33otIPHxnF_-TPbR0SIIKEn0AeG5cCVfCYfGRAbmPWy5VvjId1jQSa9DPjO8OmuJG6_4UFDomQWoB188BNGMMghfda_CcqWlBrvLoEU7A17gLfJl-aN0_5JL3SOYOdwCpr6uoaiMmNeMWJyO1viMAEp53m_qAE4AQBoAZUgAfM0ITXAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqACgPICwHYEwzQFQGYFgHiFgIIAfgWAYAXAQ&sigh=Jww_3iFzk3A&cmd=Ch1jYS12aWRlby1wdWItODc4NzkyMzkzMDQ3ODYxOBAAGAI&label=admute&ad_mt=0&acvw=sv%3D951%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D12%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D12%26pst%3D-1%26dur%3D57004%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D12%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D6573%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D449887552%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D6907%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1683916777398&sdkv=h.3.572.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MjU5OTA3MTE1NjIMNjU2MTY3NjI4MzA1QN4BUiYQDyUAAHhCKAE6C1FFR3g0NzJ1U2t3Qglnb29nbGVhZHNIzAFQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 93ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=FLVyXWeZIyg6tWrOB3zoYNH3pDm0eUGzxKsdz1D5mpdSvjVBbEUumUENH21XMXZoBPafjwrAEP6lcSHp+JVPj64JmltCjCiQUwQ0jQuUsUsXlgrt6IkSumrLaCVePOARSoxseDhD5qH+ZI3eZlQ0QAakcbCWxEz/RbjpGsNaFV0FMiQb0wF71quFVm0MYNn0TnsS0yIHV2itseorQtwdtWCBy73KVnd/h5yLhPeMQB8Zzhot0SyIu41octV/2mwLVFF7bWJInvYLNL2sctrhtyt77Wi9GWtipmKd4YD93FRNI/NN7pgGrB+DtYaHMdOb038YVDB2bn4HbFXtdgFvl9+LDGgrV9P24aQPCeHLgAI=&cb=53290193
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:37 GMT
server: nginx/1.6.2

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 7021 23 KB
9 KB 46ms
34ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 330504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 May 2023 22:51:13 GMT
expires: Tue, 07 May 2024 22:51:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame 7021 37 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 05:49:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 05:49:54 GMT

GET
H2 204 playback
www.youtube.com/api/stats/ Frame C346 0
0 97ms
35ms Image
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/api/stats/playback?ns=yt&fexp=44730895%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&el=adunit&cpn=QLrfpQIWMghVPFbT&docid=QEGx472uSkw&visitordata=CgtLOTdfSjg0aF9acw%253D%253D&of=oxbroc6Fb5TBKpV5wmIprg&ver=2&cmt=0.219&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Freurl.cc%2F&len=57.005&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=113.0.5672.92&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7021 0
20 B 132ms
131ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.572.0&bgai=BtVFA6YdeZLWbDIir-wa336aICQAAAAA4AboFEwjw1NXqtvD-AhVr3t4KHV46Cus&bg=!SEulSx_NAAYldGN0BXQ7ADkAdvg8WjUpGmAfQo7d3VxRbPny6Sk0-QuIYe58atN6DyXPQuDBawx8T6yl8UZc-EfIcxGalRf_9_8CAAAAb1IAAAACaAEHCgAYFQUJD0t9SvX5UyfJdb8eAHWbUTd2KhNGmQJMxfPGDqyrykZPVSbjCR9Zr_ZcX8xkc9DjqQYwal4tzQXr0fye7oaPeCuLKUW67rA5MsOVOxfztwMAXZzgM8yI0xoQtYPiKw7aVdGTdlvrEMSiV0XUh3la6og9953SSa9fhIC2uK-ce3RrRJC4FIYRfgHhxJamiSS3QS9Gk468kSTjSNPmcjDsSZq7e5L3StQk7pUStO3pUT04UuBPy8DnIxhCGriEBzRYKSZPrzlRVFBC5lkQ9miqIayUH1tSuJM-WpAy5U_IuZyM4zT4_Ad_Va14iSX2Yu43lIHZy1dQCJihHIqq8Fhl2CmgmKo8UdnM0a_l7tm51w4I-x_cYS8oSJP8cjA5sQH_pPhsGuOEdMLuzaiDOFbwEM601w5mp--taAUbcL4mV2t9AJNcyHW6X5bU3_2l3TsmR2vRw2ZvTZcWVDQ0yEdasLYrms_FBTtKG9F6weO84vPy-dHIgYM-qYY46IG3VAjbP8FQZflPrBXjDdGgh2c1_yVd_gUQHSu58_mwLAXEFLnC9Wq5qws4jwY3RtlwZCGaaENDmYy1MAakC822bl64ngxzLTnW_w3A0ZMDvlP53uIg17uY-SmodcUs47SULc4pnBKHDKJqlSEHl-q05rJ9hmjfsTKV91pCsUBAMNOZZlIg_mfceC-DkRdDYrRLbuXelPHLtrOJU69iMv8JcOvTJqqqfeYNcnvc7Nb_8z3Dn_WUoZnO_DLutiqlJFV1nioNtoENBiK8nccp4DaQ8QxCKGS308Rv83jXXuduzLdCIHO1szBR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 132ms
132ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305110101&jk=2915345233509665&bg=!U1ClUATNAAYldGN0BXQ7ADkAdvg8WuH9u9LJafE6Sy8SnmFObVpYa3NHNYPP2X7pUzi1CWrdaqR4X_ue3wwJUKeZ3LbxZr84_f0CAAAAXlIAAAAEaAEHmQKn-qy9xl2ZBUAbOo3cgy6og5BIjft9bNUeI7l6z9LVSxVH9_U4ocWCvoJHJULSFcayWkSxkfoiPoURnJ0AxGbC9HWLGSEwI2kHAVNlr7yhIy_-8tTfFMW1FtTOyRtdAlU7x8hCoDCOd5LxEPYZVsyaPf9iv__EDcFbv5sWNSy5wumgybLk27kXG46v8fcMf03q3oCrKRmnEqKfEEWuqW4UstPVEk_Q6ixZNuw-pphVfVmv8_LEbMcJmVoK5-D-cBNm3cZ1LQUTIgfajYrNuKBG7UqvkvzlusPkkrANj-0JxXsvJm-0fFKpwXpPo8nNlDu9FqZjENEfTVT84_WWgyAOQ3GALSxMvGfUgx4HO2CpZNmfPglft2d-oTDx0puZ0a3xIWXucK5tTKZdwJ0lipO5kV46WEGfh3YuaKyhtrL5ByCTTtB7GzNwoTQqsSi8A6XjSzC1KJurJQi8-RXf2qafLqaUWv1hMo2JRpqvwP0rJ181_pEi80VOXJxjjlNUcXFWaV5UNHns7n3ScYxOzwbZ5nILDe1bHIsaD6fj9bn8_MEV41PVKg4uXlu4Bq3R2zwpUkeJOy7UngVcTiQKWsT2aeDgpwHmi45r_fhfZ6fCnMfM-T8FkY12YpeU06UrOP49MwJOcqREmrLuRfhc3v8xbpvX8QfBmLvKzVMp7OvGhwxJCPwgOHKKl3wVqMiCPUzB4rIc1x3iucVRDHvTCCC_18E22Ry2_4gNAwGaheQoTeJOlOhYRcAJHNIh19GMOdxtnd49S3UnSPiut0UJwSQ_NXlXPBHFHvtLckZ1F4h1I3zZHcMgLHYFtOMtZ2xth0FIg4WpupS-FtS1n_0HHY6xdeGnr4LvpYG3yW2KIoP5HL_6h7II7pADjZMq_mZFLH02UClkw8H-CA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 17C1 42 B
64 B 132ms
131ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-WCsvWHMZf53lmLGu2_K24v-zPryvruvwezcOshRUBjx42mE3dTVvNNWMJUdDdZQ0OA9_4eItlOSoG48sK1PzTB03JQznVlAxZ5rHCsLxjh2mddX4&sig=Cg0ArKJSzPzGNTAi3SsgEAE&id=lidar2&mcvt=1001&p=108,270,362,570&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=827794272&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683916769404&rpt=7781&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 103ms
102ms Ping
image/gif 2607:f8b0:400d:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~lhkwkl3d&c=286247961035&slotId=143123980517.5&met.4=hvd_lc.lhkwkl3c~hvd_ad.lhkwkl3d~hvd_mad.lhkwkl3d~hvd_admu.lhkwkl3d~hvd_src.lhkwkl3d&ps=640x360
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c0f::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 92ms
92ms Image
text/plain 34.204.114.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=i6D/tYZoDdpkdhn6g9bpoy+nqE+Du9IXXNqbPttbnajUIBSARlZOqsrKtiixt7HCfcPqT8eLDMYn3Tnm7sQ699LLi+v4WX2moTXTwnEUO9+V8hnZRd65vIet/JcBd8hHg5QrALt1X2b3bdZ8wSUvhb/sAlF3BBm0A3DtLwUatpnc/EpyC6A0G/JbJv8Zd096kUfyCX09JgLDky81PIGZv4AaBRsVMSQYUVFOdIj6Pj3K5mKfSOaPtT31YiPdUXTewM2ZCua1Zl8BebX7mVYKVXkxT/sNQR/cl0leS0J0JQ8QGeqS0fJSMLFAuOpfI4Nzq4UeK7aM81zKz0Y9dTALt+WpWXpSorok3JnMEANOFGY=&cb=07926593
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.114.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-114-221.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:39:39 GMT
server: nginx/1.6.2

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C346 42 B
64 B 141ms
141ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBuH2XTkCQvslp-loSSFBLpypz4rXCPjhFmQyQINv3dFZFe-FNJwORS0Kz_cHTfgXpbp1q-lfQvLPAYGByw0ZyN4i1dv49ZpjaHwJfwrZC_fovY24dWTfcPRVUD-HfXUTtm6zcfWuiFDylg_6NFbR49prwXK4E5Cpd&sai=AMfl-YQrI7_l2qXJ21sSIVSuruaXyGOxEa_5lfTQ4JBXe_-QC0rPJcXhe-WeHoVBZXhQhRRm11sYBI4EhAuk2DzNB1l_Bxx0TTCXBXHUMvjB_GDEcTC8sUXbV0i1Hfr2&sig=Cg0ArKJSzBrsF7ZKAZBxEAE&cid=CAQSPABygQiD_PBGi_96tF3PHm5GkmJkjuWv7mrlM2O4WnH355_ErY8PdKFjIm4ax6vj0k0yrj2EIPta7QEuqxgB&id=lidarv&acvw=sv%3D951%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D920,1280,1100,1600%26tos%3D1805,201,0,0,204%26mtos%3D1805,2006,2006,2006,2210%26amtos%3D0,0,0,0,0%26mcvt%3D2006%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2633%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D823%26pst%3D423%26dur%3D57004%26vmtime%3D2332%26dtos%3D2006%26dtoss%3D1%26dvs%3D2006%26dfvs%3D1805%26dvpt%3D2621%26is%3D33554707%26i0%3D33554450%26ic%3D257%26cs%3D33558803%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D6573%26femvt%3D0%26emc%3D15%26emuc%3D0%26emb%3D10,1,0,0,1%26avms%3Dexc%26qi%3D449887552%26psm%3D-2147483641%26psv%3D6%26psfv%3D6%26psa%3D0%26ptlt%3D9529%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2210&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1683916777398

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 May 2023 18:39:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=2&__hs=19489.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1007485368&__s=%3A%3A5o19ao&__hsi=7232367448410617917&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw6awZwaOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwiU8U6C0L836w&__csr=&__sp=1

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reurl.cc/	1970-01-20 11:46:43	Name: _gid Value: GA1.2.808430781.1683916768
.reurl.cc/	1970-01-20 11:45:16	Name: _gat Value: 1
.reurl.cc/	1970-01-20 21:21:16	Name: _ga_N394QBRGC0 Value: GS1.1.1683916768.1.0.1683916768.0.0.0
.reurl.cc/	1970-01-20 21:21:16	Name: _ga Value: GA1.1.1258364742.1683916768
.reurl.cc/	1970-01-20 13:54:52	Name: _fbp Value: fb.1.1683916768505.1201252114
.prnasia.com/	1970-01-20 11:45:18	Name: __cf_bm Value: fP4NAfgxVmh0vKhIl163Elkwk_AX4uI.MsmOjsTlWUA-1683916768-0-AVbeNqzLxU4QLxmrRfa9cHxopCPv7N5/slfT9iMesL8elWZAxyM0s5DYTXTv2TIirNM+EX324uwFe9OAmlEXt1g=
.doubleclick.net/	1970-01-20 21:06:52	Name: IDE Value: AHWqTUne4mzBhmt9wKGb7FJoRhrEOui3zR6V-gFJWlzW3Mrr2dIr0fpsWg7KZ6tkDAs
.doubleclick.net/	1970-01-20 11:45:17	Name: test_cookie Value: CheckForPermission
.reurl.cc/	1970-01-20 21:06:52	Name: __gads Value: ID=b48308993571ca5c:T=1683916768:S=ALNI_MbOuSDjpoNsH6a8AV4Y4e4iqct-BQ
.reurl.cc/	1970-01-20 21:06:52	Name: __gpi Value: UID=00000c1523dfc046:T=1683916768:RT=1683916768:S=ALNI_MZUT1xEONW2qKUVTED5TXVCpQ3vTQ
.hinet.net/	1970-01-20 21:21:16	Name: uuid Value: 6c999d49-58b7-4970-b6a9-84a6f472bb3e
.reurl.cc/	1970-01-20 20:30:52	Name: __htid Value: 6c999d49-58b7-4970-b6a9-84a6f472bb3e
.reurl.cc/	1970-01-20 11:45:20	Name: _ht_em Value: 1
.reurl.cc/	1970-01-20 11:46:43	Name: _ht_a546ca Value: 1
.doubleclick.net/	1970-01-20 11:45:20	Name: DSID Value: NO_DATA
reurl.cc/	1970-01-20 12:28:28	Name: CFFPCKUUID Value: 6817-6ymnN2Qaa68ArJ5QdxwEI5hbfLENz92E
.reurl.cc/	1970-01-20 12:28:28	Name: CFFPCKUUIDMAIN Value: 4635-kEQhgs5GSvkpeNsDBL6qbSjzF8rDdkdc
.reurl.cc/	1970-01-20 12:28:28	Name: FPUUID Value: 4635-8d9243bd931c55921f7a74a363614a6adca7cb836770745779995379386ceda3
.holmesmind.com/	1970-01-20 12:06:23	Name: Vision Value: 20230513-23:59,20230513-05,20230513-05,20230513-23:59
.holmesmind.com/	1970-01-20 12:06:23	Name: C Value: null
.holmesmind.com/	1970-01-20 14:10:14	Name: RK Value: null
.holmesmind.com/	1970-01-20 21:21:16	Name: P Value: 463479-k5PJc4uyZB22BRNRvdVY3HGsMrygFJVz
.criteo.com/	1970-01-20 21:06:52	Name: uid Value: 63af582c-9112-4cbe-84d0-a4409d4095db
.reurl.cc/	1970-01-20 11:46:43	Name: _ht_hi Value: 1
rt.ad-score.com/	1970-01-20 21:21:16	Name: token Value: jSCVhGWamTdIp-pq1s-AZxzDERgtpPXM
.reurl.cc/	1970-01-20 11:46:43	Name: _ht_50ef57 Value: 1
.scupio.com/	1970-01-20 11:55:21	Name: fxc Value: 1
.c.appier.net/	1970-01-20 20:32:19	Name: _auid Value: CF20NzyMC5CDdyQA44deZA
.scupio.com/	1970-01-20 21:21:16	Name: OrgKeyValue Value: CDA20230513023931624161
.scupio.com/	1970-01-20 20:32:19	Name: gx Value: H4sIAGP4XmQA%2fxNmYGDg4uboeX5j9okTL60FWIVYOOwFmABkxwSaFwAAAA%3d%3d
.aralego.com/	1970-01-20 20:30:52	Name: gdpr Value: 1
.aralego.com/	1970-01-20 20:30:52	Name: sspid Value: bf6e9033-b29a-366d-9e14-0d542be61e09
.holmesmind.com/	1970-01-20 12:06:23	Name: R Value: null
.holmesmind.com/	1970-01-20 14:10:14	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-20 21:21:16	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.aralego.com/	1970-01-20 20:30:52	Name: euconsent-v2 Value:
.holmesmind.com/	1970-01-20 11:46:43	Name: fcm Value: 1
.reurl.cc/	1970-01-20 21:06:52	Name: cto_bundle Value: xfS5u19hR1UlMkZCS2c2cDBqSld1dFVHMmNnRjJlZ0dIdzRoakpMV0dCTUdnYUFCNFVhNWRJdUllVDM2R05abWxtb0pNZmF4NTJIeTNZODZnVnFTMjZqQXZibGJEQU1Dd2dsT1glMkZLYkNYZHAwWEJVQlAxOExrN3BCcXFvaXQyZGRvQ0NvR1VWVXolMkJoejZBWFhSekc3JTJGcUpwRU85dyUzRCUzRA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3a69c1ddca98dabb378d829b3a9279f5.safeframe.googlesyndication.com
6559e625a131bf5147f5aa56845625c4.safeframe.googlesyndication.com
6c999d49-58b7-4970-b6a9-84a6f472bb3e.t.ssp.hinet.net
7afaf970d13870117cfa822d98746727.safeframe.googlesyndication.com
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
adservice.google.com
adservice.google.fr
ajax.googleapis.com
anymind360.com
bidder.criteo.com
blog.alphaloan.co
bw.scupio.com
c.holmesmind.com
c0e005b7a509c0da35c9243388984091.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cnt.trvdp.com
connect.facebook.net
creditcards.com.tw
csi.gstatic.com
eus.rubiconproject.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i0.wp.com
imasdk.googleapis.com
img.gbyhn.com.tw
img.scupio.com
m.holmesmind.com
mma.prnasia.com
mug.criteo.com
p.trvdp.com
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
pubads.g.doubleclick.net
re-news.tw
rec.scupio.com
referer-log.holmesmind.com
region1.google-analytics.com
reurl.cc
rr1---sn-apaapm4g-apae.googlevideo.com
rt.ad-score.com
s.trvdp.com
s0.2mdn.net
scontent-cdg4-1.xx.fbcdn.net
scontent-cdg4-3.xx.fbcdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
sync.aralego.com
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.googletagservices.com
www.rayskyinvest.com
www.youtube.com
www.facebook.com
103.132.192.30
13.113.235.121
13.32.99.110
13.32.99.37
139.162.78.222
142.250.185.98
143.204.215.39
143.204.89.50
151.101.65.55
162.210.196.208
178.250.1.11
192.0.77.2
192.0.78.135
192.0.78.236
192.96.203.13
2001:4860:4802:34::36
203.69.60.96
203.69.60.97
203.75.214.136
210.59.219.34
23.212.211.47
23.56.202.187
2600:9000:223c:aa00:0:e06c:e940:93a1
2600:9000:2250:b800:3:1794:2540:93a1
2606:4700:20::ac43:47fe
2606:4700::6810:5514
2606:4700::6810:fc04
2607:f8b0:400d:c0f::5e
2a00:1450:4001:803::200a
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9a
2a00:ba61:0:126::c
2a02:2638:d::2
2a02:2638:d::a
2a02:2638:d::d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f08e:219:face:b00c:0:3
2a03:2880:f08e:3:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3121::3
34.102.176.152
34.204.114.221
34.95.67.231
35.185.130.121
35.185.136.122
35.186.215.140
35.190.36.98
35.201.76.93
35.208.216.174
35.227.194.51
35.227.249.156
35.244.196.223
35.73.17.156
35.79.93.246
65.9.66.101
69.173.144.139
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
00cf90a75740d2abf95909398ddcae9e15b37f34ab5d3557164bcfc2be9ee600
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
0444b1b5042af5960f90af7acf447c51296ab8f2a25dbe19bd06b043a5099f57
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f
0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
12bfdb0fa8e9c1df655e569fb27015d8e5cd3ff493ab191c47c5a552d621cc82
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
13c6ae2cace8d583fdb484388cdb6d1d00e2c8ad20914b6d4ff4c6d209a80a06
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
15eb7435fb21735b46e2678b269a02d08997954c54ed8bfacd0f8c44b40236e9
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
171804a6fba37601e88d08f781560b483d8be6c763e76f2f2d42dd2c0346616c
1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1bfc2e2068ee2ce434a9273fee1accffeeacdad69ce3c220d9daa5fbed639a62
1dec3f8850c7d132a183fa9a451245ee68bed33dab3da5fe1dce2c7c71232ec5
200ef97a4ddfb724323a78acf5ac4565b869c9916c26f5e3e04a2a0622759f52
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
224b4341984701b19f02e42d32822b7783707a38b73ed199534d252f5245fd4f
260bf19c10fe727e812abcc7a51c337ccdee3c90ca92ac068293f606ce85017a
26bd909327013c41bbededbdffbf3f99275825a3d019b970905131b975852f33
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
29e3c9f8912162548ee7aa860f6fbb84c0f890858c997b69e63d78ccc61b8d9f
2b5db8e470470e1b9e5034b6cc6ff27da56601ed7137eb20d0c307a1217fea2a
2cdc22c65a7844cbcdbb680bc9564ec847ff4979b4f2d317d255fc2f7c9d329f
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
31668a5ba57259635575401d1228d49c3e995d4106b78d128f81e816df4d3685
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
33727cd7b09ccc39017b45fe0fae4921e6f7c5669aa8c544fcc60aba874cb77d
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3734c01100f54eb39e2612827645a197465b209f0b058efd22d2aa04f34fb66c
3906fa97c5adf05a3cc37ba28a77469d689c1ad4e48424724abe8c3e2a79baa0
3a6cd22aedbd56745488e6a0c6387a92aa7919102ab24f7aeae10dbd6ca123dc
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3d0ad39da4b97698ffebd5d583a5f8af1198104fc4570fc254d3f5f1c1355376
3d9a612f852ba9f3564e53516bcd21b0283341c3b3655c3f439f2e84bdc4faa2
3f69630ede703f500c5dee83d1cf15469265993951d2397c134da8f60af3cfdf
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43cef17a32d6403565654fc0972e73949f5cdb2c7e51830898b0738078f89f56
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4420cb2de37c9758c356de714a235385d18759cfea20e97ac6668d2a045edd80
44fe894b9de783a018880c44e907c76712c95e0f7965849404747b19305b3ce3
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4793a27348526aa6ae635c6eaac52c87c51275e4687f45e394ce9266a2bd85d7
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b
4a79d6f759283d99062dab2ca98ef817e90a076f6d407cb8ed4e8c47be43f88c
4ce58bc0abc8b73877c4e7a8d30c40a193e10f8ab8ce5eb518e1dfeac525de4d
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
4e00162dce4a5898ee65feca65f0e7ab6d7cebf605e9b55495cc12d3a572dba1
4f2550e7b2d196012cba43a5342aa57a7a577c7b212f0f168be54b0ba7ba90b0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fb82d91fa40f2076bd6f6ea140fb8a8463963fc769ce2a967ab9533e5a1127b
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
542d7b76e782411217c025c99777d8d1c29f1a2788e1129ccb78d5f6625890c8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564d0cec8fcd3d283892d8df0b7c42eb20bc51bf9051967ba6255899491df633
56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1
5700bfcb505c60e0f1a05212cb1f4d394dee20e56920da711271b926938f4d6b
5ad2688e01ce6c1fb55c10933b2fb2f58eadb57f741c9c600b87c7a28be1b456
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
5f6295339ecc001a5aad57f7f19f6f26dbfa9a5fbadb83c8ed02400e1890539b
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64ddcd1b63de5ac31289f308e1f2510236cdfa328406d0c35dfcfc7526e2b185
664bad5b9fb7cae627480f4bf8f143a59965622aaa076badc72dfd1277bb73a8
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67988687e1abdb7513a40ec60f8ed45c834949e86c1c9fa76983d00590ce0da4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74
6bf610146b70bb0bc3bdbb3ff2c0a812a31915d1abfcfe2e60b4398012f6a084
6edd68731e514566c05a3e9332505817102a8b5db834a80176856647b4162ad9
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
75e8698416aa97f5ab1ae138d244f481311cf60eb4bda64c511edb834eb6fb77
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7ff1c799fcf5d2b13dce465899beeb94eb09dfe26eaeb80ba08aca3bf0fbc987
8147d9b52e7fd16d9527f6d94a3706ec4ec9dc76800703cdbdf365b230963a47
8148f9d824b7e3e14f3cfc9d489abb3625ccf446b1dec8e53a1b6ac213b8457c
81a83ad8c65b893ec909609444e653b7e0be9395ccf59016e03284e0d1a13844
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
86df418d759487f91b379ac929723336e45cf28b31395bb383bc4439b2150125
8803f9e3490b2ba4a229876fed8a04b0415032bf855227242b80b6ca6bc06f21
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671
8aa2fd2ba5f420936e45859aa1a7bdd856759604a02f91e1cc67ece7faa7de26
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7
8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
8bdace21591d96e28d3e50f1d2d619ded80e02d5b6f17c5d6c187591f5198508
8c80a750fe1491cd99b4b774c84102f3524ad54b1caa314391e6a5846dd88b56
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
92f9f001e9f335dc3ba11338e516af016b641679e9195f7aeb9a753b05ee750a
9521562582cce8c20dc4e62e619a707d5484ee08f7ae6644888bbe19637afee7
96ab2c962212f8af22ffc89817fe5094db6a0d27b8cbaacd34323aa9007ca7fa
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
984234e80c878bba750a5458e564e2851c83c88bc84c0e7d26d423037fda7a2d
9c625b2dee0ad6874d1a0ad9f5af6af48f9fdb74e2db20a8e39fc8536636a38e
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9dcb97a68a752b64c7962e23147454a8269d1ff3434d635371f673b26ffbe494
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ef1fddce92642f05db3ac9ab0c8f72c573cad67532f2abe0e5c2bbe1dce407f
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6
9f7bd306a36a6bd71f0e45a65367f0e48082255d89a849874c440bdf201a2551
a0d8f6dd60f1d780db1417895e3d28a0285fc4c4a7b2215f4b88982dd069a681
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
a43d6826bf5648f544c51c8f4be5ad3aefc15c724868de6c0fac6f216e1175fa
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5dd117eeb441594968e0e44a98ea21e03e9c5778233b43df994909442d18833
a7b7fd1f23b83c777ba7875de33710da9c2d25c2cd8ae130364870acc294499d
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa57cab032036971a3cd699753f9b38ebe9b80fcba419c8153388e33b941e491
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
ae0eb1b845a230c95797960ef35b67e243364a04440b56a32cc723c80418badd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee80027210ae75f2e8fb3327baa7cb67340c226af488b7aeba254096073e4e4
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
ba5e7bb0e889bfc0c49670758735c0a05fe1c395d1b3d8a569ff84ebd7676e28
bc344e2de5408abbf807cbe3ac1d6748df67fa270e4f679e1e16376b049bfcfa
bcfafe22b8e5b8ecc7968f696adf971ba72c181c438bce9bd34a0dd6a2eeed2a
be35f43ec965ec35ede5aff287f5238e3fd4ab80f5953b0e63d98351ad572e5c
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c09b6c73cf4770126260625233af685c356cd39329f6d99d9c8e574a8d7acedc
c0dd6bab5cf6dbfe257549d1d98e2f13884bf4a8084ecd5dc90f14b2c2cc8ee6
c363d8d02bbcf937db6da67eb083cb6bbbd416255901f974b2c5d59c0e6e1eeb
c776814cf728ec02e050a5cec7108742050e4783f7aff9a1b432ba847985ba04
c776eeb886a53d0037dc5e54f5c25c0a467b8b4a5bfaa8d3493280de33f2494a
c8c9b3a47d4d01d1f563d6e894ae1c04eb0e7a9e3d5c2ea2bd6c5821643f53ef
c8fcb56caf9cbe84a2f9bf49ffdad370f4d26f2988d7565a10be0bb2f40cc826
c9aaf4004039d5ff52eb1349fe0caad024453df1de1fb739611732659af1fe99
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
ce6009784549f23bc40aad1f3d36249eaea5ec40bda20b7d6fde9d991ec5d3ba
cfb9efc885f20a99b4de4a37da33b3d25262b880f14df6b13aadd0c3e3754944
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d58ed0b854ee1abbf7fd5589cb56700214cad63aea103aa15472bec664a4e5e3
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0
dc6ea806465fdf1a48a1a18d760c4c1c34b7679044d3a3a93d7a84c8a93648fd
dc71dd0711e1e34c13aee1a80f75405469eafd22740d6002704612aba7c0bf6b
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e1badd34aa9dc95375d7b705fdb0549bf91bcaf5c788acc6f75d4e56e3b392ed
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e2dcaecf27d014836fa96a52d4670749ed931bec7d9a0e28cf51a0d1f5c4fd08
e2efa959490e8690ee22e57c7f551571aece6416129ce186cb86edee761b7973
e33bdba6d6f3c2bad88f882a4d269c5af1fce07b2093d601e2b4dcaa7d1b78e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e927a36fd3ed96e5651c982cb686a5a63221228336be12442a1149bbea3e93b6
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
e9deabf9bce626df13b63392483730a9a288b4e9ad831c3ae4bc9067b01c139a
ea8b9b393a2914eeed95889a14481c60d628fa1de7fc8a24f5e7e187aa5af76d
ee4a3ff29706d334b665b5631d7f3d22de61016097a64c83cb0ecef9da4bd0d5
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef60d4e301c3e05ac60acef0d2d239fc29ac4ec9dd539463986d357d230bf3ad
f291a1b521c7dcb68cdcccd779552796eb231f04beb3341115f65dd3e41f8f57
f2c2202fdd3403d84d4ccacdcb4f8fd66b00af46808097f4332242536fa28c45
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
f9e5aa0fb28ac99f2b3eab96136b09e35b7a7d1eb8f0de20a1a1d115560d9372
fa299277b361bb926ed4fc05fcc7515673f288d7baefbc37faee5ce5a43e4146
fd0544bff11e121201c062fc6a55c35a56856ddaf573ecd02eb397cc48e5c6ad
fda868c63d69eb6fa8e6bae75a033cbf2958f5f23d6c4d8e85d9aba612b39292
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
fe3c06eeffb10add536e52ac60fb6cccc3ea545d6fa16231830de8c4630d4851
fe5f9124c8f43688997b9be0920c82860c284410f6183f447608e05ed39a3d14

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

525 Requests

96 %HTTPS

49 %IPv6

41 Domains

80 Subdomains

70 IPs

7 Countries

8616 kBTransfer

16381 kBSize

38 Cookies

21 Outgoing links

Page URL History

Redirected requests

525 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

525
Requests

96 %
HTTPS

49 %
IPv6

41
Domains

80
Subdomains

70
IPs

7
Countries

8616 kB
Transfer

16381 kB
Size

38
Cookies

525 HTTP transactions
10 data transactions