urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/N0z0k
Submission: On June 15 via api from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 61 IPs in 4 countries across 43 domains to perform 295 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 231147.
TLS certificate: Issued by R3 on May 22nd 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 35.185.130.121 396982 (GOOGLE-CL...)
3 2a04:4e42:200... 54113 (FASTLY)
1 151.101.65.55 54113 (FASTLY)
15 203.75.214.136 3462 (HINET Dat...)
1 2404:6800:400... 15169 (GOOGLE)
26 2404:6800:400... 15169 (GOOGLE)
1 35.186.215.140 15169 (GOOGLE)
1 54.192.150.68 16509 (AMAZON-02)
30 2a03:2880:f00... 32934 (FACEBOOK)
6 2a03:2880:f10... 32934 (FACEBOOK)
4 2404:6800:400... 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2600:9000:200... 16509 (AMAZON-02)
7 2406:2600:7:1... 55569 (CRITEO-AS...)
4 2404:6800:400... 15169 (GOOGLE)
1 35.244.196.223 15169 (GOOGLE)
3 6 2406:2600:7:1... 55569 (CRITEO-AS...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
5 2404:6800:400... 15169 (GOOGLE)
1 7 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 192.0.78.25 2635 (AUTOMATTIC)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 35.185.136.122 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 192.0.78.187 2635 (AUTOMATTIC)
1 35.190.31.54 15169 (GOOGLE)
1 2600:9000:200... ()
1 192.0.77.2 2635 (AUTOMATTIC)
3 2a03:2880:f00... 32934 (FACEBOOK)
3 182.161.73.136 55569 (CRITEO-AS...)
1 13.35.8.69 16509 (AMAZON-02)
10 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
33 2600:9000:229... 16509 (AMAZON-02)
18 2404:6800:400... 15169 (GOOGLE)
1 13.224.249.20 16509 (AMAZON-02)
3 2404:6800:400... 15169 (GOOGLE)
5 35.244.159.8 15169 (GOOGLE)
8 52.68.130.185 16509 (AMAZON-02)
4 34.95.67.231 396982 (GOOGLE-CL...)
3 7 35.201.76.93 396982 (GOOGLE-CL...)
2 13.227.254.27 16509 (AMAZON-02)
2 2 35.71.131.137 16509 (AMAZON-02)
1 1 202.241.208.57 4694 (IDCF IDC ...)
2 2 13.33.88.20 16509 (AMAZON-02)
2 5 172.217.194.154 15169 (GOOGLE)
4 2600:9000:23d... 16509 (AMAZON-02)
5 18.179.245.61 16509 (AMAZON-02)
5 2a03:2880:f00... 32934 (FACEBOOK)
6 12 35.190.36.98 15169 (GOOGLE)
6 6 139.162.38.30 63949 (AKAMAI-LI...)
2 103.132.192.30 138552 (RTBHOUSE-...)
4 2406:2600:7:1... 55569 (CRITEO-AS...)
1 13.33.88.89 16509 (AMAZON-02)
1 35.208.216.174 19527 (GOOGLE-2)
20 2404:6800:400... 15169 (GOOGLE)
1 35.227.249.156 15169 (GOOGLE)
1 210.59.219.34 3462 (HINET Dat...)
1 2 209.58.168.56 59253 (LEASEWEB-...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 103.254.153.160 59253 (LEASEWEB-...)
1 2404:6800:400... 15169 (GOOGLE)
295 61
6    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
3    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    151.101.65.55 (United States)

ASN54113 (FASTLY, US)
anymind360.com
15    203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
a193f8ce-100d-4c5b-ae4e-bed67be77dd0.t.ssp.hinet.net
1    2404:6800:4003:c00::61 (Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
26    2404:6800:4003:c06::9a (Singapore)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
1    54.192.150.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-68.sin2.r.cloudfront.net
img.scupio.com
30    2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
6    2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2404:6800:4003:c00::65 (Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2404:6800:4003:c0f::9d (Singapore)

ASN15169 (GOOGLE, US)
adservice.google.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2600:9000:2003:9a00:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
7    2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
4    2404:6800:4003:c04::84 (Singapore)

ASN15169 (GOOGLE, US)
5ecd6fb663626684e5228d5bd4f14295.safeframe.googlesyndication.com
9640397cd4bc5acb9ae56a6c193c668e.safeframe.googlesyndication.com
8afd381351d3d47ad1ccb6ab3494a128.safeframe.googlesyndication.com
9e3bf5e9367f37edaf91526beaeef189.safeframe.googlesyndication.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
6    2406:2600:7:100::9 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
5    2404:6800:4003:c01::9a (Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
www.googletagservices.com
7    2404:6800:4003:c0f::68 (Singapore)

ASN15169 (GOOGLE, US)
www.google.com
1    2404:6800:4003:c02::5e (Singapore)

ASN15169 (GOOGLE, US)
www.google.com.sg
1    192.0.78.25 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    2606:4700:3034::ac43:961f (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    35.185.136.122 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 122.136.185.35.bc.googleusercontent.com
re-news.tw
1    2606:4700::6810:fc04 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
1    35.190.31.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.31.190.35.bc.googleusercontent.com
www.rayskyinvest.com
1    2600:9000:200a:5a00:1e:5c56:d400:93a1 (United States)

ASN- ()
static.wixstatic.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
3    2a03:2880:f00c:10d:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)
scontent-sin6-3.xx.fbcdn.net
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
1    13.35.8.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-69.sin5.r.cloudfront.net
cnt.trvdp.com
10    2404:6800:4003:c01::84 (Singapore)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2404:6800:4003:c11::5f (Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
33    2600:9000:229f:7800:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
18    2404:6800:4003:c06::84 (Singapore)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    13.224.249.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-20.sin52.r.cloudfront.net
go.trvdp.com
3    2404:6800:4003:c00::5e (Singapore)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
8    52.68.130.185 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-130-185.ap-northeast-1.compute.amazonaws.com
cm-dev-poc.holmesmind.com
4    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
7    35.201.76.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
2    13.227.254.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-27.sin52.r.cloudfront.net
stg.truvidplayer.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    202.241.208.57 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    13.33.88.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-20.sin2.r.cloudfront.net
cr-p3.ladsp.com
5    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
4    2600:9000:23d2:7400:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
adcdn.holmesmind.com
5    18.179.245.61 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-245-61.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
5    2a03:2880:f00c:212:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)
external-sin6-2.xx.fbcdn.net
scontent-sin6-2.xx.fbcdn.net
12    35.190.36.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com
ad2.apx.appier.net
6    139.162.38.30 (Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1451-30.members.linode.com
gocm.c.appier.net
2    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
4    2406:2600:7:100::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    13.33.88.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-89.sin2.r.cloudfront.net
s.trvdp.com
1    35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com
rt.ad-score.com
20    2404:6800:4003:c0f::9a (Singapore)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
1    210.59.219.34 (Houzhuangzi, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net
prebid.scupio.com
2    209.58.168.56 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
3    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    103.254.153.160 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
sync.aralego.com
1    2404:6800:4003:c1c::9b (Singapore)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
62 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 149717
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 157447
fcm.holmesmind.com — Cisco Umbrella Rank: 175417
c.holmesmind.com — Cisco Umbrella Rank: 116521
adcdn.holmesmind.com — Cisco Umbrella Rank: 163939
ad.holmesmind.com — Cisco Umbrella Rank: 121305
m.holmesmind.com — Cisco Umbrella Rank: 303135
891 KB
44 googlesyndication.com
5ecd6fb663626684e5228d5bd4f14295.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
pagead2.googlesyndication.com — Cisco Umbrella Rank: 133
9640397cd4bc5acb9ae56a6c193c668e.safeframe.googlesyndication.com
8afd381351d3d47ad1ccb6ab3494a128.safeframe.googlesyndication.com
9e3bf5e9367f37edaf91526beaeef189.safeframe.googlesyndication.com
204 KB
35 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 659
scontent-sin6-3.xx.fbcdn.net — Cisco Umbrella Rank: 34873
external-sin6-2.xx.fbcdn.net — Cisco Umbrella Rank: 186746
scontent-sin6-2.xx.fbcdn.net — Cisco Umbrella Rank: 31277
853 KB
31 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219
stats.g.doubleclick.net — Cisco Umbrella Rank: 124
cm.g.doubleclick.net — Cisco Umbrella Rank: 244
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
654 KB
18 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 44047
gocm.c.appier.net — Cisco Umbrella Rank: 2634
3 KB
15 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 73284
a193f8ce-100d-4c5b-ae4e-bed67be77dd0.t.ssp.hinet.net
17 KB
13 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2114
bidder.criteo.com — Cisco Umbrella Rank: 742
22 KB
12 google.com
adservice.google.com — Cisco Umbrella Rank: 107
www.google.com — Cisco Umbrella Rank: 3
4 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 387
218 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1383
google-bidout-d.openx.net — Cisco Umbrella Rank: 1387
us-u.openx.net — Cisco Umbrella Rank: 492
jp-u.openx.net — Cisco Umbrella Rank: 9796
2 KB
7 criteo.net
static.criteo.net — Cisco Umbrella Rank: 583
97 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
52 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 231147
6 KB
4 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 29258
sync.aralego.com — Cisco Umbrella Rank: 2985
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
223 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
21 KB
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 13297
41 KB
3 gstatic.com
fonts.gstatic.com
79 KB
3 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 36431
go.trvdp.com — Cisco Umbrella Rank: 32478
s.trvdp.com — Cisco Umbrella Rank: 34089
146 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
92 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
59 KB
2 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18939
341 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 20164
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 375
968 B
2 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 28670
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80
2 KB
2 re-news.tw
storage.re-news.tw
re-news.tw
31 KB
2 scupio.com
img.scupio.com — Cisco Umbrella Rank: 97253
prebid.scupio.com — Cisco Umbrella Rank: 81827
2 KB
1 ad-score.com
rt.ad-score.com — Cisco Umbrella Rank: 20501
717 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1091
854 B
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3755
622 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5422
332 KB
1 rayskyinvest.com
www.rayskyinvest.com
31 KB
1 alphaloan.co
blog.alphaloan.co
181 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 728019
88 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
83 KB
1 creditcards.com.tw
creditcards.com.tw
61 KB
1 google.com.sg
www.google.com.sg — Cisco Umbrella Rank: 11834
408 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509
2 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1553
8 KB
1 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 127488
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
85 KB
1 anymind360.com
anymind360.com — Cisco Umbrella Rank: 17979
31 KB
295 43
Domain Requested by
33 cdn.holmesmind.com securepubads.g.doubleclick.net
cdn.holmesmind.com
ad.holmesmind.com
reurl.cc
27 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
26 securepubads.g.doubleclick.net reurl.cc
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
ads.aralego.com
22 pagead2.googlesyndication.com reurl.cc
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
18 tpc.googlesyndication.com reurl.cc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
13 t.ssp.hinet.net reurl.cc
t.ssp.hinet.net
cdn.holmesmind.com
12 ad2.apx.appier.net 6 redirects reurl.cc
10 cdn.ampproject.org securepubads.g.doubleclick.net
8 cm-dev-poc.holmesmind.com cdn.holmesmind.com
7 c.holmesmind.com 3 redirects cdn.holmesmind.com
7 www.google.com 1 redirects reurl.cc
tpc.googlesyndication.com
7 static.criteo.net securepubads.g.doubleclick.net
cdn.holmesmind.com
reurl.cc
6 gocm.c.appier.net 6 redirects
6 gum.criteo.com 3 redirects static.criteo.net
6 www.facebook.com reurl.cc
static.xx.fbcdn.net
6 reurl.cc reurl.cc
5 ad.holmesmind.com cdn.holmesmind.com
5 adservice.google.com securepubads.g.doubleclick.net
4 bidder.criteo.com static.criteo.net
4 external-sin6-2.xx.fbcdn.net reurl.cc
4 adcdn.holmesmind.com cdn.holmesmind.com
4 fcm.holmesmind.com cdn.holmesmind.com
4 www.googletagservices.com securepubads.g.doubleclick.net
4 www.google-analytics.com www.googletagmanager.com
reurl.cc
www.google-analytics.com
3 cdn.aralego.net reurl.cc
ads.aralego.com
3 cm.g.doubleclick.net 2 redirects google-bidout-d.openx.net
3 fonts.gstatic.com fonts.googleapis.com
3 mug.criteo.com reurl.cc
3 scontent-sin6-3.xx.fbcdn.net www.facebook.com
reurl.cc
3 connect.facebook.net reurl.cc
connect.facebook.net
3 cdn.jsdelivr.net reurl.cc
securepubads.g.doubleclick.net
2 sync.aralego.com ads.aralego.com
reurl.cc
2 ads.aralego.com 1 redirects ads.aralego.com
2 prebid-asia.creativecdn.com cdn.holmesmind.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net google-bidout-d.openx.net
2 us-u.openx.net google-bidout-d.openx.net
2 match.adsrvr.org 2 redirects
2 stg.truvidplayer.com go.trvdp.com
s.trvdp.com
2 a193f8ce-100d-4c5b-ae4e-bed67be77dd0.t.ssp.hinet.net reurl.cc
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 oajs.openx.net 1 redirects reurl.cc
1 googleads.g.doubleclick.net reurl.cc
1 9e3bf5e9367f37edaf91526beaeef189.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 8afd381351d3d47ad1ccb6ab3494a128.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 9640397cd4bc5acb9ae56a6c193c668e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 prebid.scupio.com cdn.holmesmind.com
1 m.holmesmind.com cdn.holmesmind.com
1 rt.ad-score.com s.trvdp.com
1 s.trvdp.com go.trvdp.com
1 scontent-sin6-2.xx.fbcdn.net reurl.cc
1 tg.socdm.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 go.trvdp.com cnt.trvdp.com
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 i0.wp.com reurl.cc
1 static.wixstatic.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 blog.alphaloan.co reurl.cc
1 mma.prnasia.com reurl.cc
1 re-news.tw reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 creditcards.com.tw reurl.cc
1 www.google.com.sg reurl.cc
1 stats.g.doubleclick.net www.google-analytics.com
1 storage.re-news.tw reurl.cc
1 5ecd6fb663626684e5228d5bd4f14295.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 img.scupio.com reurl.cc
1 ad.sitemaji.com reurl.cc
1 www.googletagmanager.com reurl.cc
1 anymind360.com reurl.cc
295 73

This site contains links to these domains. Also see Links.

Domain
pcnews.cc
re-news.tw
youtils.cc
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2023-05-22 -
2023-08-20		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
anymind360.com
R3		 2023-04-28 -
2023-07-27		 3 months crt.sh
*.t.ssp.hinet.net
 2023-04-06 -
2024-04-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
feebee.com.tw
R3		 2023-05-02 -
2023-07-31		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-25 -
2023-06-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-05-28 -
2023-08-26		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2023-06-11 -
2023-09-09		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.google.com.sg
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
tls.automattic.com
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
gbyhn.com.tw
GTS CA 1P5		 2023-05-27 -
2023-08-25		 3 months crt.sh
re-news.tw
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
*.prnasia.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-08 -
2023-12-08		 a year crt.sh
*.rayskyinvest.com
R3		 2023-05-08 -
2023-08-06		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-05 -
2023-09-01		 6 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.trvdp.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-09-23		 7 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.truvidplayer.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-20		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2022-09-02 -
2023-10-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh

This page contains 47 frames:

Primary Page: https://reurl.cc/N0z0k
Frame ID: DF5207E20DC5AEB5389800B4BF3C537B
Requests: 56 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: F05D978FF06C1CB231CC4B0D5420CD48
Requests: 42 HTTP requests in this frame

Frame: https://5ecd6fb663626684e5228d5bd4f14295.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EF42D970DF4C9B3E8AB73535CC76A05E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: 300E4151D05ECDBABFED7A1EF576DBB9
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMpUk_aBgqI0lwO3X7ttpRsTkzIFXt1hT-39kDJb_qUQ09cQZ4dw-xSM0HESDRqeryNRH_SQBuKsOXO0aJ1NIlv3ENfTAuRR_g8LZ8j2Otz1pAbYqAx6zWaIcEqjHZ4D4VSQIFmtHRZxrQ7IDKzy-RoK_FNGsrtum_5ba8f9dVPB8Ct6FCIHsVR5ouHcg8_Zz78g3lFGlWpf7WDmc2GuGleNeAFLfoppCeZ22lFiniencW90idjSZAxP5dDu_Tuo5LjyERLcj__ro5cgwvviDrPnoROgy3iMLOK2r75a0aoZz8ts0H3UHvdKaqtTAjZ5Vp7QCH3sPrIi18GBPvljrrrUp6D1k&sai=AMfl-YTGtKE6H2DlR1RHpbxzdm7S5l6sGKEdKsrt5VHTAoUtNfF2Rz5ZLv-eVidiPTMSy1yX-YgyUaGvsgm9WiP5ZDl70ds_zQ_sbQn50QvJc68Eo69TjOJSVLZilJhMA8BQZ6rIYsnoHYlzNjP2ICcw&sig=Cg0ArKJSzM8uX-LqsD56EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B980314D076285086D0E49C3154B41CE
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs
Frame ID: 5A0A7D3C2AE0C81A9BDF1639F082984A
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXkxWTnEyNek6YiV9XFK5AWcyB_XW2gGwKvgG69ofarOSh13lyslruJ11C6vuDNyLBYF2fFkTmDYSs5zeVevqUyto99SxQGVrC4ksECUVkkhoxxoyx4W3pbLJaMeSsHSdE5bNBr_TL7y473fq21VxF7DNNKNqONUMFGu0Wc3rLoZ7BqCemsUQNXeclmm6KyBZwLHOI1fmMKSV-cyO2hEIGzZJtkPP-jt_9vtno6C-xB-SboPgAN6HcPLs0bhcn0ufaTpiBpfJRP4mULRAzplp1cOAgwUZrAiu2yZAzGZcdJ7cfsp7BIHKTWYD2S5pXhwlKEH5GFCISjZJdcTnqCxKY9WYggCypHg0&sai=AMfl-YRdjGuvKCW1vPwwaNCilx1lDbnRG3R-BjpsMxQJE2jyMRPYmpW4ehhGt3Qo0SYqbSvOQj67vznABovoskvTgB-9eTr7dUM4fo6TiMmZAaFNlHoWzmap-h7z-5IJiZC8MrO-ZvHcGo0xOBLmZFA&sig=Cg0ArKJSzM1yJtEGPZDTEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7A28E7C793C8FA707FF7C562045616CD
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvdq3H_n_rEdzMEfGW5ZSfXwgxWCZIaAIiETpaoPMkmo0cf7PU4l4BFPhd20ZlNmmqqWNwS4yWqJCcBs61bnskq8fxlwnP006Tp6HhDuvKpg5ItA3RbPMp6vdNzj-mehiwZURWj9WxB3271XHS5l4oRSfZPHqceBwf1XTXSGmowePDyX8_Ky_z-WKSzGejb94jBtWUgFqsXs3xuTb9Y1f4cS_ogq-_Y1YAs0Qw1E5vTTclOvHTgAIEOeahxBZnJOe_9OIQ2HFYjGWZZeDWd3rveef_jHJ5rOSkwd1V3VHGPE7B0O7_FWRjJJehxyDo6BOaYa3I1bSk_3jrTLCtTkQqWozmJSOripI&sai=AMfl-YRz7l9_YaCaJsQfij_er6bWlU_KewIj_gn2lQkl1ULgr0DHF8I1v5IA9xnTbKhRdJ_XJgHrNpmzj4fTLI9f-qtKMDEY62zm2hU_BlWY_k_GFko2xu6uUmVcb9d7b5gdS5N7vmufAQ3qyGe4GDs&sig=Cg0ArKJSzJyyBKd4wCQMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5DCFC16007626DC04DE75D532009B89F
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxsO5UluetWx4aHM378GP95g-uty2d9v0uN4u7kS_QELylIYXImORgXRqViLfShHGjGQzsuSWXWAZgrfsatWG4Zuqw41-9pVH3aBF8EGQIpOWoVnH4Fpd-l88vbzQR977L3JWynbbeJALlLnNl7xMzrLUc2tr25N0O3VXnsIfV03g4wKGhVQDBWii0WKExz_XkEVCByHNfhpnL-iL53hcHq_Ux5-FQGffDaTVYZH402Us9OIZQQKxxW6hA0LquyAvug-K6XTKb4f7l8N5U6YfDalgfxy44n-LxaRX7wvZAtiX5fg49j5FRwdjhtpUQyHU_6X8DvoqiewwIFcmcEePAEEVgJU2dbPk&sai=AMfl-YRi8nCUbDCrghVDCOPuP1eXU4jdsZTet7zLSv9_MEMXMpqCL1AxVXN5rtppuh_MNAImhq3bu7Fj8x9RAiOXovUrZkLECk8SFxyfqha9HiYaJEbDS9C_FNSlJW-W3KrZb2tmXU4ddvAw010cQFI&sig=Cg0ArKJSzIjFS7e1yPKGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AC566A1D0393C4FCE412F3B867BF6995
Requests: 7 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 33466301B366E5635371C7514EF8F814
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 242AF6629EE1EF97001DAE37F96C8696
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 173B50E4D05FF2FFC4555931945FD551
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: B86DABAC1C0C31794C53D765FA08EBF7
Requests: 19 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: F03D63A44CDA6DE2A47C06BEB772E576
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 26AD4FA063ED819FDE83FD2F6CC3C643
Requests: 8 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 5C4DF0043CF9D168759FEAC4983F9F65
Requests: 6 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 29D6788F8994F3BB2EA06A3CA9E0DC1F
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 1E558A7AE560B50D709139C994DA8415
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 3FB1BE92690AE67B2F8BBB47D8EE884F
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 87FE673A3CAC2DC3FB4E7FFA70CB1FAA
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 469760C114A16CFB4A8AA4E1FAD1FAE4
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 304B7667C8FA136710FBF090FE50935D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/btad/v2-btad300250.css
Frame ID: 7787D2D3ECA6391BBFD2AFCAC9C91102
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 64369793A7399C737158A5FB813DAB0A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c
Frame ID: A4443412C7C6DF8288A9646A4FD2D576
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 357D90DC50350F3F80E83861E8959B53
Requests: 22 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: 80C3FCC93DF1A51233A329BE0C0437E8
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: B948C5A9E502D04D8BCF14B873303379
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 1DD9757046267E3E6391AE4AFF44120B
Requests: 8 HTTP requests in this frame

Frame: https://9640397cd4bc5acb9ae56a6c193c668e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 27429F0D4F55A2B387CCCDD4917F7B71
Requests: 1 HTTP requests in this frame

Frame: https://stg.truvidplayer.com/v5.802/prtct.php?val=f&geo=SG&timestamp=1686870733&level=0
Frame ID: A54E63756A382A89C65EE7B5C34BD4DF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 33C20934EB7CD58FAE0641ECC49653B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8EF11FF829497B9EE626689D56A3277
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Frame ID: 2730009EFF4497909328E51D3D8CE0E3
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 1C92AD8FF6330B2B1B91BE1626AE55DA
Requests: 8 HTTP requests in this frame

Frame: https://8afd381351d3d47ad1ccb6ab3494a128.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: E3D1E4281D0019CA41B2BF6B294A361C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4D0A331EF951E745C82D7BB19634D6B0
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 690E68090CC719ACC937A138FE45D54B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 123C204015E8E1B83FDCF60E84E91226
Requests: 2 HTTP requests in this frame

Frame: https://9e3bf5e9367f37edaf91526beaeef189.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: 748B8536DC1158B62E59AB4609B4BFCA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7375D7633C86D7431481C6CB75B49A4B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 57189FC1834060D351A1422C6DDF9EE4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs
Frame ID: 1F2B678549F484D3F61483D89D8BF1EC
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: D6CE019903AB796F7B366A493AA01464
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 7EB788F70FF2F62BD0CB69FF9213247B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F1B7805F5FD5E5FDC50F5AFED5C75CE2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A3D71B2E2234080D66EFBF17B73FFCAA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

295
Requests

93 %
HTTPS

45 %
IPv6

43
Domains

73
Subdomains

61
IPs

4
Countries

5249 kB
Transfer

11022 kB
Size

44
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FN0z0k&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FN0z0k&rid=esp&cc=1
Request Chain 63
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=CtwW9HxoRVRkSmFORGhZRWJFcjlzbFd6NDZ2a1JxWXExK2lXa2J0djlwVUFIeGgvdzQwcmtOWURFNlBDbytQSVpKRTYwRkJLV05YKzk3Z1hkNS9MZVFoNzU3c1lCazBTaXhJZ2lEMm1JVHFhVmRLV2ppTzROdjdCS1crc3JBRytmV09vRmhUc01ES2cvRkE2ZDBnRi9zaThEZloydFZFanJHbjNoSDR4UDc4RjdPbEdKcTFJWWZmbjJQNEs4SndmMWxqSEw3TXg4WlFYWWhMTDBWcFZDdmZzcTJjaTRiRFgrN1dMT3JPc2VEcDN5QUs2dzF2WUxueGgrY1RqS3JtY3RIeDVrMnJvOTdPWG1uazRGa1lsaDY1bXNsQT09fA&cppv=2
Request Chain 121
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 123
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 127
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 141
  • https://match.adsrvr.org/track/cmf/openx?oxid=c5923b8f-fb49-7feb-c70e-b065f3aa7b65&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=c5923b8f-fb49-7feb-c70e-b065f3aa7b65&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=dcbc777f-a1b7-47dd-9bc5-312e7441b21c&ttd_puid=c5923b8f-fb49-7feb-c70e-b065f3aa7b65&gdpr=0&gdpr_consent=
Request Chain 142
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZIuazMCo5s8AANiF43wAAAAA
Request Chain 143
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ae5bCc1jv78Nks8AD7MOpaLWB88AAAGIwVStxw
Request Chain 145
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO2Gg9vKkps4Y0vNFbw1fok&google_cver=1
Request Chain 165
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
Request Chain 167
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=TKj1D_3lDCev1BtdzJqLZA
Request Chain 168
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=iNamBfI-DOWeZKtgzJqLZA
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=249806-Lr2HSFEvOcUpiQ7zSREwm7rPsQQL1JcM&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=249806-Lr2HSFEvOcUpiQ7zSREwm7rPsQQL1JcM&uu_m=undefined&google_gid=CAESENpXJ1s0G-xuMWJICc4Cz74&google_cver=1
Request Chain 212
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
Request Chain 213
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
Request Chain 214
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
Request Chain 239
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 285
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 296
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=3x0Cnl9UOE5keGhxWWpYcyUyRmN2WWViMGtnUVFZdDZ1bWE4ZEc5JTJCeCUyQkR4djBNVWV1cUNKeG5KaEtEMFNvZ095aXVDN1pzSmhrT1Q0WldUd3hndUtOenlydVdYQjI2SlFuVW81WlhmWVU5NjM3UzI4cWx3cmVpYUVrQlVrblNWWmxwNmYwZk5RSUxkT1lqODFXcldvM0hya1d5emclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=AG6hh3xuR2lOTmhTaGljdFlTZ3dVVHZSakNMYk5VRlg4dGZ0Nmg4aG5HK01qWk5jbUxtUktGVk80TVl2MHZ3Ykd4NW9CYnFiSDY3SSs0V0JxRXNIenljZTgyUmR0clBvdnI4MER3WnVkNVJLNml6TFdjZEVKRDc2MWJ3OHNUOEhXU0JkNHhtTUcrNGxtek5GSk9Qa2E4WDhLdXRxWnU2YitDbFdNZllCWWc0OHFhSU1wUUFENllvV1FyOE5KNkYyQi9JMS9rQ1BBYms5TG9kb09ZQnhKaFMvVDVqR2RQY3pjNVhVMEpvRVlXMVpYeUhsampEb3pSNlNBQVRZYVBtdlBxaEI4bVQ0VnVyWFAyWFA3YUlJRFJBak11Zz09fA&cppv=2
Request Chain 299
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=3x0Cnl9UOE5keGhxWWpYcyUyRmN2WWViMGtnUVFZdDZ1bWE4ZEc5JTJCeCUyQkR4djBNVWV1cUNKeG5KaEtEMFNvZ095aXVDN1pzSmhrT1Q0WldUd3hndUtOenlydVdYQjI2SlFuVW81WlhmWVU5NjM3UzI4cWx3cmVpYUVrQlVrblNWWmxwNmYwZk5RSUxkT1lqODFXcldvM0hya1d5emclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=_0dk83xiRGV1ZzVWc2hKMWpFU0dXVncyVFMxMHNqMXh5K2dLWGwydGFib01zcVZmRUdHeXM4N3l4TStHY3RhOW5UTEpqKy9DTVpFdEZtbzZ6REhtYnFCbE0wdG5SMExudU80ZVJwazdWQTZha3AwNnFnaWVaZHB5R0lnUzNveSs5WlhGS1NGQUNkU2hMbFdhQ0VjL2RYOFY3c1ljeVFKZlpMelZvOVZVZ21CaGlRK0o2OU9IQkczZ0pTYUtITzdzSVVIM0dpVmg5WFR6M3BtYUdCaHpBVXNZSmJ6MkdnNjkwMXZmc2xiNFBicmE1STk2VHQ2dXRaNFRzR1ZTTWl1d0JKLzZPaTg1ZmZuVkFqQUJFMEViVk4wcHpaUT09fA&cppv=2

295 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request N0z0k
reurl.cc/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
188e3be5545c69b7d82fec5d1d7d935d25677b270fea5f418a7bc46bb94f376a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Jun 2023 23:12:10 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 15 Jun 2023 23:12:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
7985546
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25648
x-served-by
cache-fra-eddf8230028-FRA, cache-bom4723-BOM
x-jsd-version-type
version
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/N0z0k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-9f6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Fri, 14 Jun 2024 23:12:10 GMT
ats.js
anymind360.com/js/9479/ 		124 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/9479/ats.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3d9a612f852ba9f3564e53516bcd21b0283341c3b3655c3f439f2e84bdc4faa2
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Wed, 14 Jun 2023 21:02:06 GMT
date
Thu, 15 Jun 2023 23:12:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
94204
x-guploader-uploadid
ADPycdsXdIeWnE4MiU1bfv_mMFYi4YraCsUFZZ1t2s6hhFRFS6n2a8Rb6YEj-dVgmYDM244GnkwVKVTLaJqER3nhHIwV3OCzaUgH
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
31540
x-served-by
cache-tyo11954-TYO, cache-qpg1266-QPG
last-modified
Thu, 20 Apr 2023 06:30:15 GMT
server
UploadServer
x-timer
S1686870730.381297,VS0,VE0
etag
"952e4c8d56156d3e3cc5e40a9b199ed2"
vary
Accept-Encoding
x-goog-generation
1681972215759031
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=h0V3+Q==, md5=lS5MjVYVbT48xeQKmxme0g==
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
31540
accept-ranges
bytes
x-cache-hits
1134, 342
pixel.js
reurl.cc/javascripts/ 		429 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/N0z0k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-1ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Fri, 14 Jun 2024 23:12:10 GMT
utag.js
t.ssp.hinet.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 15 Jun 2023 23:22:11 GMT
js
www.googletagmanager.com/gtag/ 		245 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f61f2bb3a792e1484c951513072f7ae1b3fdea9f7e6143619e2cc84a3eb7c44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86610
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Jun 2023 23:12:11 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac4c88d5d589bde251a972c9d285c6776a048bc88b8d9d2baffa41c7165c7f4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25341
x-xss-protection
0
server
cafe
etag
997 / 19523 / m202306080101 / config-hash: 17639771211870587372
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 23:12:11 GMT
ysm_reurl.js
ad.sitemaji.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_reurl.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 23:47:15 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 20 Jun 2019 08:55:05 GMT
server
nginx/1.12.1 (Ubuntu)
age
84295
etag
W/"5d0b49e9-4488"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5880
expires
Thu, 15 Jun 2023 23:47:15 GMT
ad.js
img.scupio.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-68.sin2.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 15 Jun 2023 23:12:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
1371115
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33184
x-served-by
cache-fra-eddf8230020-FRA, cache-bom4723-BOM
x-jsd-version-type
version
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
reurl.cc/javascripts/ 		412 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/N0z0k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-19c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Fri, 14 Jun 2024 23:12:10 GMT
loading.js
reurl.cc/javascripts/ 		134 B
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/N0z0k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-86"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Fri, 14 Jun 2024 23:12:10 GMT
ga2.js
reurl.cc/javascripts/ 		536 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/N0z0k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-218"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Fri, 14 Jun 2024 23:12:10 GMT
fbevents.js
connect.facebook.net/en_US/ 		108 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Jun 2023 23:12:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27810
x-xss-protection
0
pragma
public
x-fb-debug
Q+U9ST3wyjNCSJpYFVU6pg2Al+2snw38/yoLMP9sZM7BjooaHaOTu2roQ2UObHgdJrOyYQZHjhvNsq2W/YPg6A==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
page.php
www.facebook.com/plugins/ Frame F05D 		95 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
578a4c21f936a17e4d85b994c66aaceec5d327a1fb990dc8fcf87de2f8ecc593
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 23:12:11 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
9SXBvN6K0ejpNV2cWq9DrNyA/Q1q2bYL+b6SF4LRb0emR0r9t15ppzw+tVDLmKB+L9mb7e2s7SAq1BnzTMRXCA==
x-xss-protection
0
1675200226052423
connect.facebook.net/signals/config/ 		151 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.107&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f90b99b85cee8e860ba32f67070803d3a004c828c511e1c79f4db457817a07e5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Jun 2023 23:12:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
42898
x-xss-protection
0
pragma
public
x-fb-debug
8iKm0yfP1yPUyK0IJrp4MN8X1LjrlVOqs+oPq7h6nxEb1GbsaUhyCNyGr+FitbevYRg+R4LAZuH8PhroeIKdaw==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/ 		404 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bbbc366133eebc269aa0b4c9893140db2b61666a03417b07923f8201846ed8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:01:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
15027
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127525
x-xss-protection
0
server
cafe
etag
1285551304932764827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 14 Jun 2024 19:01:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		550 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a57b89af110a4f2fe1576ccbe0c16a9bf6890ed81cc04c69f9ec9f7bb41314b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
279
x-xss-protection
0
expires
Thu, 15 Jun 2023 23:12:11 GMT
inferredevents.js
connect.facebook.net/signals/plugins/ 		71 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.107
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Jun 2023 23:12:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21675
x-xss-protection
0
pragma
public
x-fb-debug
p1tzHfNVLi8Mi7eH9LcOAovjrDjKC709Fmx+HvwlCHVtqccM3QGk6Tscr+tDL+faLnnKZqwHXw59cvdqmb4oqg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je36e0&_p=480316180&cid=1721945637.1686870731&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686870731&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FN0z0k&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::65 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 05:31:13 GMT
content-encoding
gzip
age
1014058
x-guploader-uploadid
ADPycdvCHSGMIvDhO0SX8J88AyDKiGl-B0dwA_lkbVSrLDPUs1nqrwHgqYJ0lr4LxTSfCMqAu26XHVGMOtTWvtJzAKCrSWfbZjNu
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 03 Jun 2024 05:31:13 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
42752
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-bom4723-BOM
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2003:9a00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
null
Date
Thu, 15 Jun 2023 02:54:13 GMT
Via
1.1 b4ef37917b36c601eeeeb55cdda4288c.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
77517
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
BkIqkj1jxGRk15e-_PRxeOvCKqRRK1LYQiA3h-MB8FAYpbvpx11_tw==
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Jun 2023 23:12:11 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		141 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=37536722020134&correlator=33881662683222&eid=31074948%2C31075065%2C31075352%2C44777901%2C31070233%2C31075339&output=ldjh&gdfp_req=1&vrg=202306080101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13856%2C14210%2C14209&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C1x1%7C320x50%7C300x100%7C320x100&ifi=1&adks=81851380%2C827794272%2C3242553145%2C3271617715&sfv=1-0-40&cust_params=url%3D%252FN0z0k%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1686870731122&lmt=1686870731&dlt=1686870730366&idt=721&adxs=245%2C245%2C625%2C245&adys=554%2C108%2C108%2C364&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Freurl.cc%2FN0z0k&frm=20&vis=1&psz=1140x90%7C380x256%7C380x256%7C1140x50&msz=1110x90%7C350x250%7C350x250%7C1110x50&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=1721945637.1686870731&ga_sid=1686870731&ga_hid=480316180&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY7NLSiowxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOzS0oqMMUgAUgIIZBIUCgVvcGVueBjr0tKKjDFIAFICCGQSGQoKdWlkYXBpLmNvbRjs0tKKjDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd9eea5acb86c9896e3bcf09e9aa9c94f7e9c0ac83e8de15ef1fb027f86d06e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28074
x-xss-protection
0
google-lineitem-id
-1,6297987529,6297900949,6297899953
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138432380646,138432357881,138432362607
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5ecd6fb663626684e5228d5bd4f14295.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EF42 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5ecd6fb663626684e5228d5bd4f14295.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 23:12:11 GMT
expires
Fri, 14 Jun 2024 23:12:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FN0z0k&rl=&if=false&ts=1686870731149&sw=1600&sh=1200&v=2.9.107&r=stable&ec=0&o=28&fbp=fb.1.1686870731147.1297854882&cs_est=true&it=1686870731011&coo=false&exp=a1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Jun 2023 23:12:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
feeds
storage.re-news.tw/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
43aaa5d15b2345c47190d5ae50c56f4c9a0f9bb0f4507d3e05c66607d08b6a0c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1ccd-lT0MB/HlpjbvSxH7gMUIjOos6qo"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7373
analytics.js
www.google-analytics.com/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::65 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Jun 2023 22:24:03 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2888
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 16 Jun 2023 00:24:03 GMT
syncframe
gum.criteo.com/ Frame 300E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 23:12:10 GMT
server
Kestrel
server-processing-duration-in-ticks
546253
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=480316180&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FN0z0k&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=255752315&gjid=552317283&cid=1721945637.1686870731&tid=UA-102456694-1&_gid=279173108.1686870731&_r=1&_slc=1&z=2015836759
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::65 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=480316180&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FN0z0k&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=&el=&ev=1&_u=IADAAEABAAAAACAAI~&jid=&gjid=&cid=1721945637.1686870731&tid=UA-102456694-1&_gid=279173108.1686870731&z=1584916400
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::65 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 23:53:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83917
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FN0z0k&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FN0z0k&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FN0z0k&rid=esp&cc=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
fd89fdd5f4b6b16d5d56eb18e5798c3b38fcecb925cffe76f1bcf1e80bef6982

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-wCX4YPFQDFbBPuTk/weIjvfgv3A"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 15 Jun 2023 23:12:11 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://reurl.cc
location
/esp?url=https%3A%2F%2Freurl.cc%2FN0z0k&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
stats.g.doubleclick.net/j/ 		8 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-102456694-1&cid=1721945637.1686870731&jid=255752315&gjid=552317283&_gid=279173108.1686870731&_u=IADAAEAAAAAAACAAI~&z=1815641479
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-102456694-1&cid=1721945637.1686870731&jid=255752315&_u=IADAAEAAAAAAACAAI~&z=363400115
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-102456694-1&cid=1721945637.1686870731&jid=255752315&_u=IADAAEAAAAAAACAAI~&z=363400115
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=37536722020134&correlator=33881662683222&eid=31074948%2C31075065%2C31075352%2C44777901%2C31070233%2C31075339&output=ldjh&gdfp_req=1&vrg=202306080101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=5&adks=3261691140&sfv=1-0-40&cust_params=url%3D%252FN0z0k%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1686870731248&lmt=1686870731&dlt=1686870730366&idt=721&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Freurl.cc%2FN0z0k&frm=20&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=1721945637.1686870731&ga_sid=1686870731&ga_hid=480316180&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb10c1824e7873b505840d3d7f66b7827bf2227ad9cd151646a9fc0c5e6a0a17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11750
x-xss-protection
0
google-lineitem-id
6263003938
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138428653768
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.ssp.hinet.net/ 		37 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
95c39df4b850727258bfdabdf84c2a837a9b0497604d4339cac48345f2a5ba46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
2022-%E7%8E%89%E5%B1%B1-U-Bear-%E5%8D%A1%E7%B6%B2%E8%B3%BC%E3%80%81%E8%A1%8C%E5%8B%95%E6%94%AF%E4%BB%98-3-%E7%8F%BE%E9%87%91%E5%9B%9E%E9%A5%8B%EF%BC%8C%E5%BD%B1%E9%9F%B3%E5%A8%9B%E6%A8%82%E6%9C%80%...
creditcards.com.tw/wp-content/uploads/2022/05/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2022/05/2022-%E7%8E%89%E5%B1%B1-U-Bear-%E5%8D%A1%E7%B6%B2%E8%B3%BC%E3%80%81%E8%A1%8C%E5%8B%95%E6%94%AF%E4%BB%98-3-%E7%8F%BE%E9%87%91%E5%9B%9E%E9%A5%8B%EF%BC%8C%E5%BD%B1%E9%9F%B3%E5%A8%9B%E6%A8%82%E6%9C%80%E9%AB%98-13-%E5%9B%9E%E9%A5%8B-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5cc3913449c85f4159838b5d9b8375599f333fd14d7f66bf4a96bf9a234787d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
2.sin _atomic_bur BYPASS
content-length
61932
x-nc
HIT bur 2
last-modified
Sun, 22 May 2022 06:05:08 GMT
server
nginx
etag
"ec4715b04c465868"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Tue, 21 May 2024 18:05:08 GMT
1682440374-ce0d7028a529f251967331bff970407b-840x525.jpg
img.gbyhn.com.tw/2023/04/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2023/04/1682440374-ce0d7028a529f251967331bff970407b-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:961f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45106ead645a12f7ddf9e6775ac73810783e3bacadba1521350802d6cb8a4e6b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43134
alt-svc
h3=":443"; ma=86400
content-length
84123
last-modified
Tue, 25 Apr 2023 16:32:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tvBfiXDY1O1SVtbAVH7qPSpPez0067EJzprFd4VXsvMEF8QrOde0Bmo6PiHvqXJNTdJpyRZK%2Fp7D9p9c%2BAqcZY8raPRQ9%2Fy6plPBisERIP%2FvIOjgvxkq%2BFMshJSIW1Pc7VXnCyE4L6JbeRkWYvy"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7d7e7f16ddaf3d8f-SIN
expires
Tue, 20 Jun 2023 17:15:11 GMT
renews-title1.png
re-news.tw/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.136.122 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
122.136.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
last-modified
Sun, 28 Nov 2021 04:19:19 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"61a30347-5fad"
content-length
24493
content-type
image/png
KV.jpg
mma.prnasia.com/media2/2099925/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/2099925/KV.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:fc04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
80a3fff5500524d534f893805d80c239e47a21498972c3cfd83898d0ed88b37c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
cf-cache-status
HIT
age
46392
x-powered-by
ASP.NET
server-timing
intid;desc=4bdefe973fdf8a1
content-length
89423
cf-bgj
h2pri
last-modified
Thu, 15 Jun 2023 10:19:19 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=1
accept-ranges
bytes
cf-ray
7d7e7f16da0e4a83-SIN
access-control-allow-headers
Content-Type
expires
Thu, 15 Jun 2023 10:19:20 GMT
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
strict-transport-security
max-age=31536000
x-ac
2.sin _atomic_bur BYPASS
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
184823
expires
Thu, 22 Jun 2023 23:12:11 GMT
ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94...
www.rayskyinvest.com/wp-content/uploads/2023/03/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/2023/03/ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94%A2%E5%93%81-750x375.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.190.31.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.31.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Thu, 15 Jun 2023 23:12:11 GMT
expires
Fri, 14 Jun 2024 20:30:01 GMT
last-modified
Thu, 30 Mar 2023 16:44:53 GMT
server
nginx
etag
"6425bc85-7a08"
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
31240
x-cdn-c
all
x-sg-cdn
1
file.png
static.wixstatic.com/media/08c74d_ba3a5eb8e092499c974acd5b3e418350~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		331 KB
332 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_ba3a5eb8e092499c974acd5b3e418350~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:5a00:1e:5c56:d400:93a1 , United States, ASN (),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
fe3c06eeffb10add536e52ac60fb6cccc3ea545d6fa16231830de8c4630d4851

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-seen-by
image-manipulator-6b469b496d-sbgkv
date
Sun, 11 Jun 2023 13:47:23 GMT
via
1.1 google, 1.1 db75d9999621c662b2eccf4f496b12aa.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
SIN52-C3
age
379488
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ZLgQmuAvdmGUhQZTfE1WkI1MkHEstvg4rICk1v6B9pVsBb0Bhyx0YQ==
content-length
338711
wix-tracer
2R3umJi4JNUlW4NqVHxehnDZh4S
1672766450-7-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/01/ 		621 KB
622 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg?fit=2560%2C1920&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
8377e96dd5a60df39397d22401247e3e3c51f9121019c3908cef680ab52603d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc
HIT sin 1
date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Jan 2023 08:56:02 GMT
server
nginx
etag
"a3380a855d512ea6"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg>; rel="canonical"
content-length
636186
expires
Wed, 08 Jan 2025 20:56:02 GMT
G9jX8CJohD9.css
static.xx.fbcdn.net/rsrc.php/v3/yj/l/1,cross/ Frame F05D 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yj/l/1,cross/G9jX8CJohD9.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4b42363366f30fef04c97f52eb3bb2bc0f8959f10dc2cd5720ee7c22c5d11dfc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0OyHOam2v06+cKchx5XJCg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7050
x-fb-debug
28MipvQobwapZq6qxPiqng2NpNkt9GiTrBTLmYG1Dq25bW73DjvNbv1N4dM+95zF8OxOWRtOcPqv+VMT+dwt6Q==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 14 Jun 2024 19:26:48 GMT
5Efu-Dd9ERG.css
static.xx.fbcdn.net/rsrc.php/v3/yu/l/1,cross/ Frame F05D 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/1,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27d6fbd16bd3dcc2355df4489d14ed6f89349471ffe55ece7eab5da3a8e9e5a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
V7eT1MReKRGIZc+s03MhsQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6398
x-fb-debug
k6cZ9Fe0vqDRryZKyEUfgRJ7mzPFiUiuS0rDUngi9093B4QGlix6q0APN6k+EUQIi7bSaKLhdohjjU/gBdWtIA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 12 Jun 2024 16:00:18 GMT
PjKqDKqCice.js
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame F05D 		320 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/PjKqDKqCice.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e2d93b24584df8c25977bcea447ab18f21a5802bda10d2535e5a17c0a570752f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PGXirhfkM5rkzR9AGvl09w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
85716
x-fb-rlafr
0
x-fb-debug
rP22w7NHd0ZhymOBPxJXAxTfJm2XgFPzf2tz0/JrUmTphwUQACG0m7zoXKIlbfivsF8qAsnRzuLqo3sz4HjSWA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 09 Jun 2024 02:25:58 GMT
qNTnhmBsX4_.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame F05D 		85 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/qNTnhmBsX4_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
60b4c8697c73df4d71743a99e6f78f0d9f62a2c8eea3bc1b59319adf52ba1348
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pRhjWPqrXDrbjQxIFg6X9A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26131
x-fb-rlafr
0
x-fb-debug
NbqqJ1Vwxdg7MYQMzpt6jcATmS9VM4FuTLkyq9iU6oGJkpNhP1TvFgy+IRpLF+qbIRtoJrkh6XqFnPQEmXWVog==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 12 Jun 2024 05:18:19 GMT
fzwi4DA_Jvr.js
static.xx.fbcdn.net/rsrc.php/v3iZSi4/yf/l/zh_CN/ Frame F05D 		234 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iZSi4/yf/l/zh_CN/fzwi4DA_Jvr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d9f0140f43474cb9aa7fcc86f5a9f3bb8c3902134d62c761db0e5b960cb39957
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
gB4LaWNogb8T3iP0gV4ttQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
67235
x-fb-debug
6glJ5ptB/kh8EqaBX1atJBaYjGcp1sn71UUIBl0fPt3iREAPp8wXNfawHrnvz3btawnwwAroArIwC4QaMHnX0A==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 12 Jun 2024 16:46:47 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame F05D 		507 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-debug
c+Pj240QxvGb8bxHM0rsWr3Z6ibmJBgzFtsb7O7wiMLCE4W4J6cx9tluRATFyxh/5ES02gBzZQ+bWsemJ6+KcQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 13 Jun 2024 21:03:37 GMT
RCW6h_5U8Bd.js
static.xx.fbcdn.net/rsrc.php/v3iTSw4/yJ/l/zh_CN/ Frame F05D 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iTSw4/yJ/l/zh_CN/RCW6h_5U8Bd.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f51f710d48d3dc383dbe738701b90ef9f662e0d281599da55380e7c5dcc68941
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
D/Z1aKw4NS5tM8mzhEurDA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30685
x-fb-debug
MHCpi6bRlPUdIMK4iFkydHJMx6VrkCnTaGXcSyO2tyj4VVsvj2DSYctiYarSIZzVIRQeLoV0+fk64aCkB5AaBA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 12 Jun 2024 18:27:24 GMT
jWshW8H10rp.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame F05D 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/jWshW8H10rp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
696d9aa7903a33103f86f27b18a63e4127b5dcb45b792d31daee9943fc87d2c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
TVfiGwzDVWohAnXa5zE1VQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14288
x-fb-debug
i03XUf3TF5SrYQ+JNb79CoNf3CDezLNYzrGQbBXDItIQ95Q4aso1DFtW1wMYVnsjIOJyzDP3vwAl/auxDN5zNQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 14 Jun 2024 16:47:02 GMT
RkOmhQjOlwf.js
static.xx.fbcdn.net/rsrc.php/v3i0b14/yV/l/zh_CN/ Frame F05D 		344 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i0b14/yV/l/zh_CN/RkOmhQjOlwf.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ecc648ad4462f122a8fef60fd36c58426a5559e857e958a6fc9c838b458a913
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
WtQTf/oJZpe20CgzRxF0pA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
82873
x-fb-debug
WwjphaFjiFjMhyz3nYUAdKSPLbLjmg4I1GFS8fkgNggjKwxl1r9WLLXqawFmLbKfh+MadggV9TivTFmpOpmgAQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 13 Jun 2024 01:01:57 GMT
LqL06R-kEWT.js
static.xx.fbcdn.net/rsrc.php/v3izYd4/yP/l/zh_CN/ Frame F05D 		391 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3izYd4/yP/l/zh_CN/LqL06R-kEWT.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
35b949317d90ae988aa71a81b11d042b38a18fb1c200824698b23529d726fa31
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vS6k/wYibv43gdBFcC36cw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93557
x-fb-debug
ZCISppNnpdqraXWVxUQ0B+DYYUOR8mKBtF1xJUS6Xxhe18h/p+NWjrvJTRqxQapOvXvMhiq5DM33ItAmFXJ0Bw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 14 Jun 2024 06:08:04 GMT
fcLf-s97t5O.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame F05D 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/fcLf-s97t5O.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bd2aef8889cfa7985515c78b0837c9380c6c15a260966dec4cd9512802d15672
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
p389hBcrgjaDb8gPPMGS+g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11018
x-fb-debug
3qARdVctrYtk58QYCOs1K4XDtRUuZM5sZ0BSbxHTpTKirOs0MIfGRrAJlR+9rZJybsmtw1iutt6KFRenKXMj7Q==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 13 Jun 2024 16:57:40 GMT
h8ulkmpky8f.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame F05D 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lbhbphR1BNPxW6RqDJiiow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15174
x-fb-rlafr
0
x-fb-debug
b+SQ338ubnPLr0GM/bMB52wI3NgKfUxY6VjPe5DCUF5NXgz0MA2OP0zc+Gu8rChNyXEK5PABTU9L3p5kxhVI0g==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 07 Jun 2024 16:41:52 GMT
FMMie_OL3wL.js
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame F05D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/FMMie_OL3wL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
62bf7e57ebc12f7a61aa36a8e4b4b25c8412f2212f91ff6f9b77d393245eecb1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vCUBJYYMHOYvLIAh94niHQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1575
x-fb-rlafr
0
x-fb-debug
s+KRerhM62Wsq/jcCPCCOQf21ymmkPankSnxEu8ftu2rbHAdYsI6TDkKlkfJMmzISmNy7xPMdqyrmBC2CmCu5g==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 09 Jun 2024 15:32:32 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent-sin6-3.xx.fbcdn.net/v/t39.30808-6/ Frame F05D 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sin6-3.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=dd9801&_nc_ohc=AcdpZS4yyOwAX_ETakQ&_nc_ht=scontent-sin6-3.xx&edm=ADwHzz8EAAAA&oh=00_AfAOIjjV9CVHvnasXiIF2W_K0cY1M8FbvA6J5xsykvKLag&oe=64902C05
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:10d:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
x-fb-trip-id
1679558926
x-fbtype
30808
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Fri, 13 Jan 2023 04:15:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1433450679
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2910780274
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
16853
305964663_450890893727816_1742559653774706626_n.jpg
scontent-sin6-3.xx.fbcdn.net/v/t39.30808-1/ Frame F05D 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sin6-3.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=61Pubbvhb90AX8sassa&_nc_ht=scontent-sin6-3.xx&edm=ADwHzz8EAAAA&oh=00_AfA4qFLiXvaa1aqL1xKZP1SYRfCc6RclNY_KMOCaI0sm4w&oe=6490E5D5
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:10d:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-haystack-needlechecksum
760809244
date
Thu, 15 Jun 2023 23:12:11 GMT
x-fbtype
30808
content-digest
adler32=2540016234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1345
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
sid
mug.criteo.com/ Frame 300E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=CtwW9HxoRVRkSmFORGhZRWJFcjlzbFd6NDZ2a1JxWXExK2lXa2J0djlwVUFIeGgvdzQwcmtOWURFNlBDbytQSVpKRTYwRkJLV05YKzk3Z1hkNS9MZVFoNzU3c1lCazBTaXhJZ2lEMm1JVHFhVmRLV2ppTzROdjdCS1crc3...
430 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=CtwW9HxoRVRkSmFORGhZRWJFcjlzbFd6NDZ2a1JxWXExK2lXa2J0djlwVUFIeGgvdzQwcmtOWURFNlBDbytQSVpKRTYwRkJLV05YKzk3Z1hkNS9MZVFoNzU3c1lCazBTaXhJZ2lEMm1JVHFhVmRLV2ppTzROdjdCS1crc3JBRytmV09vRmhUc01ES2cvRkE2ZDBnRi9zaThEZloydFZFanJHbjNoSDR4UDc4RjdPbEdKcTFJWWZmbjJQNEs4SndmMWxqSEw3TXg4WlFYWWhMTDBWcFZDdmZzcTJjaTRiRFgrN1dMT3JPc2VEcDN5QUs2dzF2WUxueGgrY1RqS3JtY3RIeDVrMnJvOTdPWG1uazRGa1lsaDY1bXNsQT09fA&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
cdb96899982f1784dfccb19484bdbceb6f6305c0eba0e3e672d1933e0834e1d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:10 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1112477
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=CtwW9HxoRVRkSmFORGhZRWJFcjlzbFd6NDZ2a1JxWXExK2lXa2J0djlwVUFIeGgvdzQwcmtOWURFNlBDbytQSVpKRTYwRkJLV05YKzk3Z1hkNS9MZVFoNzU3c1lCazBTaXhJZ2lEMm1JVHFhVmRLV2ppTzROdjdCS1crc3JBRytmV09vRmhUc01ES2cvRkE2ZDBnRi9zaThEZloydFZFanJHbjNoSDR4UDc4RjdPbEdKcTFJWWZmbjJQNEs4SndmMWxqSEw3TXg4WlFYWWhMTDBWcFZDdmZzcTJjaTRiRFgrN1dMT3JPc2VEcDN5QUs2dzF2WUxueGgrY1RqS3JtY3RIeDVrMnJvOTdPWG1uazRGa1lsaDY1bXNsQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
242916
content-length
0
expires
0
emome2
t.ssp.hinet.net/ 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=a193f8ce-100d-4c5b-ae4e-bed67be77dd0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame F05D 		573 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yj/l/1,cross/G9jX8CJohD9.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yj/l/1,cross/G9jX8CJohD9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
C04IeghHz7SFiWF1lmjhE08SUH5hdCu0tQnFSWTFHBt39IslGa26Hi5oecYuiB9LJ3JsOmwH6US8HJWOU4NJSQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 07 Jun 2024 00:08:41 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame F05D 		95 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19523.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1007691458&__s=%3A%3Aohc6zt&__hsi=7245054622525166673&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw6awZwaOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w&__csr=&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iTSw4/yJ/l/zh_CN/RCW6h_5U8Bd.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6419d1d9a6c49068144928b6ce8a9893f9639013fc3cf485312d03b8dd279645
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
mG0mPGaWkuv6Hl3XKFS81L
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Jun 2023 23:12:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-fb-debug
roVgjckMHBpKGFSVO/qWAhIYNWKqXplrhLcFSAythjNUFNflEn5zgrta6XWe2OuTXmwbvwuI6xpmlgoXBdtrWw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame F05D 		907 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iTSw4/yJ/l/zh_CN/RCW6h_5U8Bd.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
32634f03feb994e948aea6989fde937a698fe69842a1e40effbfe112e06b168f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
mG0mPGaWkuv6Hl3XKFS81L
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Jun 2023 23:12:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-fb-debug
ti0/DNUycIka5puOLTjgk/OrV26u4LtouzozU1wWqLDr0Ad1A2wNgaoQb8iZfOwTeamJqo55R4phYg1GQO1LuQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame F05D 		907 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iTSw4/yJ/l/zh_CN/RCW6h_5U8Bd.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b2bb04c3211bcbc0f33da2a3bec381097ada44146d9d958fdfdd8ff954797a87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
mG0mPGaWkuv6Hl3XKFS81L
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Jun 2023 23:12:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-fb-debug
9sencxfisiXOJ7vV7mNDW2WACuKgRg6Py2VwizZvVnxiPmjpn9DNJPYDrC/JMhX27q5Axd4PjMjqBa4Oy/ehzA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame F05D 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/1,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/1,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
x-fb-rlafr
0
x-fb-debug
r+yDQEEwT7l0J0gAH+7oYFg/A265vhDA63asKL1Nh6JW2Bjqfd11M5/oXa8vLoXZzl27bM94BlMpEJF5IBGvSQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 06 Jun 2024 20:43:39 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame F05D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yj/l/1,cross/G9jX8CJohD9.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yj/l/1,cross/G9jX8CJohD9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
x-fb-rlafr
0
x-fb-debug
g4lsjFDZDn3zGua9biOXcgtPzS+c4q2/m3N18k1Mksv22ObBk+7H+StdXMLcjGWTu5TnjWiEDDNmLD6+PP6PlA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 06 Jun 2024 22:57:52 GMT
YdAd7--E67K.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame F05D 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/YdAd7--E67K.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/PjKqDKqCice.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e14a24354718b94c97b14fc609d9402d5ca25ef997bbc340df91ebfdf3240ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fbib8dQZQV6mG3fUKbalkw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4641
x-fb-debug
qBoMbex98b3sOAz1R/GHe9AI9bnZ2/nvvBWhGh9CKIgVhFYsPLr/Oi8Zxo4kKvQEu0BAY3DFzfbl0seE5I+GXA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 14 Jun 2024 16:47:15 GMT
Es47YDVPeXV.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame F05D 		336 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/Es47YDVPeXV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/PjKqDKqCice.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e615adecfab746b03bbc503bd5a48ccb8c5a1c233795efe9a6ec52f49c72342a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
U0JoHf1vLn5iLsipWkTuGQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74335
x-fb-rlafr
0
x-fb-debug
CJQpH7Ty06wxDUWufkmuEFm4pceo0BkhnnssgOOkpXvyjns7RANn09+N+9a9+k4E2blShLwXM3Y+V0otfrhgpQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 11 Jun 2024 20:50:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B980 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMpUk_aBgqI0lwO3X7ttpRsTkzIFXt1hT-39kDJb_qUQ09cQZ4dw-xSM0HESDRqeryNRH_SQBuKsOXO0aJ1NIlv3ENfTAuRR_g8LZ8j2Otz1pAbYqAx6zWaIcEqjHZ4D4VSQIFmtHRZxrQ7IDKzy-RoK_FNGsrtum_5ba8f9dVPB8Ct6FCIHsVR5ouHcg8_Zz78g3lFGlWpf7WDmc2GuGleNeAFLfoppCeZ22lFiniencW90idjSZAxP5dDu_Tuo5LjyERLcj__ro5cgwvviDrPnoROgy3iMLOK2r75a0aoZz8ts0H3UHvdKaqtTAjZ5Vp7QCH3sPrIi18GBPvljrrrUp6D1k&sai=AMfl-YTGtKE6H2DlR1RHpbxzdm7S5l6sGKEdKsrt5VHTAoUtNfF2Rz5ZLv-eVidiPTMSy1yX-YgyUaGvsgm9WiP5ZDl70ds_zQ_sbQn50QvJc68Eo69TjOJSVLZilJhMA8BQZ6rIYsnoHYlzNjP2ICcw&sig=Cg0ArKJSzM8uX-LqsD56EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 15 Jun 2023 23:12:11 GMT
7942.js
cnt.trvdp.com/js/1250/ Frame B980 		535 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/1250/7942.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-69.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 06:26:55 GMT
via
1.1 33ccc45b55961a5a150d23d44de2958a.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 15:54:16 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
4898717
etag
"f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
535
x-amz-cf-id
kQSJENuRE4uYeYBKYggo2A2QOVe6FdIihtLjukhIeNlTcJSRAo95IA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B980 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 23:12:11 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305252018000/ Frame 5A0A 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 21:11:27 GMT
age
93644
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61795
x-xss-protection
0
server
sffe
etag
"7347aa4c83612bf7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 21:11:27 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 5A0A 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 21:11:27 GMT
age
93644
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5238
x-xss-protection
0
server
sffe
etag
"6efdfbd3c81d03c9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 21:11:27 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 5A0A 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 21:11:27 GMT
age
93644
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28864
x-xss-protection
0
server
sffe
etag
"51fe97ef57b83921"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 21:11:27 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 5A0A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 21:11:27 GMT
age
93644
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1896
x-xss-protection
0
server
sffe
etag
"9635e780e0a5dede"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 21:11:27 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 5A0A 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 23:10:24 GMT
age
86507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12956
x-xss-protection
0
server
sffe
etag
"bd37dd4c3b7b688b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 23:10:24 GMT
css
fonts.googleapis.com/ Frame 5A0A 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Jun 2023 22:26:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Jun 2023 23:12:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7A28 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXkxWTnEyNek6YiV9XFK5AWcyB_XW2gGwKvgG69ofarOSh13lyslruJ11C6vuDNyLBYF2fFkTmDYSs5zeVevqUyto99SxQGVrC4ksECUVkkhoxxoyx4W3pbLJaMeSsHSdE5bNBr_TL7y473fq21VxF7DNNKNqONUMFGu0Wc3rLoZ7BqCemsUQNXeclmm6KyBZwLHOI1fmMKSV-cyO2hEIGzZJtkPP-jt_9vtno6C-xB-SboPgAN6HcPLs0bhcn0ufaTpiBpfJRP4mULRAzplp1cOAgwUZrAiu2yZAzGZcdJ7cfsp7BIHKTWYD2S5pXhwlKEH5GFCISjZJdcTnqCxKY9WYggCypHg0&sai=AMfl-YRdjGuvKCW1vPwwaNCilx1lDbnRG3R-BjpsMxQJE2jyMRPYmpW4ehhGt3Qo0SYqbSvOQj67vznABovoskvTgB-9eTr7dUM4fo6TiMmZAaFNlHoWzmap-h7z-5IJiZC8MrO-ZvHcGo0xOBLmZFA&sig=Cg0ArKJSzM1yJtEGPZDTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 7A28 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c8cb45e58fd27dc7c8bfc38bf2f9f054d5247eb5bd44b0ad11b951d1b046089

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
6v_dRSAN3.Sh_q9QIVr24Zonsgc6rBs0
date
Thu, 15 Jun 2023 23:12:02 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:09 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
12
x-amz-server-side-encryption
AES256
etag
"f517955b5484f8d23bf779d49dba2ef7"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17022
x-amz-cf-id
qVFiy_T1jK1ddmnABTSmVJU9qxdDvtVsxc3KU8lEs8efkDDMupDDOA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7A28 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 23:12:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5DCF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvdq3H_n_rEdzMEfGW5ZSfXwgxWCZIaAIiETpaoPMkmo0cf7PU4l4BFPhd20ZlNmmqqWNwS4yWqJCcBs61bnskq8fxlwnP006Tp6HhDuvKpg5ItA3RbPMp6vdNzj-mehiwZURWj9WxB3271XHS5l4oRSfZPHqceBwf1XTXSGmowePDyX8_Ky_z-WKSzGejb94jBtWUgFqsXs3xuTb9Y1f4cS_ogq-_Y1YAs0Qw1E5vTTclOvHTgAIEOeahxBZnJOe_9OIQ2HFYjGWZZeDWd3rveef_jHJ5rOSkwd1V3VHGPE7B0O7_FWRjJJehxyDo6BOaYa3I1bSk_3jrTLCtTkQqWozmJSOripI&sai=AMfl-YRz7l9_YaCaJsQfij_er6bWlU_KewIj_gn2lQkl1ULgr0DHF8I1v5IA9xnTbKhRdJ_XJgHrNpmzj4fTLI9f-qtKMDEY62zm2hU_BlWY_k_GFko2xu6uUmVcb9d7b5gdS5N7vmufAQ3qyGe4GDs&sig=Cg0ArKJSzJyyBKd4wCQMEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 5DCF 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c8cb45e58fd27dc7c8bfc38bf2f9f054d5247eb5bd44b0ad11b951d1b046089

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
6v_dRSAN3.Sh_q9QIVr24Zonsgc6rBs0
date
Thu, 15 Jun 2023 23:12:02 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:09 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
12
x-amz-server-side-encryption
AES256
etag
"f517955b5484f8d23bf779d49dba2ef7"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17022
x-amz-cf-id
1etCcnF5caRorKCGZwQx5WBhFeJkpMdfbo003ZJ4f7IKWVT1aA2x8g==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5DCF 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 23:12:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AC56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxsO5UluetWx4aHM378GP95g-uty2d9v0uN4u7kS_QELylIYXImORgXRqViLfShHGjGQzsuSWXWAZgrfsatWG4Zuqw41-9pVH3aBF8EGQIpOWoVnH4Fpd-l88vbzQR977L3JWynbbeJALlLnNl7xMzrLUc2tr25N0O3VXnsIfV03g4wKGhVQDBWii0WKExz_XkEVCByHNfhpnL-iL53hcHq_Ux5-FQGffDaTVYZH402Us9OIZQQKxxW6hA0LquyAvug-K6XTKb4f7l8N5U6YfDalgfxy44n-LxaRX7wvZAtiX5fg49j5FRwdjhtpUQyHU_6X8DvoqiewwIFcmcEePAEEVgJU2dbPk&sai=AMfl-YRi8nCUbDCrghVDCOPuP1eXU4jdsZTet7zLSv9_MEMXMpqCL1AxVXN5rtppuh_MNAImhq3bu7Fj8x9RAiOXovUrZkLECk8SFxyfqha9HiYaJEbDS9C_FNSlJW-W3KrZb2tmXU4ddvAw010cQFI&sig=Cg0ArKJSzIjFS7e1yPKGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame AC56 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c8cb45e58fd27dc7c8bfc38bf2f9f054d5247eb5bd44b0ad11b951d1b046089

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
6v_dRSAN3.Sh_q9QIVr24Zonsgc6rBs0
date
Thu, 15 Jun 2023 23:12:02 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:09 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
12
x-amz-server-side-encryption
AES256
etag
"f517955b5484f8d23bf779d49dba2ef7"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17022
x-amz-cf-id
HdSujAo3kiFLF1OzTzCrysuNOYSM_GaFK01SCSqysUvsHMwCwYsLtw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AC56 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 23:12:11 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5A0A 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:10:59 GMT
x-content-type-options
nosniff
server
cafe
age
72
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Fri, 16 Jun 2023 23:10:59 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5A0A 		344 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 15:28:36 GMT
x-content-type-options
nosniff
server
cafe
age
27815
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:28:36 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5A0A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMR55y5qLZPe8CsSZwgOfnbSACpOH4oFx_IrS1bgRht_CnLk6EAEg0syBGmC_BaAB__L94SjIAQmpAjsVroc5Gqk-4AIAqAMByAMKqgTMAU_Q1eR9p1q3D_Nl7HhmH6qmxyY1mI7jK2VcgyQSkP9m_0sQ9b6wdarRLUGIhYBpvWrYf9BaMcTbEPe0CsPai_b9huFEyp99NXppWTii9P1o8SPkmY5632T-zIS2o1NQwfhyQdrSVxmd9kCxXQ2FoKyp6d1eAhTJY6-Qb2uuuimsTOU-O9SGkW77xFsChHTNJ1fx5OkhAfP26jkq0fq4FC38M_md0dnXqOnrsKyXrwd-NkLnjhzVPYKdzZAAsN6wCJzh5ZvyPRmcuP9U8cAEwYrpv7UE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_-qzsEDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQsb8G0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwG4E-QD2BMM0BUBmBYBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=-Lw-BnIrwmU&uach_m=[UACH]&cid=CAQSSwBygQiDVlve83oo82h7C7Pzydr-O6MTJrKZUUm2h_FoqYSjyOKhSoyphau_jmTOJw21MuZi_t8N38ouqten_Fxcm7bzgtUdiVw0sxgB&template_id=484
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
6592766407814317453
tpc.googlesyndication.com/simgad/7302849847428117265/ Frame 5A0A 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7302849847428117265/6592766407814317453
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86f9152f9b5119e41166a049a5974210668f747f001d1d786cc20ce21ea49ad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 02:56:53 GMT
x-content-type-options
nosniff
age
159318
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33736
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 09:57:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Jun 2024 02:56:53 GMT
7621635537731458339
tpc.googlesyndication.com/simgad/ Frame 5A0A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7621635537731458339?w=100&h=100
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f472605c58920da59535b93d694d6fd86d18119bb9b7558ce22ee0f83696ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 15:13:37 GMT
x-content-type-options
nosniff
age
28714
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4666
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 07:49:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 14 Jun 2024 15:13:37 GMT
truncated
/ Frame 5A0A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88dfea8ddaa571e6374078030cdf9deccbe1d3cdc8f7383488c0d191c2c83115

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
7942.js
go.trvdp.com/init/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/7942.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-20.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:04:56 GMT
via
1.1 5ba1fc6b25fbcd91520a550358bd4bac.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 08:02:02 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
3020835
etag
"cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5845
x-amz-cf-id
IUXxCPNE3g4YQ5kIvECWHiEGHtZgfCZUDPedyYt15nAyFhlFGFCA9Q==
truncated
/ Frame B980 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80556728d189dfac8b1b1c57c436a3b42053f045bff185a6148bf1bc1416265d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B980 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssU71fj1HG6WQTMkkI-I3i29dbl0Te63HjbQMX8KSz8n_Gp6rZVgsfH5cqkxDMOwohONRlEgt1p_UKNEz0vH_x5EdDhSusBnFvMAsE6uzIvcyX6CdK71G6la3rh1o-iyKsva9L51soVbbJx_wsGjxwBzYr05ShNRaIgHRhktvI0EoZurQkL-fRv8CMmWV6ELflxjRHrJ0YmZHliEtA9tjqlr-EH4tcKTOl4dqsEBQCYrBzhZyBKgKjB4uPG9-_35ko7T8Z_BJWPBX31B-clbxJUijoPbUOpQvNhuNJ4EKWir9sNPJWYYbVIChZ8fz_49vXUUq7N5ZlF9SXbzu2lhp_GFlvufSjexA&sai=AMfl-YQUICUnpvltisEfk7NNVzfA7oT083PYWhZt6U-8zfQqjsTBSdxz-Lv8pCxi6IVywIcVXNOQ0fFNCpUqT2zZeP0zPRCEKpzOrmgLGFn9cz6t_gU86PaPaSVKqUXMV68HGrhnL4BxWMobIdnLDm2G&sig=Cg0ArKJSzPbAHdckceMvEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 15 Jun 2023 23:12:11 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5A0A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 23:55:41 GMT
x-content-type-options
nosniff
age
170190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jun 2024 23:55:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5A0A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 23:58:38 GMT
x-content-type-options
nosniff
age
170013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jun 2024 23:58:38 GMT
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame F05D 		198 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/PjKqDKqCice.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
x-content-type-options
nosniff
content-md5
gixzAcHA/hBBjzjO9Ez8tQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
198
x-fb-rlafr
0
x-fb-debug
c65E6tXtN8isy7ghdW4Es9paqxjxdI6r/Xr+YHdok1gm5jw5QFpgAW7kNqo7qoZkJ1zIUSXovnbqdxsaXu+3mA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Fri, 07 Jun 2024 00:01:35 GMT
truncated
/ Frame 5DCF 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
140de4005118f59e2dbf7146c402b34445229f462768920df1532816274e5e07

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7A28 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
becb2a48dc4383686fb43c9b64349efacd79142e7bde3d9bef45adc182e9cb19

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
capmapping.htm
cdn.holmesmind.com/js/ Frame 3346 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
29
content-length
7890
content-type
text/html
date
Thu, 15 Jun 2023 23:11:43 GMT
etag
"e090f4ac111bd0e0dd865bdbb97fa28f"
last-modified
Wed, 14 Jun 2023 13:45:19 GMT
server
AmazonS3
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
x-amz-cf-id
jcTxq9n90fBBOZzyYQzHHKy4AJUE98l3ijg-Tu1oYVek9SKG5cEmcA==
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
S2DFp1kCOKWY1.ffDCmGy6vawdQiJHiT
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 7A28 		662 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
kxGTttkSnY54PF5gFAWoFPEzbSOmH_Sj
date
Thu, 15 Jun 2023 23:12:05 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:44:58 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
11
x-amz-server-side-encryption
AES256
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
HVoItqgpi1I3yEEuCHw0xpG1s4JVkOSAYh6CXe9f6hwJPu9Ht_4SeA==
presetfn.js
cdn.holmesmind.com/js/ Frame 242A 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
enDyvkee2bFtwe5gJbVvig7G0KnS4pcd
date
Thu, 15 Jun 2023 23:11:40 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
32
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
yvtsK5fa2GIoGu3rpJYsq2aFjuTVo9XbI0Lud2Kyu8PO96saieASfg==
capmapping.htm
cdn.holmesmind.com/js/ Frame 173B 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
29
content-length
7890
content-type
text/html
date
Thu, 15 Jun 2023 23:11:43 GMT
etag
"e090f4ac111bd0e0dd865bdbb97fa28f"
last-modified
Wed, 14 Jun 2023 13:45:19 GMT
server
AmazonS3
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
x-amz-cf-id
0qzf0wD3txw_8eU2_0YPjSE0vYUW5-Cx1jR7YG4jeJOHPqKLk2POkg==
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
S2DFp1kCOKWY1.ffDCmGy6vawdQiJHiT
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 5DCF 		662 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
kxGTttkSnY54PF5gFAWoFPEzbSOmH_Sj
date
Thu, 15 Jun 2023 23:12:05 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:44:58 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
11
x-amz-server-side-encryption
AES256
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
cho7YhPeDkW3CmbRrb0771CJh5Xe7pgUw15xAA1yL99LL3uuk4EO9w==
presetfn.js
cdn.holmesmind.com/js/ Frame B86D 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
enDyvkee2bFtwe5gJbVvig7G0KnS4pcd
date
Thu, 15 Jun 2023 23:11:40 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
32
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
dMx4s9j9sZgMFQnU2L-IG_wWB8e699QvhCA3hgq_qyTqIFQlc1DDiQ==
capmapping.htm
cdn.holmesmind.com/js/ Frame F03D 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
29
content-length
7890
content-type
text/html
date
Thu, 15 Jun 2023 23:11:43 GMT
etag
"e090f4ac111bd0e0dd865bdbb97fa28f"
last-modified
Wed, 14 Jun 2023 13:45:19 GMT
server
AmazonS3
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
x-amz-cf-id
z2r6Os_Np6bQCrQjQcyrXj5oAn3kXGyXjr2dLMVIZjyvHeZUi0SUaQ==
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
S2DFp1kCOKWY1.ffDCmGy6vawdQiJHiT
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame AC56 		662 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
kxGTttkSnY54PF5gFAWoFPEzbSOmH_Sj
date
Thu, 15 Jun 2023 23:12:05 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:44:58 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
11
x-amz-server-side-encryption
AES256
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
FT420GoyqENQP--dCwOXxPQ8P33j7P--ZmlUyzgm0u_NAMSqF8rqtQ==
presetfn.js
cdn.holmesmind.com/js/ Frame 26AD 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
enDyvkee2bFtwe5gJbVvig7G0KnS4pcd
date
Thu, 15 Jun 2023 23:11:40 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
32
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
JNMSYbxQ3fGPCpbt9oxgrTvJETPfgYXDdxTVgDZk1wwmvz3MkFVPhg==
pd
google-bidout-d.openx.net/w/1.0/ Frame 5C4D 		484 B
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
68b5fc92b2f74795cdb0c628768f995a09e22206416bb79397f79c77a361e115

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
310
content-type
text/html
date
Thu, 15 Jun 2023 23:12:11 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
truncated
/ Frame AC56 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40ca1868966efbc5cceeb165e201f043173e5066406e386c144cc6ca12cf7af8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
cm
t.ssp.hinet.net/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=a193f8ce-100d-4c5b-ae4e-bed67be77dd0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
a193f8ce-100d-4c5b-ae4e-bed67be77dd0.t.ssp.hinet.net/ 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a193f8ce-100d-4c5b-ae4e-bed67be77dd0.t.ssp.hinet.net/pixel?bd=a193f8ce-100d-4c5b-ae4e-bed67be77dd0&t=a546ca&referrer=%25%25%20referrer%20%25%25
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
fp
cm-dev-poc.holmesmind.com/ Frame 29D6 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.130.185 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-130-185.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Jun 2023 23:12:12 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 1E55 		39 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Thu, 15 Jun 2023 23:12:12 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 3346 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 15 Jun 2023 23:22:11 GMT
cm
c.holmesmind.com/ Frame 3346
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Thu, 15 Jun 2023 23:12:12 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame 3346 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.130.185 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-130-185.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 173B
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Thu, 15 Jun 2023 23:12:12 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame 173B 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.130.185 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-130-185.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame 3FB1 		0
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.130.185 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-130-185.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Jun 2023 23:12:12 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 87FE 		39 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Thu, 15 Jun 2023 23:12:12 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
cm
c.holmesmind.com/ Frame F03D
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Thu, 15 Jun 2023 23:12:12 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame F03D 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.130.185 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-130-185.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame 4697 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.130.185 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-130-185.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Jun 2023 23:12:12 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 304B 		39 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Thu, 15 Jun 2023 23:12:15 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
/
www.facebook.com/login/ Frame F05D 		0
0
/
www.facebook.com/login/ Frame F05D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/PjKqDKqCice.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 15 Jun 2023 23:12:12 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
nbrcd1WCaD70y0w06phTfxnVJRnUxgIKFxt1Ct6VrLp1Xjir0egZmfb0mfBq64SkjFb/mGpbp+VdCSmGNUjU2Q==
x-frame-options
DENY
x-xss-protection
0
p.php
stg.truvidplayer.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=6735.576481601062&pid=5434&url=https%3A%2F%2Freurl.cc%2FN0z0k
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-27.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
c8e356c74f1dfe7bafab639f285da42552b84c16e396d1fd90b3b7594e680c37

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
content-encoding
gzip
via
1.1 4e3c79d06b4e17a0f3b574740ddc8206.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
m22E0BmwXNPsWLwxxSKAqNSkNdYUy6wyLLl7Ed-JImGc3BZ35kEjGA==
kALiMpQzGLI.css
static.xx.fbcdn.net/rsrc.php/v3/yy/l/1,cross/ Frame F05D 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/l/1,cross/kALiMpQzGLI.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/PjKqDKqCice.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
edc6e501b535f89438f3e8297ac75c3473b7572c433f4af0185b4a5d96ddd1ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
rbsgsBbs4fp3SqZZCV4BXA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3805
x-fb-debug
VeowopL3cwFvxN92nhFiUf64E2HTsVHtGRmgwr6nRsrFmTYZM4S3LJpSp8C/WJv4fkG+hzipBduBfiQif1zQOg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=0
expires
Thu, 13 Jun 2024 17:04:17 GMT
OddrI9NOuB_.css
static.xx.fbcdn.net/rsrc.php/v3/yi/l/1,cross/ Frame F05D 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/l/1,cross/OddrI9NOuB_.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/PjKqDKqCice.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2505d4c9a43f8f751b4b69a694e351cc3f2158a8cde9f80596339acc61f26c2b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
j7j4H8Jvwsy4L0hYMYrRBw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2568
x-fb-debug
/139VSWV151yOh4MxCHmPSR+FKCdv3yVJ3Yo+E4pQVfuGq6xvceZk384odTu6/HgAzTp0fkRCOXVJ2lTonn3vw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=0
expires
Wed, 12 Jun 2024 16:08:52 GMT
truncated
/ Frame F05D 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09220d95a594d96edb7b812467cb4c048aca524c1876a229930879e64b28148b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
vFrQxWP6ZYA.css
static.xx.fbcdn.net/rsrc.php/v3/y-/l/1,cross/ Frame F05D 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/1,cross/vFrQxWP6ZYA.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/PjKqDKqCice.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f6c6ae65375ab8a39123e5e0f45a4564b0179f79276167ed8716b569c4c1170f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yitOrRMB1Rt4QYMn2WJuUw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4430
x-fb-debug
vnvHwl7nCNe/xlKZZoMP0+SUYwZgubLa6U7mvknea1HA98vJa2lo5y77X0F7YmErLiPlfeedl8erCj0muMEj9w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=0
expires
Wed, 12 Jun 2024 16:08:52 GMT
Qlj2f8M1fRU.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame F05D 		64 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/Qlj2f8M1fRU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/PjKqDKqCice.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7694573a86f303cabb2d2c27064dcaf58e0df866a47ccf73d14a6b682bf7450b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
l03F0wvFW6lQhOoFpr15Ew==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16971
x-fb-rlafr
0
x-fb-debug
CNAo3S44sSfdmmx5JYz1qca0H5PvbfyHi4mPSoag652sJSi0QbssMweX1rV+rNG2AdlrwPRP+rX3n4YWDas6XQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Sun, 09 Jun 2024 16:34:10 GMT
3P2oB1R2XCB.js
static.xx.fbcdn.net/rsrc.php/v3i7Te4/yD/l/zh_CN/ Frame F05D 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7Te4/yD/l/zh_CN/3P2oB1R2XCB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/PjKqDKqCice.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
017309e46e8afa104933d00180a43ca7e5fed547e25124bd133d3a1e3100c158
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
klBdZ4J2H+Ik6rGRnTtIzg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7510
x-fb-rlafr
0
x-fb-debug
1+JCtSjDDXxvUzLa0Fwg/gQ3y1k1nLihLw+Kszy7WJ589Nfr59/MxAuW7cVq8xhvMQaGRIHBtU8c+Kw9B+iwJQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Tue, 11 Jun 2024 19:37:36 GMT
ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame F05D 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/PjKqDKqCice.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CEYVgZg04j7erS0ub7sNsg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10390
x-fb-debug
mp2o822CX09DhEXEDIYIajycSUKQS2gorl5cOP8FWkW/QJgauBkzslGMS3d5VcFu3wDsse1he93+RXWgJPTh8Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Thu, 13 Jun 2024 17:08:42 GMT
sd
us-u.openx.net/w/1.0/ Frame 5C4D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=c5923b8f-fb49-7feb-c70e-b065f3aa7b65&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=c5923b8f-fb49-7feb-c70e-b065f3aa7b65&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=dcbc777f-a1b7-47dd-9bc5-312e7441b21c&ttd_puid=c5923b8f-fb49-7feb-c70e-b065f3aa7b65&gdpr=0&gdpr_consent=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=dcbc777f-a1b7-47dd-9bc5-312e7441b21c&ttd_puid=c5923b8f-fb49-7feb-c70e-b065f3aa7b65&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=dcbc777f-a1b7-47dd-9bc5-312e7441b21c&ttd_puid=c5923b8f-fb49-7feb-c70e-b065f3aa7b65&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 5C4D
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZIuazMCo5s8AANiF43wAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZIuazMCo5s8AANiF43wAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Thu, 15 Jun 2023 23:12:12 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.225","key":"ZIuazMCo5s8AANiF43wAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad17"}
X-SO-Key
ZIuazMCo5s8AANiF43wAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad17
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZIuazMCo5s8AANiF43wAAAAA
Cache-Control
private
X-SO-HostName
m-ad299.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40011.dc2p.scaleout.jp
X-SO-IP
103.254.153.225
sd
jp-u.openx.net/w/1.0/ Frame 5C4D
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ae5bCc1jv78Nks8AD7MOpaLWB88AAAGIwVStxw
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ae5bCc1jv78Nks8AD7MOpaLWB88AAAGIwVStxw
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:12 GMT
via
1.1 b238fef36fc101d581d2aebbbc69d9a6.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ae5bCc1jv78Nks8AD7MOpaLWB88AAAGIwVStxw
cache-control
no-cache
content-length
0
x-amz-cf-id
r9TOXr3dORrSdyB2qYomeqdD7eclDHg_g7gm4zXsbtYJNfHLnvvTBQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 5C4D 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTlmZGU4NDUtMzIzZS0yMTRmLWQyZWUtZWFkYzM5NDhiNTA1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5C4D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO2Gg9vKkps4Y0vNFbw1fok&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO2Gg9vKkps4Y0vNFbw1fok&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO2Gg9vKkps4Y0vNFbw1fok&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 242A 		634 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d2:7400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9521562582cce8c20dc4e62e619a707d5484ee08f7ae6644888bbe19637afee7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:02:47 GMT
content-encoding
gzip
via
1.1 a9cfec72cfc71c81978b7bbf79189fdc.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
565
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
97B2F1Vs_PG5TM6IHeVg_2mMu7PdVqu0j_t-DjWmx33w_PAnUJ1i8g==
Preset.js
adcdn.holmesmind.com/adserver/ Frame B86D 		1 KB
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d2:7400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5f6b28333ff153456a548f191a3105b7d9d8dad4ad01a87aec4a48728a0f4804

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:05:04 GMT
content-encoding
gzip
via
1.1 a9cfec72cfc71c81978b7bbf79189fdc.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
428
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
ketK1mrQN4k844N1OyzcSG70IukJvwCDz2wNP_Z5HS5L-kO3r-O06g==
Preset.js
adcdn.holmesmind.com/adserver/ Frame 26AD 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14209
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d2:7400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
67988687e1abdb7513a40ec60f8ed45c834949e86c1c9fa76983d00590ce0da4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:05:04 GMT
content-encoding
gzip
via
1.1 a9cfec72cfc71c81978b7bbf79189fdc.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
428
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
nwl7_gFGwob1WKn3MXshZEaaWJIpIq4a_zSuVHq_nx_-tSQhG9yQ8A==
/
t.ssp.hinet.net/ Frame 3346 		36 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
b8050434a090721039224e4c3a116dfa71593c3e1a64f9322aa19e3a5d01798e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
ads.js
ad.holmesmind.com/adserver/ Frame 26AD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FN0z0k&n=527&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=1860-4TjSDifmUxIo8795BFlaEV7hzhy1fmFb&fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.245.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-245-61.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7e46bc6781cccee04a48830951988806f3ab5ff9f468c7b0112c1594ba364b28

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 15 Jun 2023 23:12:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 26AD 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
9yDAe8hc8angtezA583McC9CmPtDZOQm
date
Thu, 15 Jun 2023 23:11:32 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:02 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
41
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
n8uKep2z5FGOk2PTezHyRRNfRiv1CNVfF1v-NLtzHbgk-xDry5DStw==
ads.js
ad.holmesmind.com/adserver/ Frame B86D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FN0z0k&n=715&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=1860-4TjSDifmUxIo8795BFlaEV7hzhy1fmFb&fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.245.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-245-61.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
883839bf40583d474667ac1c15305748ce0edebc9a9ee6ad7ed3fe5c3b203d42

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 15 Jun 2023 23:12:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame B86D 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
1d7i8aDt24bAAhdQGVHcl4aJbGsdC8qT
date
Thu, 15 Jun 2023 23:11:26 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:19 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
47
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
V49QhZoglfmlfTHcOMuKWfbkBSFESVGGSb8Taby8-QkJFzX0NCZd-g==
publishertag.js
static.criteo.net/js/ld/ Frame B86D 		126 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-1f8af"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Jun 2023 23:12:12 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame B86D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
FwcpNN5Byau4bRXGziLJsTJILumrMvSN
date
Thu, 15 Jun 2023 23:11:31 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:44:41 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
42
x-amz-server-side-encryption
AES256
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
_IEY6Zr4Hy396feBGeBjE8NZZ2-UjNRtiqFsXJPa22NViQwr1vTNGg==
appierV2.js
cdn.holmesmind.com/js/ Frame B86D 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
UIL_JxmG0rSPMgDUx2zZ5zqCXxpp08Ga
date
Thu, 15 Jun 2023 23:11:32 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
40
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
LjW6Ri5NlYa7v7xEy46Ky0jaM1gYfevVKE3_FLlYJlC5A6l9UDfszQ==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame B86D 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
9yDAe8hc8angtezA583McC9CmPtDZOQm
date
Thu, 15 Jun 2023 23:11:32 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:02 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
41
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
oQle9SiLrAmyqrj3sb_x5mlg9pMJiHX2z3vEzDWakaKwjPvL2Fyn9g==
ads.js
ad.holmesmind.com/adserver/ Frame 242A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FN0z0k&n=39&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=1860-4TjSDifmUxIo8795BFlaEV7hzhy1fmFb&fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.245.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-245-61.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9c48cd64d7266a960374c839977d4c3bb58ad12f31eeff5cbcaab57abe364bc7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 15 Jun 2023 23:12:12 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
305964663_450890893727816_1742559653774706626_n.jpg
scontent-sin6-3.xx.fbcdn.net/v/t39.30808-1/ Frame F05D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sin6-3.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=61Pubbvhb90AX8sassa&_nc_ht=scontent-sin6-3.xx&oh=00_AfB8uP2ZOtFqCCm0DSOgBfpnO061-x5RSEfW-t8K79gR-w&oe=6490E5D5
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:10d:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-haystack-needlechecksum
760809244
date
Thu, 15 Jun 2023 23:12:12 GMT
x-fbtype
30808
content-digest
adler32=2540016234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1345
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
10643825273436506603
external-sin6-2.xx.fbcdn.net/emg1/v/t13/ Frame F05D 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-sin6-2.xx.fbcdn.net/emg1/v/t13/10643825273436506603?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F05%2F2023-%E6%88%BF%E5%B1%8B%E7%A8%85%E7%B9%B3%E7%A8%85%E6%8E%A8%E8%96%A6%E5%8D%A1%EF%BC%8C%E6%9C%80%E9%AB%98%E5%9B%9E%E9%A5%8B-10-%E6%88%96-12-%E6%9C%9F-0-%E5%88%A9%E7%8E%87.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbEpqvHv2O8fyf97axr8PkSoImyLI84Ddzv1lfszedwgQw&oe=648D736F&_nc_sid=bde1b5
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:212:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c7890c25b1680b55b8055cde4aa350bee41a2af71df575cad543f654e6dfc321

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
x-fb-trip-id
1679558926
last-modified
Thu, 01 Jun 2023 16:53:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1607350184
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
27728
4744670896610034870
external-sin6-2.xx.fbcdn.net/emg1/v/t13/ Frame F05D 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-sin6-2.xx.fbcdn.net/emg1/v/t13/4744670896610034870?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F05%2F2023-%E7%B6%9C%E5%90%88%E6%89%80%E5%BE%97%E7%A8%85%E7%B9%B3%E7%A8%85%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbGXsawTKHAm-KbeMUHllC9tOZefsaRB_RxexHE0PF0qtg&oe=648D1A89&_nc_sid=bde1b5
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:212:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
273b927348a9c4d0b3fbb072f0866252a2f1064b742ec53c9f71fb656800bb70

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
x-fb-trip-id
1679558926
last-modified
Wed, 07 Jun 2023 16:16:51 GMT
x-fb-original-response-code
200
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3773316470
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
x-fb-original-response-reason
OK
content-length
30002
alt-svc
h3=":443"; ma=86400
1753680696352038702
external-sin6-2.xx.fbcdn.net/emg1/v/t13/ Frame F05D 		157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-sin6-2.xx.fbcdn.net/emg1/v/t13/1753680696352038702?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2019%2F10%2FLINE-Pay-%E4%BF%A1%E7%94%A8%E5%8D%A1%E5%9B%9E%E9%A5%8B%E6%AF%94%E8%BC%83.png&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbFqHAQszGtT9YepIko6mjHB7rXAPiIGGbZWBWKaPgaCyQ&oe=648D649F&_nc_sid=bde1b5
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:212:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa5b76ca61e046c07844de24e2581bc0065ed836538b4564e162abf7524e5f8b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
x-fb-trip-id
1679558926
last-modified
Wed, 07 Jun 2023 20:26:12 GMT
x-fb-original-response-code
200
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=3586733211
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
x-fb-original-response-reason
OK
content-length
160892
alt-svc
h3=":443"; ma=86400
8293101895853200528
external-sin6-2.xx.fbcdn.net/emg1/v/t13/ Frame F05D 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-sin6-2.xx.fbcdn.net/emg1/v/t13/8293101895853200528?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F04%2F%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97-LINE-Pay-%E4%BF%A1%E7%94%A8%E5%8D%A1-%E5%9C%8B%E5%A4%96-2.8-%E5%9B%9E%E9%A5%8B-LINE-Points.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbFHYJDGeV6E3ISNNbJIrBbh6K5FZC0lpwFaIIeGWV8dMw&oe=648D7B6F&_nc_sid=bde1b5
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:212:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a02f59d86a26b369c40c5b7a2aebedeaa2508906e682bb0f6d5f6225fa545b9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
x-fb-trip-id
1679558926
last-modified
Wed, 07 Jun 2023 21:37:08 GMT
x-fb-original-response-code
200
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1487679261
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
x-fb-original-response-reason
OK
content-length
31661
alt-svc
h3=":443"; ma=86400
340641646_1119875749407052_3512356834193733516_n.jpg
scontent-sin6-2.xx.fbcdn.net/v/t39.30808-6/ Frame F05D 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sin6-2.xx.fbcdn.net/v/t39.30808-6/340641646_1119875749407052_3512356834193733516_n.jpg?stp=cp1_dst-jpg_s350x350&_nc_cat=108&ccb=1-7&_nc_sid=8024bb&_nc_ohc=Onvx998nCLsAX_iccfW&_nc_ht=scontent-sin6-2.xx&oh=00_AfCTGaiMgpuNYpBQUuIb_wWDhubPmeCK_Q_GnYb4huGCGQ&oe=6490EA1D
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:212:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8a65b648d4ecec256df8a8341fea63ae526aacc23bc087848da35c0f37acf1b4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
x-fb-trip-id
1679558926
x-fbtype
30808
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Wed, 12 Apr 2023 11:32:57 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1027438522
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
275574898
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
13796
bid
ad2.apx.appier.net/v1/prebid/ Frame 26AD
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 15 Jun 2023 23:12:12 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame B86D 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 15 Jun 2023 23:12:12 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame B86D
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=TKj1D_3lDCev1BtdzJqLZA
2 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=TKj1D_3lDCev1BtdzJqLZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 15 Jun 2023 23:12:12 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=TKj1D_3lDCev1BtdzJqLZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame B86D
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=iNamBfI-DOWeZKtgzJqLZA
2 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=iNamBfI-DOWeZKtgzJqLZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 15 Jun 2023 23:12:12 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=iNamBfI-DOWeZKtgzJqLZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame B86D 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=3x0Cnl9UOE5keGhxWWpYcyUyRmN2WWViMGtnUVFZdDZ1bWE4ZEc5JTJCeCUyQkR4djBNVWV1cUNKeG5KaEtEMFNvZ095aXVDN1pzSmhrT1Q0WldUd3hndUtOenlydVdYQjI2SlFuVW81WlhmWVU5NjM3UzI4cWx3cmVpYUVrQlVrblNWWmxwNmYwZk5RSUxkT1lqODFXcldvM0hya1d5emclM0QlM0Q&cb=97939183705
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 15 Jun 2023 23:12:11 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
emome2
t.ssp.hinet.net/ Frame 3346 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=a193f8ce-100d-4c5b-ae4e-bed67be77dd0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
re1hPxQECWj.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame F05D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/re1hPxQECWj.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yy/l/1,cross/kALiMpQzGLI.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yy/l/1,cross/kALiMpQzGLI.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
x-content-type-options
nosniff
content-md5
i7RWZH3OINQHgRs93K4JmQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2674
x-fb-rlafr
0
x-fb-debug
Hy+xV/9dwdEAsG3iUWTHU1yKgKlMQG4uPRq8M/+P2b16z5R7uh+8q6Y+WLZ9eR301a3g81ARhWCUKvWfNx7EFA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 06 Jun 2024 19:15:24 GMT
MKQzjVd1bVq.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame F05D 		548 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/MKQzjVd1bVq.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yj/l/1,cross/G9jX8CJohD9.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83b7d2afe243941c2527b2d875836ad2cb864290690dd1b253389de3f7bc7da4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yj/l/1,cross/G9jX8CJohD9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
x-content-type-options
nosniff
content-md5
l20F61ct/3QC2rM+eGjRow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
548
x-fb-rlafr
0
x-fb-debug
yQZ+yy9E0BBPANL3bVldnRsvuSuj12jOMjNXg74ACPgCqN62mXCnQNXXClcFalCwzipeb9PssU2T6+ew7RaIOw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 06 Jun 2024 21:36:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=37536722020134&vrg=202306080101&nw_id=128002626%2C21787810958&nslots=5&eid=31074948%2C31075065%2C31075352%2C44777901%2C31070233%2C31075339%2C676982961&pub_url=https%3A%2F%2Freurl.cc%2FN0z0k&qid=CLfO2pWzxv8CFcSMcAodnw4NoA&iu=%2F128002626%2FGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2F13847&e=0&ret=970x90&req=728x90%7C970x90&bm=0&efh=1&stk=0&ifi=5
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
bidder.criteo.com/csm/ Frame B86D 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Jun 2023 23:12:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ Frame B86D 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 09 Jun 2024 23:12:12 GMT
pixel.gif
static.criteo.net/images/ Frame B86D 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 09 Jun 2024 23:12:12 GMT
float.js
s.trvdp.com/scripts/v5.802/ 		466 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.802/float.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-89.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86df418d759487f91b379ac929723336e45cf28b31395bb383bc4439b2150125

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 15:54:25 GMT
content-encoding
gzip
via
1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 13:09:34 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
10480668
etag
W/"bc1129a1d65d16ce761ff5637cdc8f53"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
2642ablLWYsnIND43rcqe6OeF9ObXcGse5vtHtvYQbTJo9O5BzeUcw==
utag.js
t.ssp.hinet.net/ Frame 26AD 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 15 Jun 2023 23:22:12 GMT
utag.js
t.ssp.hinet.net/ Frame B86D 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 15 Jun 2023 23:22:12 GMT
utag.js
t.ssp.hinet.net/ Frame 242A 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 15 Jun 2023 23:22:12 GMT
/
t.ssp.hinet.net/ Frame 26AD 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
b8050434a090721039224e4c3a116dfa71593c3e1a64f9322aa19e3a5d01798e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
cors
rt.ad-score.com/score/ 		52 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=SG&l4=desktop&l5=5.802&cb=0.13788117830049473
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/float.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
174.216.208.35.bc.googleusercontent.com
Software
/
Resource Hash
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Jun 2023 23:12:13 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://reurl.cc
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
52
drawV2.js
cdn.holmesmind.com/js/ Frame 242A 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FN0z0k&n=39&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=1860-4TjSDifmUxIo8795BFlaEV7hzhy1fmFb&fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
vxJKj4nf26OQAATxFC7ifIkpRwIUYWyu
date
Thu, 15 Jun 2023 23:11:40 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:44:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
35
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
FR0RQrXBtXjc1fqGhUSJVsldSmp-_rfG2nGqfwMoCivvxiJsGa920Q==
drawV2.js
cdn.holmesmind.com/js/ Frame 26AD 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FN0z0k&n=527&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=1860-4TjSDifmUxIo8795BFlaEV7hzhy1fmFb&fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
vxJKj4nf26OQAATxFC7ifIkpRwIUYWyu
date
Thu, 15 Jun 2023 23:11:40 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:44:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
35
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
ovOuYeVHoNGIwY-fV8l2cRGm-a-wy9K0ayCJ2vaMs_9UCLw6lIiciw==
drawV2.js
cdn.holmesmind.com/js/ Frame B86D 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FN0z0k&n=715&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=1860-4TjSDifmUxIo8795BFlaEV7hzhy1fmFb&fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
vxJKj4nf26OQAATxFC7ifIkpRwIUYWyu
date
Thu, 15 Jun 2023 23:11:40 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:44:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
35
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
9UcOFt7TWmOOM0iKT5n92quWiK8wrOfTj0Zcevo1TsUyKfCBwTJr1g==
activeview
pagead2.googlesyndication.com/pcs/ Frame B980 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEgUJ35Dm3eouJY-3tQH8eJIH-KUG8hf69AX8IJTVOVdINP7Fxu5bCpOL8HGXPgm353iC3CIiieqEVWgFY4lairIPSGfDD9BNOJHFbIA-ak8PDPnV2&sig=Cg0ArKJSzNCRYsSqxQycEAE&id=lidar2&mcvt=1000&p=1181,1599,1182,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230614&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686870731571&rpt=151&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7A28 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7b0aoKUx_qZPsVXoqK2ughwQp7Su3RKuuoQDA0DRANzEuC-cTlTp8q0T2o8EzIe61PNRL5HrqqkNnjTV8SYF87Fo0MRcsH5bY5lF9JOxSQ3DLThT8bhVfFUvs5bPQSQpAnLz2opsmeVSnscjzA-ZXNvy30M3Qf_0xe24RhIMCe8BKBb8XP-Dtmrl_HjHZUEzXMw5PfY-QEKA-lBplBdPgaDPVSGAQW3TPXOtUSU9zfiggqJPk-c5yauKwt8XmYtMna7ROm8f96ZOzKSkourG6niaRWFON5IR0KKo10jkXPlipbiDSGYvHIMMVjCLjEJFPI6BIzr1auhmAZpswSwpK9chRlCCfK0ZdNQ&sai=AMfl-YTIQDaokL7iFTxlwr_bU-drrLky_KXeBR-SFU2taFD1zsI84xKYFBYwIZcjMrsj2u_L9VNVa4PwH0LPkr9HrSkiup-DrbxfHaOo6JStGTXwTzsYTCkh0X03fR1s4xeTjObIMkl9X8jkdxx2w20&sig=Cg0ArKJSzBFdj2SSfoVfEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 15 Jun 2023 23:12:12 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5DCF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4rfJeq0BmcRyasy1Xu_s_kFlvbNPENNKZtjn0XqnCuepIDSmv-epFnJgJNlSlUbaBfBM3Sct3YfuRczvfqQtN2FYAA-cEqiJrThHoLCrJIdhGprmKkzuzG9HsLuRqbQ8x6t45ueOwYuwskAnIXDvYj1n3YXsAHQHVKcCilA4lSd4qZLEwzgWcCfNR803Kr7I7DmruLwy6yMvqh6cIEJSe9sDRUk_CeB_m7jISgoH6AjktBB3jykZI0Y2s_vkXrNGv516SpU63092Il7vAa53GZZ_Z7_fUcvUp7g2Hg8286ewdOpIOpNLuT1-jEutOcl3WUc82M27zB4f-X10tPEk-bMZpDhvDxfDYhQ&sai=AMfl-YRW3ap21oAqUMoTxK6iewODuVYY76WUN_wYdCwrNnYH8tw0VPaL1_yOfMal0gpg1MZLzEl51DpkGqfz4uZoCl1odRe4yyxLYgVQ2iLRJKAxx_d47htexSMXJWx2RhlIt6DriP4PmwgocBXARDM&sig=Cg0ArKJSzMP49JO1STQdEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 15 Jun 2023 23:12:12 GMT
2.js
cdn.holmesmind.com/js/tmp2/ Frame B86D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/tmp2/2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68a0ed9bfdfd1fb7b426402b41ab30c0b2f955fb016d748545407152d2150949

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
tCLPKpjQCqmJsjKjO_GyYZ3oPAtS9_lf
date
Thu, 15 Jun 2023 23:12:01 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:35 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
11
x-amz-server-side-encryption
AES256
etag
"25276a729dd197107e35d3e898c15aee"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1045
x-amz-cf-id
d2SlEnxtcxIc9kx-eZvam9CeCsEej-QPp1fCTPjIlrL-OT8P8iKPCw==
v2-btad300250.css
cdn.holmesmind.com/btad/ Frame 7787 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/btad/v2-btad300250.css
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/tmp2/2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 5A0A 		42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkb-QbaObaYgP_QnCthAnNrX7qo8y-KAdajM17Snty6Ep23I24T9nQ40aHYicgOKWhgL5p2bJvva43OFIzEygMuIFnmttkeFI4_x0xlxWD603ev1m4XjhxCZozI2AW4BVl2XmkvhQAfA&sai=AMfl-YSfyVDlkvUYpH4bahMGheAB1ErFUs4Lvqng_VemZQn6C9HpasdZMNpbWN_O7aaAMDMOcrF5NpKIwoiadDRy8eM3t80yz1jRF4d21JD1nhhsRofBmpi6YGmF-YWq_makhQsSUn3IgVk-aQOx&sig=Cg0ArKJSzPu4J0ONxxlBEAE&cid=CAQSSwBygQiDVlve83oo82h7C7Pzydr-O6MTJrKZUUm2h_FoqYSjyOKhSoyphau_jmTOJw21MuZi_t8N38ouqten_Fxcm7bzgtUdiVw0sxgB&id=ampim&o=315,554&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=380&tls=1381&g=100&h=100&tt=1381&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init.js
cdn.holmesmind.com/js/ Frame 6436 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c8cb45e58fd27dc7c8bfc38bf2f9f054d5247eb5bd44b0ad11b951d1b046089

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
6v_dRSAN3.Sh_q9QIVr24Zonsgc6rBs0
date
Thu, 15 Jun 2023 23:12:02 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:09 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
14
x-amz-server-side-encryption
AES256
etag
"f517955b5484f8d23bf779d49dba2ef7"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17022
x-amz-cf-id
I7aJpP3cOU8Mm8KgogTSS8kwa5nVLq1sNrHwe161SOVY6rQJ9HkKbg==
capmapping.htm
cdn.holmesmind.com/js/ Frame A444 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
31
content-length
7890
content-type
text/html
date
Thu, 15 Jun 2023 23:11:43 GMT
etag
"e090f4ac111bd0e0dd865bdbb97fa28f"
last-modified
Wed, 14 Jun 2023 13:45:19 GMT
server
AmazonS3
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
x-amz-cf-id
qqsujnAvmT0gsbdfFLMhXqQdJ4gKRfUEHjj9Bc1TK5Ig4YJI34naWA==
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
S2DFp1kCOKWY1.ffDCmGy6vawdQiJHiT
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 6436 		662 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
kxGTttkSnY54PF5gFAWoFPEzbSOmH_Sj
date
Thu, 15 Jun 2023 23:12:05 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:44:58 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
13
x-amz-server-side-encryption
AES256
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
0jV70ZGNKEVISGZRXuiTUuH5p7r0DHAw0NSI5ttqZaPvBR471fJmKQ==
presetfn.js
cdn.holmesmind.com/js/ Frame 357D 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
enDyvkee2bFtwe5gJbVvig7G0KnS4pcd
date
Thu, 15 Jun 2023 23:11:40 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
34
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
RAImjA_ctuUCKHsuvcYC0ReY6q60jOuKjkkXJ3CWPIiSTKmRQpiREg==
fp
cm-dev-poc.holmesmind.com/ Frame 80C3 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.130.185 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-130-185.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Jun 2023 23:12:13 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame B948 		95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
86
content-type
text/html; charset=UTF-8
date
Thu, 15 Jun 2023 23:12:16 GMT
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
via
1.1 google
fp
cm-dev-poc.holmesmind.com/ Frame A444 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.130.185 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-130-185.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame A444 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame A444
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=249806-Lr2HSFEvOcUpiQ7zSREwm7rPsQQL1JcM&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=249806-Lr2HSFEvOcUpiQ7zSREwm7rPsQQL1JcM&uu_m=undefined&google_gid=CAESENpXJ1s0G-xuMWJICc4Cz74&google_cver=1
0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=249806-Lr2HSFEvOcUpiQ7zSREwm7rPsQQL1JcM&uu_m=undefined&google_gid=CAESENpXJ1s0G-xuMWJICc4Cz74&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
x-guploader-uploadid
ADPycdv8HAwU70rh-gxUzyen4IGc68jHO1hY_FsFhlma9EfbO9pBEOW5frRUfr1iOOVeJYOL8lnlq6lF9af1RZ6G2Dm1vw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Fri, 16 Jun 2023 00:12:13 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=249806-Lr2HSFEvOcUpiQ7zSREwm7rPsQQL1JcM&uu_m=undefined&google_gid=CAESENpXJ1s0G-xuMWJICc4Cz74&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 357D 		1 KB
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23d2:7400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a4253ee8fdd7f84329fc4b4e0c28d0fbc12d0019d2c784637ec1d108e9ef3555

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:08:54 GMT
content-encoding
gzip
via
1.1 a9cfec72cfc71c81978b7bbf79189fdc.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
199
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
h60FTvju0KMKnHVuLkGDvC-U4nQV1-gdacQ6CFFRkHnwORf4Leh92w==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1DD9 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d02f9df9c5169b67b109063633831c2560bb68676bc102a7028912ee61950773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25369
x-xss-protection
0
server
cafe
etag
536 / 19523 / 31075344 / config-hash: 17639771211870587372
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 23:12:13 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 357D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FN0z0k&n=793&o=1&fc=1860-4TjSDifmUxIo8795BFlaEV7hzhy1fmFb&d=1&b=2&ts=1&ii=2&FPCK=1860-4TjSDifmUxIo8795BFlaEV7hzhy1fmFb&fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.245.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-245-61.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2fc433972103a499a34dc440bc6561e9734b2cc69363ddc20a482b4af45e4003

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 15 Jun 2023 23:12:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 357D 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
1d7i8aDt24bAAhdQGVHcl4aJbGsdC8qT
date
Thu, 15 Jun 2023 23:11:26 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:19 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
48
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
krqLtujevT7XL5QQ3iLM_zgBRZnpDrZa4yJ5IPlPE-bKURu5zlLLwg==
publishertag.js
static.criteo.net/js/ld/ Frame 357D 		126 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-1f8af"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Jun 2023 23:12:13 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 357D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
FwcpNN5Byau4bRXGziLJsTJILumrMvSN
date
Thu, 15 Jun 2023 23:11:31 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:44:41 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
43
x-amz-server-side-encryption
AES256
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
Zo4nI0NPXxyjkCiMRIFjWNpw8Yc6S3okzdM6Cu5JX5jEFDi9mXRppA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 357D 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac90c6ed9c4d9d9fc79f570cd8b53b6ab1d7aecd223c10b39acf5d40e3d85946

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
JhP1uTOznAN6Sa0Rhnzz59Im.PcNJQNJ
date
Thu, 15 Jun 2023 23:11:22 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:16 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
52
x-amz-server-side-encryption
AES256
etag
"7a7c318697d30af698ea6fa2582fa30e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6405
x-amz-cf-id
bsdIxHPBGTbBz3r_ONioWc86mkB5-n4UKIOCrgq7rXRrCx032tba6g==
appierV2.js
cdn.holmesmind.com/js/ Frame 357D 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
UIL_JxmG0rSPMgDUx2zZ5zqCXxpp08Ga
date
Thu, 15 Jun 2023 23:11:32 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
41
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
t0HPjLoO3M7xL-xoFCswBM41bTEWM5Nam8wi6MdfmQa0UqngP14Y8A==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 357D 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
9yDAe8hc8angtezA583McC9CmPtDZOQm
date
Thu, 15 Jun 2023 23:11:32 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:45:02 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
42
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
ESPrVjV_IkRdURn1R8v8k0n0W24sDxxZiiyBbqT0MeksXGAXRHJ4YA==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 357D 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 15 Jun 2023 23:12:13 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 357D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.07247826024607606
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Houzhuangzi, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
74f45dfec17b3f6387b64c54c454f7954abdf167e10c4d0a116735f75ea2e323

Request headers

Referer
https://reurl.cc/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Thu, 15 Jun 2023 23:12:12 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame 357D
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 15 Jun 2023 23:12:13 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 357D
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 15 Jun 2023 23:12:13 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 357D
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 15 Jun 2023 23:12:13 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Zb83999UCgqYx4S9zJqLZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 357D 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=3x0Cnl9UOE5keGhxWWpYcyUyRmN2WWViMGtnUVFZdDZ1bWE4ZEc5JTJCeCUyQkR4djBNVWV1cUNKeG5KaEtEMFNvZ095aXVDN1pzSmhrT1Q0WldUd3hndUtOenlydVdYQjI2SlFuVW81WlhmWVU5NjM3UzI4cWx3cmVpYUVrQlVrblNWWmxwNmYwZk5RSUxkT1lqODFXcldvM0hya1d5emclM0QlM0Q&cb=63175018830
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Thu, 15 Jun 2023 23:12:12 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
04202658027a1a0eff77d1cef1b1c0cf.jpg
cdn.holmesmind.com/image/18226/ Frame 7787 		620 KB
621 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.holmesmind.com/image/18226/04202658027a1a0eff77d1cef1b1c0cf.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a85e8575ffc41ecbe854206a74d020e6efb3208eb5e396117b25960477792b7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 09:28:45 GMT
x-amz-version-id
xKltYls1jSsoxuE0qBm7vSU7aAAIE4sB
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Thu, 15 Jun 2023 00:12:04 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
49409
etag
"d024aea179b0132dd64215d978e1488f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
635068
x-amz-cf-id
MkLjr4eG5AqHIu63SE-8AKJt77ncWY6UMmETGeebNCYxfa5A2BVKgQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/ Frame 1DD9 		404 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:49:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
15764
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127303
x-xss-protection
0
server
cafe
etag
14748094856067035890
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 14 Jun 2024 18:49:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 1DD9 		544 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
expires
Thu, 15 Jun 2023 23:12:13 GMT
events
bidder.criteo.com/csm/ Frame 357D 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Jun 2023 23:12:12 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ Frame 357D 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 09 Jun 2024 23:12:13 GMT
pixel.gif
static.criteo.net/images/ Frame 357D 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 09 Jun 2024 23:12:13 GMT
integrator.js
adservice.google.com/adsid/ Frame 1DD9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1DD9 		490 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2473372328496026&correlator=1212698344538060&eid=31072020%2C31075344%2C31075349%2C31073559&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14209&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x100%7C320x100%7C320x50&ifi=1&adks=2995874615&sfv=1-0-40&sc=1&cookie=ID%3D3e6794230fc45277%3AT%3D1686870731%3ART%3D1686870731%3AS%3DALNI_MZvArFm1K6e9C7rtWi1GFteaJhMhg&gpic=UID%3D00000c13ce021cbf%3AT%3D1686870731%3ART%3D1686870731%3AS%3DALNI_MZScoG7qoJnIqeNryHOJB5yxGULbA&abxe=1&dt=1686870733268&lmt=1686870733&dlt=1686870733154&idt=87&adxs=640&adys=364&biw=1600&bih=1200&isw=320&ish=100&scr_x=0&scr_y=0&btvi=0&ucis=hg4m3upelloz&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Freurl.cc%2FN0z0k&ref=https%3A%2F%2Freurl.cc%2FN0z0k&top=https%3A%2F%2Freurl.cc%2FN0z0k&frm=23&vis=1&psz=320x100&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=1721945637.1686870731&ga_sid=1686870733&ga_hid=1542919944&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYmdTSiowxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOzS0oqMMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSbW8wUlRGc1RFOVJRbmxrTWtocFRtdzBNVWx0UVQwOUluMD0Y1NjSiowxSAASGQoKdWlkYXBpLmNvbRjs0tKKjDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbba513a7024d8c2393a8cca7604bfd90a9ea53c62b8bd4bf127c2982d415cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1DD9 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7790e55be1ca0012236104d6e934841453a677cc805d4cdf393337cccce20e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11128
x-xss-protection
0
container.html
9640397cd4bc5acb9ae56a6c193c668e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2742 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9640397cd4bc5acb9ae56a6c193c668e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 23:12:13 GMT
expires
Fri, 14 Jun 2024 23:12:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
prtct.php
stg.truvidplayer.com/v5.802/ Frame A54E 		0
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/v5.802/prtct.php?val=f&geo=SG&timestamp=1686870733&level=0
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/float.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-27.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Jun 2023 23:12:13 GMT
server
nginx
via
1.1 4e3c79d06b4e17a0f3b574740ddc8206.cloudfront.net (CloudFront)
x-amz-cf-id
lmr_BZJgQi-cGOjk-393kn-o-fRRMaP7-nWXKKDk3vt2Lr3BhHHT_g==
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1DD9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 23:12:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 33C2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
65760
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 04:56:13 GMT
expires
Fri, 14 Jun 2024 04:56:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F8EF 		783 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2e456c1c7bfcdb1d0420549d4120ecae6169e2f1d02e40251ba6d8975c4ffa69
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ibv37IzOnzwYqPTqLIOALg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ibv37IzOnzwYqPTqLIOALg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 23:12:13 GMT
expires
Thu, 15 Jun 2023 23:12:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
drawV2.js
cdn.holmesmind.com/js/ Frame 357D 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FN0z0k&n=793&o=1&fc=1860-4TjSDifmUxIo8795BFlaEV7hzhy1fmFb&d=1&b=2&ts=1&ii=2&FPCK=1860-4TjSDifmUxIo8795BFlaEV7hzhy1fmFb&fp_uuid=1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:7800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
vxJKj4nf26OQAATxFC7ifIkpRwIUYWyu
date
Thu, 15 Jun 2023 23:11:40 GMT
via
1.1 8d08de7fce6cdb6f648bade508fa2926.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 13:44:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
36
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
rO3E0cbo2OKFo2LejSzLBDAXcTx17mLHiJPDuB6F6jPq5b8zlPROyw==
sodar
pagead2.googlesyndication.com/pagead/ Frame F8EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306060101&jk=2473372328496026&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
pagead2.googlesyndication.com/bg/ Frame 33C2 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 19:38:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
185629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14773
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jun 2024 19:38:24 GMT
utag.js
t.ssp.hinet.net/ Frame 357D 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 15 Jun 2023 23:22:13 GMT
generate_204
tpc.googlesyndication.com/ Frame 33C2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OlaVxQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5DCF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstStKY3KX6Iym08F2WJN9oKCLA9C9WOGME2nfXaCJMO_hMr5ar3YcQvtJZXRAsccQmoWqKNBAO5-ouJ0_w_TKLyIx9AMfToXS7O_U-f5LkoDMcsr0rm&sig=Cg0ArKJSzA34oHN6VRiZEAE&id=lidar2&mcvt=1000&p=108,650,358,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230614&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686870731630&rpt=1157&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7A28 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEqIV5mhOdxOq0WNmS9UJRIeGpiPHfFA2pb0IclaI53-DhMtJ_GO4WG-9J7lY2lhHhSpcUP1kfGM0onZh3Hm9t1AYJTaaufZzTCZWrErQUhvhdlS8l&sig=Cg0ArKJSzNBHfkAQ87d_EAE&id=lidar2&mcvt=1002&p=108,270,358,570&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230614&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=827794272&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686870731619&rpt=1164&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
t.ssp.hinet.net/ Frame 357D 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1860-4TjSDifmUxIo8795BFlaEV7hzhy1fmFb&mp=a193f8ce-100d-4c5b-ae4e-bed67be77dd0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
a193f8ce-100d-4c5b-ae4e-bed67be77dd0.t.ssp.hinet.net/ Frame 357D 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a193f8ce-100d-4c5b-ae4e-bed67be77dd0.t.ssp.hinet.net/pixel?bd=a193f8ce-100d-4c5b-ae4e-bed67be77dd0&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/ Frame 2730
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
39 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7960
alt-svc
h3=":443"; ma=86400
content-length
39829
last-modified
Tue, 25 Apr 2023 05:44:24 GMT
server
cloudflare
etag
"644768b8-9b95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0ZrMuXRiyi3dVGmA5FneuC74OFViPXTVv4Whm6CeUanYQavwqqMnZ8W4dhU%2Bxd%2FPJsywJmh25jgQCtIPF5OKSuqK6NLnvh2cUSpla1FYq2aL%2BydO2SoQzRJbbfnUKOsEKQ3%2BC9KvxXeqdllgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7d7e7f277b613e19-SIN

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 1DD9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306060101&jk=2473372328496026&bg=!lJell8PNAAaGYqkwpmI7ADkAdvg8Wo9EI8n8m7Q0HbsQP1lh7zbo8vxAK7IKezMqvJTJLrr-hfdocL_c0kE-AFK2C1e9cpp4UdYCAAAAXFIAAAAFaAEHmQMEn0Ms7U9hBZ1mFrJCmEHuAFY90VR2UIE0NvxL0C2aWRs8Rr9bSyWppP9bE_bRzQhIzran2BZlHp1gsjH1sXRBaaOoPNakF4X069e9nMbdyaHx1vl_d0vlNo83lA-Fv6mipv2rKzLYeBpf1BDWN0AT0MRDfcoioFq-hNJn8Wh96wtAF7CtzhX6bctnH4BsR2_VUkU-z7UTUBYD6vtL-F-hSfGjrtDNSCZdUEEugfJ2kkUhDlHK6xbHlJPuw4vDOeeWHp_PJ5JSlF8iOT31p7QAIWsGYJ9tK_dF1aNZdOmKQmGAuz7DwaqqpeehMHGtXFn51WIX1lI62568vXM456Zk2Z1j7eZt5fwELzMkTP-ikKVyXLM9As_BvHteHlQdPhqFcIfqwosHV8udj6ABTi6wX-65yxNDq4Mms7oGgSSJNJf4a6jj9ZQJwrLgGzC01jK6QDzdS670IHj2_VZ0R3BXvZDQzWWlxrUGZ9EpZKPPVEuLYQv0-56T7mnWeotvENfs4sgWRXILN7CxFWoyicUW7IPGXd9ISDsSQ2uNTdfUwGPBg96KaKlXN-MINAsSTXB1EdvOIrsQFsuFy3wR4-3LGlV7vSif8SgsdzrPc3HnX71SdjtDW69Qy0ZLci9VEVDuKONxWAlK4sOwbk4z5PI4QNRtp9OmnPe2fCzCeNFm_6CaL7uPyN3_VKstSvEmMldHIR-uBF8O7iDcAWZcbbVaiPvBylVyM55swQwGyXWtOAOB-zqMa5ZDJiJbzDFZiQgchlcp2sBuha548h1XGHATpQVNX11gQhpZC87fo3pvCu_5E_ZRhG_cZ9ic3btp8lnGPspMXX6aFuU4cvbu-T5tphMt3PNMBmBGSCtYAPTZLL7RL-tRtQ7GzGyoM5pMgAt0ZpI4JDIco6PE0jFslk560SSVFvrk4iwqEXiio1qASona9Ne_8cgNKPh7K33Wd0GnmG3SLw149H8qD25ujDaU29Kllhxbbkz0e_gGcMyiC9UE6AFpmj4ooMZHOyEd-TPFp269_g
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 2730 		975 B
653 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2846
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7NnC0wIPJi5w1MabXbSWbtG5a777pi1v2NMzKSWLMokxoqYhRw5MGMmI7IE5LSobQXQzwe%2F4jiOGKdV8Y1dR4OjAEUEor1IgCmoyrgDyQZc%2FJeo5BoSiAEPz8T08sZwZtuDdwGLkRFf%2Bg%2FO5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7d7e7f278b713e19-SIN
idRequest
sync.aralego.com/ Frame 2730 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
455f78358a6a2f9f9f72fe54f2a30f1b2e6df65f20a882a1a7318ff5425f703c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 23:12:14 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ Frame 2730 		686 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FN0z0k&adid=ad-BE7A8D43E47B3D23C77A9993A9B8A778&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.4444195074208208&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.168.56 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
200ef97a4ddfb724323a78acf5ac4565b869c9916c26f5e3e04a2a0622759f52

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 23:12:14 GMT
X-Width
300
X-Height
250
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
686
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 1C92 		714 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
age
11824
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7d7e7f27a8493ded-SIN
content-encoding
br
content-type
text/html
date
Thu, 15 Jun 2023 23:12:14 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRZhR3PudI%2FJQ%2BzrIcZcWUv3lxJeKdBA4%2FjlWPOcPajvI7XwD8W82dGZcxo%2BzBCJSlAztokmmrgVIMMgAx09srNUS0fcwlNnou0G%2FNi4SrjIWhM8dagfANiUhh79M3FzJAIxjVkY1ThDkDCWHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 2730 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Thu, 15 Jun 2023 23:12:14 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1C92 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ebce941aeb13f804bc4add7a19f33273bf2da6e5d2a0314205c7d06fd53c8f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25345
x-xss-protection
0
server
cafe
etag
361 / 19523 / 31075288 / config-hash: 17639771211870587372
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 23:12:14 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/ Frame 1C92 		408 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
809b827f88bbbaf0eaf9d639ac60b09360d4dd1f3f422854b94747770913d817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 11:05:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
43582
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128870
x-xss-protection
0
server
cafe
etag
11402592609364769902
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 14 Jun 2024 11:05:52 GMT
av
ad.holmesmind.com/adserver/ Frame B86D 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/av?p=14210:83869:167152:f87f641907841a8b3ef82ea35e30803c:18226&type=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.245.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-245-61.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
integrator.js
adservice.google.com/adsid/ Frame 1C92 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1C92 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=971954418455518&correlator=586767897852726&eid=31075288&output=ldjh&gdfp_req=1&vrg=202306080201&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1686870734118&lmt=1644386353&dlt=1686870734042&idt=55&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=44ppgdm6kvrb&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=6&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=385893965.1686870734&ga_sid=1686870734&ga_hid=1502441849&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b05baa182a4621dd8f9faf7c5ec8c7c6aeef6817d7c81beee01aa2513fff9dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8afd381351d3d47ad1ccb6ab3494a128.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E3D1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8afd381351d3d47ad1ccb6ab3494a128.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 23:12:14 GMT
expires
Fri, 14 Jun 2024 23:12:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4D0A 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c672cfbff40266c845c23b1d66f26f0117fb8e80b0dde3be0a2ec2a4ec8ec820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25344
x-xss-protection
0
server
cafe
etag
363 / 19523 / 31075288 / config-hash: 17639771211870587372
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 23:12:14 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1C92 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306080201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1dc0037eff91f68715c5ab301204e646b983c4d83eea2e53ea3df622349870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11029
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/ Frame 4D0A 		408 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
809b827f88bbbaf0eaf9d639ac60b09360d4dd1f3f422854b94747770913d817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 11:05:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
43582
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128870
x-xss-protection
0
server
cafe
etag
11402592609364769902
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 14 Jun 2024 11:05:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 4D0A 		544 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
expires
Thu, 15 Jun 2023 23:12:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1C92 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 23:12:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 690E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
65761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 04:56:13 GMT
expires
Fri, 14 Jun 2024 04:56:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 123C 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3e5523a60a0f9b0b1935adf7e840bbaca86d907f2f4b30f6051b20014b2e6820
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1-ydTTcitC05Et8osMjMbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-1-ydTTcitC05Et8osMjMbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 23:12:14 GMT
expires
Thu, 15 Jun 2023 23:12:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ Frame 4D0A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4D0A 		51 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1325556926329648&correlator=3451921836315739&eid=31075288&output=ldjh&gdfp_req=1&vrg=202306080201&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13856-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3792348143&sfv=1-0-40&sc=1&cookie=ID%3D3e6794230fc45277%3AT%3D1686870731%3ART%3D1686870731%3AS%3DALNI_MZvArFm1K6e9C7rtWi1GFteaJhMhg&gpic=UID%3D00000c13ce021cbf%3AT%3D1686870731%3ART%3D1686870731%3AS%3DALNI_MZScoG7qoJnIqeNryHOJB5yxGULbA&abxe=1&dt=1686870734208&lmt=1686870734&dlt=1686870734011&idt=185&adxs=270&adys=233&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=pmivdhsp7shn&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=6&url=https%3A%2F%2Freurl.cc%2FN0z0k&ref=https%3A%2F%2Freurl.cc%2FN0z0k&top=https%3A%2F%2Freurl.cc%2FN0z0k&frm=23&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1721945637.1686870731&ga_sid=1686870734&ga_hid=1502272881&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYmdTSiowxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOzS0oqMMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSbW8wUlRGc1RFOVJRbmxrTWtocFRtdzBNVWx0UVQwOUluMD0Y1NjSiowxSAASGQoKdWlkYXBpLmNvbRjs0tKKjDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1217c94a3b28472faf9382c0fb7ed91d95ac8be2416d72087e5e10017bf78fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12548
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4D0A 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306080201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b208a60eeebd44985bbfb87881d155735aa6e7ecc375696465dc0c291c179988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11180
x-xss-protection
0
container.html
9e3bf5e9367f37edaf91526beaeef189.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 748B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9e3bf5e9367f37edaf91526beaeef189.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 23:12:14 GMT
expires
Fri, 14 Jun 2024 23:12:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 123C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306080201&jk=971954418455518&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
pagead2.googlesyndication.com/bg/ Frame 690E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 19:38:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
185630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14773
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jun 2024 19:38:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4D0A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 23:12:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7375 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
65761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 04:56:13 GMT
expires
Fri, 14 Jun 2024 04:56:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5718 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b6d06e1fddb6ce0d409a97b6c4f35b92b0afeadbae45a79358fd1dbbf160261d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LmqBw4lMkZsgGVnxVLN05w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-LmqBw4lMkZsgGVnxVLN05w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 23:12:14 GMT
expires
Thu, 15 Jun 2023 23:12:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 5718 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306080201&jk=1325556926329648&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
pagead2.googlesyndication.com/bg/ Frame 7375 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 19:38:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
185630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14773
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jun 2024 19:38:24 GMT
generate_204
tpc.googlesyndication.com/ Frame 690E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?azEdKA
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 7375 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?CXt9mw
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305252018000/ Frame 1F2B 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 21:11:27 GMT
age
93647
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61795
x-xss-protection
0
server
sffe
etag
"7347aa4c83612bf7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 21:11:27 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 1F2B 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 21:11:27 GMT
age
93647
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5238
x-xss-protection
0
server
sffe
etag
"6efdfbd3c81d03c9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 21:11:27 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 1F2B 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 21:11:27 GMT
age
93647
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28864
x-xss-protection
0
server
sffe
etag
"51fe97ef57b83921"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 21:11:27 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 1F2B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 21:11:27 GMT
age
93647
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1896
x-xss-protection
0
server
sffe
etag
"9635e780e0a5dede"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 21:11:27 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 1F2B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305252018000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Jun 2023 23:10:24 GMT
age
86510
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12956
x-xss-protection
0
server
sffe
etag
"bd37dd4c3b7b688b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Jun 2024 23:10:24 GMT
css
fonts.googleapis.com/ Frame 1F2B 		8 KB
841 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Jun 2023 23:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Jun 2023 22:29:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Jun 2023 23:12:14 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1F2B 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 15:28:36 GMT
x-content-type-options
nosniff
server
cafe
age
27818
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:28:36 GMT
zh_tw_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1F2B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw_bl.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3734c01100f54eb39e2612827645a197465b209f0b058efd22d2aa04f34fb66c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 05:33:11 GMT
x-content-type-options
nosniff
server
cafe
age
63543
etag
4870481765684750750
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3412
x-xss-protection
0
expires
Fri, 16 Jun 2023 05:33:11 GMT
l
www.google.com/ads/measurement/ Frame 1F2B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTICXqoHASTqPgDIpCbCVDMXPe3IwZsq6mcem--KZVqB6big34mdVG7yBBqmmRvQvOATLGbHirf3twjWZYu0eiaIuOrzQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 1F2B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtcaYzpqLZObGDrCZ9fwP-PerwAOs44fycJrn_v22EdrZHhABINLMgRpgvwWgAfXQiOoCyAEB4AIAqAMBqgTNAU_Qa1brryYmVaTBFFMnkS_XHmJS7zg4XzqkaAGUcEgMFI9dtfm42ijPekFamPt9oe06pTlfzLW-o2RaxTwjMWOJSLewILuclPDPgeJ5Wc8UXUQB87QYyyI1FXXJjRLUWs4fjpNTRyGBcNoW3oiLk_qwhfV_9TZOee4hpSiI5jhVHTEEgu8V88hiWWaHhX2cJ6p9uj7baTO1BfLMTA8XIor2iFcSVhIsNmWQCogRoJUgWcx-sQ8-NPZAw_EGoAfWGh4W1kMZgk_xYGrzXN7ABJ7r64idBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfh8rLgA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOveAtIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDyAsB2BMNiBQD0BUBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=1WfjIXzq4ao&uach_m=[UACH]&cid=CAQSOwBygQiD_VgyWVS_2kh0_XMA3iCDelOgr9qkk_HC8pUfl6qDDeba5OYN_tunyR_Dn7uE1Zu27dca9k3OGAE&template_id=5028
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
truncated
/ Frame 1F2B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1F2B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cd96dc2377d9e28a25db5ce11e49b1c5aea01dffaf333501559edb55a31abec

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 1F2B 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 23:31:18 GMT
x-content-type-options
nosniff
age
171656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jun 2024 23:31:18 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1F2B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H2
Server
2404:6800:4003:c1c::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

date
Thu, 15 Jun 2023 23:12:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 1C92 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306080201&jk=971954418455518&bg=!YmGlYTXNAAaGYqkwpmI7ADkAdvg8Wo9-6daDf6BIgad7punV9gm5vBOOmIMQDmG7PSjDXdXAxZHWzZJLNxgNPf4-JSiYuqf6qhACAAAAc1IAAAACaAEHmQNRpZjufTwiWTbIbqIvDi0UzU8hh7M6jk83IZu574vttIenOZUSRR3vwfwcVb94pAmgGNkzYRt-3BHcpqddSihYSG0PBKPcnHbaZfi_2wOz7Ryw7PjWPLLjOqTGrweTW8o-NivEopXBdCLw7QB7J6VGECxK0TgjqleWSeUsuPmiaVOxi_ydEGvptVa26itkMaQRNcZj7AdldocF4hel1l1OUOVD5TUdvWByPVnCdWVbZFw3NNG2_6grziO-DwE-Xsaq3bY5J5Wxp4CCo6yzaqqEndRPWrfafog_UZf7v2hslgyg78quJB5nuLdclZZxlxnRBGsQBFlcejzIgzG3teTKx-E3aMIzlwYbOWj1n-0i599ukapU6F8JSt1CxdR1cPoS1n3Zfo_K5psggYZo94aXPkyMX9NijWaBeMwnJ_FlZLGChv1H69bjJ5EZ8DbkpsVCoGUzVdAOC7lVe2IVeZK_h5OV9fK6emOa2udU-NI-_7UwhbXNVQpCB2cpTv1wUN_irI5cxrlHJyREllL3Po76EdpYuv1rcDWW9tyFFIl9Rby8OzWM6_fiooVqz-oKTRby5TmkLarRR-nPkfhdzti7AZyJv-qzi9wOLz6u0u0iEWcAN9Z6gjZZded7TzUepfZUBxJCT-p1M7Hs5HDUqyuG5vIvJZRIH4TGVaYYoQNslpTUNY1nOVQysA0hwO08BcmZIEvrQFbBDaFHErsjF6EDQ15wsr3twPMn6aQ_Ntx2qEg9So6XkUUGV0wmLOc22oG-N4c1zjrDomtxI3DdcXa_d1OLqnVKIEuYGn4unJatBt26yrOnN3m55vRXhvyuDDfy80rk6k75v5nnsp-CUHvTySCHXpm5OxJP9C4OlPacBHD8PryWwqBPNT1GtbVW5RdenLuSf1fu-uxHhBNK4WQpQCZCxDZQC02ai9vrUFK2yvG2zb5n9bWImv4mxthLB2Jqe8l0nayVVCTDzvhSJyAnMXXw52Nv7AUwn9Ufq5HXIBhFYBKCsvjoBHKWTsHXNeTrIeWy_Lsdoc1VP-OpjE7xRvmrB7LjmpgqqYCYRJLim5CQCYxV2c9d7QhpJfvoJs4HumMXj-dowyYhjl5iNXDLuUoMHNMxY4CvDTYr87A5QETX
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 4D0A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306080201&jk=1325556926329648&bg=!fH-lfyvNAAaGYqkwpmI7ADkAdvg8WmCm00HhdjBuBLpgOvmCheWZlv-AGMZFXhxwjktJzJ7euWgbHilLD_w__VhbD_JUeAJUrNUCAAAAYlIAAAACaAEHmQMxiR7K_TUHpoaC6NXhs-7kHAWyS5lSaCPiPI4fkssDk5zSEYcKBJd50ljNOafsGhJxQ6JMvPa8aQLKCbZciM4WM4YBqlHxK_Hu-A_GHvSl3eBcnuwoXiobsJ2RfICvckgRSdG0DylxQsD20GvK3XMdrp2tyDyA6YIlLp5pICA7s_dLg1QZtuRH4YyQM_rvU3BSbX586BWNGWPQQJao8WDPD_10gO9ySfwn5cOOZvhOFZY8v4sVQsVtAVKGa6ou0rNCi2cw5P2A_MS43oyLPzV6QilLGJ8hIcW4IIKA6JpSukkofhyOPilFXLs7kw8yIetD6N6U_glMXkbo_hwiJ44q3nHq6srNA9__I_rkMfs9F0PAjbAWPArdW833CPe54Z2C1NHH1AU_ngfnYf3gXp8y5gEwN7m_I1Q1t5Rh9tVjm1nqRDxw4PFNzkPwYgNDFvza8YnRU_ENi311G-gtIioHsXN0TJpq0zAAeIQTlbNIv-5lp6xoUXBP92xMbcbCHc7AxnAQO37FEby6zh0AS-kHrhKjhvcDcEiV3dAjcGgxx9Q7CxmsJ8zasCmyWxr5iNq6dCjtxnpmEDUbVKABosUTciIXtcXiQnI__NQLa_6BcS_DUw-9BBP6eGQ1ioFQ6XlzA_c6aMOZYifrvb6-fkYPpd9nrZcmRbEcYtpF5IG52Hv54mOgPDjOcLixcnjaA_JHnDViLGgqvcjUJWbRaSFEZdRptNJ7PAltQlxwJCAz_GzDHsWXHr1X2P2533vYmImsJoXma5udGs2zLWvs4MsVxwwYM49b8qDWEANSqnaChrqWarxpX-RNGAOZ6spKq7y70iKcGB6IUWJzdFRcKWuJmvsPp86BBUTvYDFpOk1erFQeOWKYzBTmaiUK11n1_zIulK4Ejkvi8jW67QtyLdJcY_18XO5dFSs_MCD6xlPUAMicCxUZZdRyZ8xwRNaeXZQB662wDEaW8Z9XXgdsZpuvuQjyvEvYFI53WxaBeSEjhAXopGTg6rCeqtYUWn824pI0L2x9gSmyoBZW4P46qdxPGKHyoAHt5n8ffA82vxFTBiOn_87hhesuweNUxa2kv75QbQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame AC56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssV9CA1wZYYVPkrwD4CC4Hml-pIf2GsVFsZKW71WlHQQWq4PGb-ZI9lBQ-_fwCbsbT_k-xLThtqCzFPdmDXHDn32vY7PSfAG11mvIxQiC1unl7uBzP5P-IJA4ZuEzIDblni3KsBoqulvU-U7QDfjoxsinpQQqPv2okfvujxwVQxb8iq6m8ouwm8V1uiIUu5UCYdZDr_A12qd3R4JrlsDBE9yPIr12Y7Q20rHcjRjz7wTOTz2uf2t1ddCy2m4tq7rLxjo7B7ZBu7VJyETvP6SZNIohD1oxUbZHnfww3d0zMZkUS6F0BmaOO05_qMpvaDJDCaWvzgvh4KzsMuDVzGJsCITr1lDRN-_4svhQ&sai=AMfl-YQW1Cbynb-zrS2wSI1E3NQLr6pWTUdQOQxFIJREJpdfpPn5rwUScAqXBWXvx8Qal7Mim-FelwEisS7FL_6u7HsIWDi13z6upfVwQTWEXm7XYLBj_niFxjavyriXRWAL79OoVcnfsHjBZyIZtTg&sig=Cg0ArKJSzHf16RWnOU7ZEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 15 Jun 2023 23:12:15 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1F2B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZNT6KpmKhcFKikQ9YRxnWBMBkiue3d4Y4M3ZflTDlNm9LNgxoBmm6q9q8Rub7mAqGrrEEG5sGfKo3iiF8xlSIvl9bCdvrzzfqcZM17ETaMKoGOUSy6LDlgMf2mTDOlsZ3jE083KmJNw&sai=AMfl-YRsgRND4L4vMgUdHG8hRZVsP-3ABBmoVbVLI_1AJcfCvKD-qCENy-ZRI7X0DKTuHjx_XKBKlXUY9g6QsKYzcGYLX6h99bjyQw8-531Nt86WKz5lUtoAM3_AZ24&sig=Cg0ArKJSzBt2CLmtqyybEAE&cid=CAQSOwBygQiD_VgyWVS_2kh0_XMA3iCDelOgr9qkk_HC8pUfl6qDDeba5OYN_tunyR_Dn7uE1Zu27dca9k3OGAE&id=ampim&o=270,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=83&tls=1083&g=100&h=100&tt=1083&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/N0z0k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306080101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30506738598de91157330d41eb3af33210e9fa563c650a5d9b53a6db412fae96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11280
x-xss-protection
0
syncframe
gum.criteo.com/ Frame D6CE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 23:12:15 GMT
server
Kestrel
server-processing-duration-in-ticks
566785
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame 7EB7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 23:12:16 GMT
server
Kestrel
server-processing-duration-in-ticks
1144703
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 23:12:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F1B7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
65763
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 04:56:13 GMT
expires
Fri, 14 Jun 2024 04:56:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A3D7 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4fc0f7a57b3ddef4c17c94333d4fa8eaf5758c30cdb69ffe83531e517875cae7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7vd33bIwKcs3js-cQ2RllQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-7vd33bIwKcs3js-cQ2RllQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Jun 2023 23:12:16 GMT
expires
Thu, 15 Jun 2023 23:12:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sid
mug.criteo.com/ Frame D6CE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=3x0Cnl9UOE5keGhxWWpYcyUyRmN2WWViMGtnUVFZdDZ1bWE4ZEc5JTJCeCUyQkR4djBNVWV1cUNKeG5KaE...
  • https://mug.criteo.com/sid?cpp=AG6hh3xuR2lOTmhTaGljdFlTZ3dVVHZSakNMYk5VRlg4dGZ0Nmg4aG5HK01qWk5jbUxtUktGVk80TVl2MHZ3Ykd4NW9CYnFiSDY3SSs0V0JxRXNIenljZTgyUmR0clBvdnI4MER3WnVkNVJLNml6TFdjZEVKRDc2MWJ3OH...
435 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=AG6hh3xuR2lOTmhTaGljdFlTZ3dVVHZSakNMYk5VRlg4dGZ0Nmg4aG5HK01qWk5jbUxtUktGVk80TVl2MHZ3Ykd4NW9CYnFiSDY3SSs0V0JxRXNIenljZTgyUmR0clBvdnI4MER3WnVkNVJLNml6TFdjZEVKRDc2MWJ3OHNUOEhXU0JkNHhtTUcrNGxtek5GSk9Qa2E4WDhLdXRxWnU2YitDbFdNZllCWWc0OHFhSU1wUUFENllvV1FyOE5KNkYyQi9JMS9rQ1BBYms5TG9kb09ZQnhKaFMvVDVqR2RQY3pjNVhVMEpvRVlXMVpYeUhsampEb3pSNlNBQVRZYVBtdlBxaEI4bVQ0VnVyWFAyWFA3YUlJRFJBak11Zz09fA&cppv=2
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
fe0159598b6d89955ce20eb8d8ca51fc3b53ed31ef813e0361c38ebca46589e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
708570
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=AG6hh3xuR2lOTmhTaGljdFlTZ3dVVHZSakNMYk5VRlg4dGZ0Nmg4aG5HK01qWk5jbUxtUktGVk80TVl2MHZ3Ykd4NW9CYnFiSDY3SSs0V0JxRXNIenljZTgyUmR0clBvdnI4MER3WnVkNVJLNml6TFdjZEVKRDc2MWJ3OHNUOEhXU0JkNHhtTUcrNGxtek5GSk9Qa2E4WDhLdXRxWnU2YitDbFdNZllCWWc0OHFhSU1wUUFENllvV1FyOE5KNkYyQi9JMS9rQ1BBYms5TG9kb09ZQnhKaFMvVDVqR2RQY3pjNVhVMEpvRVlXMVpYeUhsampEb3pSNlNBQVRZYVBtdlBxaEI4bVQ0VnVyWFAyWFA3YUlJRFJBak11Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
260589
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A3D7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306080101&jk=37536722020134&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
pagead2.googlesyndication.com/bg/ Frame F1B7 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 19:38:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
185632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14773
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jun 2024 19:38:24 GMT
sid
mug.criteo.com/ Frame 7EB7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=3x0Cnl9UOE5keGhxWWpYcyUyRmN2WWViMGtnUVFZdDZ1bWE4ZEc5JTJCeCUyQkR4djBNVWV1cUNKeG5KaE...
  • https://mug.criteo.com/sid?cpp=_0dk83xiRGV1ZzVWc2hKMWpFU0dXVncyVFMxMHNqMXh5K2dLWGwydGFib01zcVZmRUdHeXM4N3l4TStHY3RhOW5UTEpqKy9DTVpFdEZtbzZ6REhtYnFCbE0wdG5SMExudU80ZVJwazdWQTZha3AwNnFnaWVaZHB5R0lnUz...
430 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_0dk83xiRGV1ZzVWc2hKMWpFU0dXVncyVFMxMHNqMXh5K2dLWGwydGFib01zcVZmRUdHeXM4N3l4TStHY3RhOW5UTEpqKy9DTVpFdEZtbzZ6REhtYnFCbE0wdG5SMExudU80ZVJwazdWQTZha3AwNnFnaWVaZHB5R0lnUzNveSs5WlhGS1NGQUNkU2hMbFdhQ0VjL2RYOFY3c1ljeVFKZlpMelZvOVZVZ21CaGlRK0o2OU9IQkczZ0pTYUtITzdzSVVIM0dpVmg5WFR6M3BtYUdCaHpBVXNZSmJ6MkdnNjkwMXZmc2xiNFBicmE1STk2VHQ2dXRaNFRzR1ZTTWl1d0JKLzZPaTg1ZmZuVkFqQUJFMEViVk4wcHpaUT09fA&cppv=2
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
6df5fac5ddbdb208804f95f1ae61251bd30eb1b3497bfe7b4594d2bf93c905d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
760871
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=_0dk83xiRGV1ZzVWc2hKMWpFU0dXVncyVFMxMHNqMXh5K2dLWGwydGFib01zcVZmRUdHeXM4N3l4TStHY3RhOW5UTEpqKy9DTVpFdEZtbzZ6REhtYnFCbE0wdG5SMExudU80ZVJwazdWQTZha3AwNnFnaWVaZHB5R0lnUzNveSs5WlhGS1NGQUNkU2hMbFdhQ0VjL2RYOFY3c1ljeVFKZlpMelZvOVZVZ21CaGlRK0o2OU9IQkczZ0pTYUtITzdzSVVIM0dpVmg5WFR6M3BtYUdCaHpBVXNZSmJ6MkdnNjkwMXZmc2xiNFBicmE1STk2VHQ2dXRaNFRzR1ZTTWl1d0JKLzZPaTg1ZmZuVkFqQUJFMEViVk4wcHpaUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
560032
content-length
0
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame AC56 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstICP7VYlNkRzZxxIVVMfG7cqA5wF9bnjxhEKzWYu9AQL2DvUT8gPISbJcUS7N6RalB3JJDDTq8ebHHJr2Y9VsBFdyK6OKqeN65ap3W_AdrkTvZiv6b&sig=Cg0ArKJSzEOoCl6M3yZGEAE&id=lidar2&mcvt=1007&p=364,640,468,960&mtos=0,1007,1007,1007,1007&tos=0,1007,0,0,0&v=20230614&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=19&adk=3271617715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686870731643&rpt=3862&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Jun 2023 23:12:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame F1B7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0RxSiw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:12:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless object| onbeforetoggle object| onscrollend object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS function| fbq function| _fbq string| partnerId function| hiball object| __hitagCmdQueue function| gtag object| dataLayer object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal undefined| google_measure_js_timing function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id function| Vue object| renews function| getRenewsFeeds object| app string| labelToken string| category string| GoogleAnalyticsObject function| ga object| SD object| device function| sitemajiDebugger object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_137 object| Criteo object| Criteo_identitytag_137 object| gaplugins object| gaData object| regeneratorRuntime object| ox_esp object| __uid2SecureSignalProvider object| __uid2 object| hitag object| pbjs object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests object| brWidgetInit object| truvid_protected

44 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1686870731.1.0.1686870731.0.0.0
.reurl.cc/ Name: _fbp
Value: fb.1.1686870731147.1297854882
.reurl.cc/ Name: _ga
Value: GA1.2.1721945637.1686870731
.reurl.cc/ Name: _gid
Value: GA1.2.279173108.1686870731
.reurl.cc/ Name: _gat
Value: 1
.criteo.com/ Name: uid
Value: c9d91d8e-0214-4bd1-ba3e-821f0b1c6b60
.hinet.net/ Name: uuid
Value: a193f8ce-100d-4c5b-ae4e-bed67be77dd0
.prnasia.com/ Name: __cf_bm
Value: 29wuAuMt0ABGwe2VywTx6TscuQK2j_zIA6.DCixmX7s-1686870731-0-AYMj3rPqrsVX1PHWOfrJobAErCSz2LctXY9ozCQv0YaWsHEbsiGDdHJJDEWoBnHl26N7MHV0IKhdGjVxjJc8LMM=
.reurl.cc/ Name: __htid
Value: a193f8ce-100d-4c5b-ae4e-bed67be77dd0
.reurl.cc/ Name: _ht_em
Value: 1
.openx.net/ Name: i
Value: 163e04d6-52ce-401c-9dd8-788d978d4898|1686870731
.reurl.cc/ Name: cto_bundle
Value: 3x0Cnl9UOE5keGhxWWpYcyUyRmN2WWViMGtnUVFZdDZ1bWE4ZEc5JTJCeCUyQkR4djBNVWV1cUNKeG5KaEtEMFNvZ095aXVDN1pzSmhrT1Q0WldUd3hndUtOenlydVdYQjI2SlFuVW81WlhmWVU5NjM3UzI4cWx3cmVpYUVrQlVrblNWWmxwNmYwZk5RSUxkT1lqODFXcldvM0hya1d5emclM0QlM0Q
.doubleclick.net/ Name: IDE
Value: AHWqTUkSnGXYt5k1L-3kX_1SBgORYTkEq5csjS0BAOhkFHzC7CQRssKL6DeBM1eyIUI
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.reurl.cc/ Name: __gads
Value: ID=3e6794230fc45277:T=1686870731:RT=1686870731:S=ALNI_MZvArFm1K6e9C7rtWi1GFteaJhMhg
.reurl.cc/ Name: __gpi
Value: UID=00000c13ce021cbf:T=1686870731:RT=1686870731:S=ALNI_MZScoG7qoJnIqeNryHOJB5yxGULbA
.reurl.cc/ Name: _ht_a546ca
Value: 1
.openx.net/ Name: pd
Value: v2|1686870731|jElYiuvOhI
.adsrvr.org/ Name: TDID
Value: dcbc777f-a1b7-47dd-9bc5-312e7441b21c
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwi0kYjnlYD3OxAFOAE.
reurl.cc/ Name: CFFPCKUUID
Value: 8436-PboIQPmEvVjNIBu2gGyjmuMWfjTk9CDI
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 1860-4TjSDifmUxIo8795BFlaEV7hzhy1fmFb
.reurl.cc/ Name: FPUUID
Value: 1860-0d2b8ed473d4177fc69dccb2e51d16c3e069361eea4610aac222c6dc50b4bf4c
.openx.net/ Name: univ_id
Value: 537072971|dcbc777f-a1b7-47dd-9bc5-312e7441b21c|1686870732047987
.ladsp.com/ Name: cr
Value: 1
.ladsp.com/ Name: smn_uid
Value: WBIeUpKwg6bPIcKEOc7U4w-zDqWi1gc
.ladsp.com/ Name: lum
Value: CMfb0oqMMRIFCAMQ0AU
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjg2ODcwNzMyfQ
.reurl.cc/ Name: _ht_hi
Value: 1
.c.appier.net/ Name: _auid
Value: Zb83999UCgqYx4S9zJqLZA
.holmesmind.com/ Name: Vision
Value: 20230616-23:59,20230616-10,20230616-10,20230616-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: P
Value: 249806-Lr2HSFEvOcUpiQ7zSREwm7rPsQQL1JcM
rt.ad-score.com/ Name: token
Value: VdjpwllXCqhgJ-v54j-pzQQJjhxlGRSO
.reurl.cc/ Name: truvid_protected
Value: {"val":"f","level":0,"geo":"SG","timestamp":1686870733}
.reurl.cc/ Name: _ht_50ef57
Value: 1
.aralego.com/ Name: sspid
Value: 5b589ff2-d55d-3cf6-99bb-53a85ef96c85
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.doubleclick.net/ Name: DSID
Value: NO_DATA

5 Console Messages

Source Level URL
Text
network error URL: https://img.scupio.com/js/ad.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://cdn.holmesmind.com/btad/v2-btad300250.css
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5ecd6fb663626684e5228d5bd4f14295.safeframe.googlesyndication.com
8afd381351d3d47ad1ccb6ab3494a128.safeframe.googlesyndication.com
9640397cd4bc5acb9ae56a6c193c668e.safeframe.googlesyndication.com
9e3bf5e9367f37edaf91526beaeef189.safeframe.googlesyndication.com
a193f8ce-100d-4c5b-ae4e-bed67be77dd0.t.ssp.hinet.net
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
adservice.google.com
anymind360.com
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
cdn.ampproject.org
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cnt.trvdp.com
connect.facebook.net
cr-p3.ladsp.com
creditcards.com.tw
external-sin6-2.xx.fbcdn.net
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i0.wp.com
img.gbyhn.com.tw
img.scupio.com
jp-u.openx.net
m.holmesmind.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
re-news.tw
reurl.cc
rt.ad-score.com
s.trvdp.com
scontent-sin6-2.xx.fbcdn.net
scontent-sin6-3.xx.fbcdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
sync.aralego.com
t.ssp.hinet.net
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.googletagservices.com
www.rayskyinvest.com
www.facebook.com
103.132.192.30
103.254.153.160
13.224.249.20
13.227.254.27
13.33.88.20
13.33.88.89
13.35.8.69
139.162.38.30
151.101.65.55
172.217.194.154
18.179.245.61
182.161.73.136
192.0.77.2
192.0.78.187
192.0.78.25
202.241.208.57
203.75.214.136
209.58.168.56
210.59.219.34
2404:6800:4003:c00::5e
2404:6800:4003:c00::61
2404:6800:4003:c00::65
2404:6800:4003:c01::84
2404:6800:4003:c01::9a
2404:6800:4003:c02::5e
2404:6800:4003:c04::84
2404:6800:4003:c06::84
2404:6800:4003:c06::9a
2404:6800:4003:c0f::68
2404:6800:4003:c0f::9a
2404:6800:4003:c0f::9d
2404:6800:4003:c11::5f
2404:6800:4003:c1c::9b
2406:2600:7:100::1
2406:2600:7:100::12
2406:2600:7:100::9
2600:9000:2003:9a00:a:e047:753:be1
2600:9000:200a:5a00:1e:5c56:d400:93a1
2600:9000:229f:7800:0:e06c:e940:93a1
2600:9000:23d2:7400:3:1794:2540:93a1
2606:4700:20::ac43:47fe
2606:4700:3034::ac43:961f
2606:4700::6810:fc04
2a03:2880:f00c:10d:face:b00c:0:3
2a03:2880:f00c:212:face:b00c:0:3
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
2a04:4e42:200::485
34.102.146.192
34.120.107.143
34.95.67.231
35.185.130.121
35.185.136.122
35.186.215.140
35.190.31.54
35.190.36.98
35.201.76.93
35.208.216.174
35.227.249.156
35.244.159.8
35.244.196.223
35.71.131.137
52.68.130.185
54.192.150.68
017309e46e8afa104933d00180a43ca7e5fed547e25124bd133d3a1e3100c158
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
09220d95a594d96edb7b812467cb4c048aca524c1876a229930879e64b28148b
0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e
1217c94a3b28472faf9382c0fb7ed91d95ac8be2416d72087e5e10017bf78fcc
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
140de4005118f59e2dbf7146c402b34445229f462768920df1532816274e5e07
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
188e3be5545c69b7d82fec5d1d7d935d25677b270fea5f418a7bc46bb94f376a
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1f61f2bb3a792e1484c951513072f7ae1b3fdea9f7e6143619e2cc84a3eb7c44
200ef97a4ddfb724323a78acf5ac4565b869c9916c26f5e3e04a2a0622759f52
2505d4c9a43f8f751b4b69a694e351cc3f2158a8cde9f80596339acc61f26c2b
273b927348a9c4d0b3fbb072f0866252a2f1064b742ec53c9f71fb656800bb70
27d6fbd16bd3dcc2355df4489d14ed6f89349471ffe55ece7eab5da3a8e9e5a4
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
2e456c1c7bfcdb1d0420549d4120ecae6169e2f1d02e40251ba6d8975c4ffa69
2ebce941aeb13f804bc4add7a19f33273bf2da6e5d2a0314205c7d06fd53c8f0
2ecc648ad4462f122a8fef60fd36c58426a5559e857e958a6fc9c838b458a913
2fc433972103a499a34dc440bc6561e9734b2cc69363ddc20a482b4af45e4003
30506738598de91157330d41eb3af33210e9fa563c650a5d9b53a6db412fae96
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
32634f03feb994e948aea6989fde937a698fe69842a1e40effbfe112e06b168f
35b949317d90ae988aa71a81b11d042b38a18fb1c200824698b23529d726fa31
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3734c01100f54eb39e2612827645a197465b209f0b058efd22d2aa04f34fb66c
3b05baa182a4621dd8f9faf7c5ec8c7c6aeef6817d7c81beee01aa2513fff9dd
3cd96dc2377d9e28a25db5ce11e49b1c5aea01dffaf333501559edb55a31abec
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d9a612f852ba9f3564e53516bcd21b0283341c3b3655c3f439f2e84bdc4faa2
3e14a24354718b94c97b14fc609d9402d5ca25ef997bbc340df91ebfdf3240ae
3e5523a60a0f9b0b1935adf7e840bbaca86d907f2f4b30f6051b20014b2e6820
3f472605c58920da59535b93d694d6fd86d18119bb9b7558ce22ee0f83696ce7
40ca1868966efbc5cceeb165e201f043173e5066406e386c144cc6ca12cf7af8
43aaa5d15b2345c47190d5ae50c56f4c9a0f9bb0f4507d3e05c66607d08b6a0c
45106ead645a12f7ddf9e6775ac73810783e3bacadba1521350802d6cb8a4e6b
45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
455f78358a6a2f9f9f72fe54f2a30f1b2e6df65f20a882a1a7318ff5425f703c
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b
4b42363366f30fef04c97f52eb3bb2bc0f8959f10dc2cd5720ee7c22c5d11dfc
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fc0f7a57b3ddef4c17c94333d4fa8eaf5758c30cdb69ffe83531e517875cae7
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578a4c21f936a17e4d85b994c66aaceec5d327a1fb990dc8fcf87de2f8ecc593
5a85e8575ffc41ecbe854206a74d020e6efb3208eb5e396117b25960477792b7
5cc3913449c85f4159838b5d9b8375599f333fd14d7f66bf4a96bf9a234787d5
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
5f6b28333ff153456a548f191a3105b7d9d8dad4ad01a87aec4a48728a0f4804
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60b4c8697c73df4d71743a99e6f78f0d9f62a2c8eea3bc1b59319adf52ba1348
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bf7e57ebc12f7a61aa36a8e4b4b25c8412f2212f91ff6f9b77d393245eecb1
6419d1d9a6c49068144928b6ce8a9893f9639013fc3cf485312d03b8dd279645
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
67988687e1abdb7513a40ec60f8ed45c834949e86c1c9fa76983d00590ce0da4
68a0ed9bfdfd1fb7b426402b41ab30c0b2f955fb016d748545407152d2150949
68b5fc92b2f74795cdb0c628768f995a09e22206416bb79397f79c77a361e115
696d9aa7903a33103f86f27b18a63e4127b5dcb45b792d31daee9943fc87d2c4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6df5fac5ddbdb208804f95f1ae61251bd30eb1b3497bfe7b4594d2bf93c905d3
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
74f45dfec17b3f6387b64c54c454f7954abdf167e10c4d0a116735f75ea2e323
7694573a86f303cabb2d2c27064dcaf58e0df866a47ccf73d14a6b682bf7450b
7790e55be1ca0012236104d6e934841453a677cc805d4cdf393337cccce20e09
7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7e46bc6781cccee04a48830951988806f3ab5ff9f468c7b0112c1594ba364b28
80556728d189dfac8b1b1c57c436a3b42053f045bff185a6148bf1bc1416265d
809b827f88bbbaf0eaf9d639ac60b09360d4dd1f3f422854b94747770913d817
80a3fff5500524d534f893805d80c239e47a21498972c3cfd83898d0ed88b37c
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8377e96dd5a60df39397d22401247e3e3c51f9121019c3908cef680ab52603d3
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
83b7d2afe243941c2527b2d875836ad2cb864290690dd1b253389de3f7bc7da4
86df418d759487f91b379ac929723336e45cf28b31395bb383bc4439b2150125
86f9152f9b5119e41166a049a5974210668f747f001d1d786cc20ce21ea49ad8
883839bf40583d474667ac1c15305748ce0edebc9a9ee6ad7ed3fe5c3b203d42
88dfea8ddaa571e6374078030cdf9deccbe1d3cdc8f7383488c0d191c2c83115
8a65b648d4ecec256df8a8341fea63ae526aacc23bc087848da35c0f37acf1b4
8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1
8bbbc366133eebc269aa0b4c9893140db2b61666a03417b07923f8201846ed8f
8c8cb45e58fd27dc7c8bfc38bf2f9f054d5247eb5bd44b0ad11b951d1b046089
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
9521562582cce8c20dc4e62e619a707d5484ee08f7ae6644888bbe19637afee7
95c39df4b850727258bfdabdf84c2a837a9b0497604d4339cac48345f2a5ba46
95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9a02f59d86a26b369c40c5b7a2aebedeaa2508906e682bb0f6d5f6225fa545b9
9c48cd64d7266a960374c839977d4c3bb58ad12f31eeff5cbcaab57abe364bc7
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6
a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c
a4253ee8fdd7f84329fc4b4e0c28d0fbc12d0019d2c784637ec1d108e9ef3555
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a57b89af110a4f2fe1576ccbe0c16a9bf6890ed81cc04c69f9ec9f7bb41314b1
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa5b76ca61e046c07844de24e2581bc0065ed836538b4564e162abf7524e5f8b
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
ac4c88d5d589bde251a972c9d285c6776a048bc88b8d9d2baffa41c7165c7f4e
ac90c6ed9c4d9d9fc79f570cd8b53b6ab1d7aecd223c10b39acf5d40e3d85946
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b208a60eeebd44985bbfb87881d155735aa6e7ecc375696465dc0c291c179988
b2bb04c3211bcbc0f33da2a3bec381097ada44146d9d958fdfdd8ff954797a87
b6d06e1fddb6ce0d409a97b6c4f35b92b0afeadbae45a79358fd1dbbf160261d
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
b8050434a090721039224e4c3a116dfa71593c3e1a64f9322aa19e3a5d01798e
bd2aef8889cfa7985515c78b0837c9380c6c15a260966dec4cd9512802d15672
becb2a48dc4383686fb43c9b64349efacd79142e7bde3d9bef45adc182e9cb19
c672cfbff40266c845c23b1d66f26f0117fb8e80b0dde3be0a2ec2a4ec8ec820
c7890c25b1680b55b8055cde4aa350bee41a2af71df575cad543f654e6dfc321
c8e356c74f1dfe7bafab639f285da42552b84c16e396d1fd90b3b7594e680c37
cdb96899982f1784dfccb19484bdbceb6f6305c0eba0e3e672d1933e0834e1d3
ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6
d02f9df9c5169b67b109063633831c2560bb68676bc102a7028912ee61950773
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d9f0140f43474cb9aa7fcc86f5a9f3bb8c3902134d62c761db0e5b960cb39957
dd9eea5acb86c9896e3bcf09e9aa9c94f7e9c0ac83e8de15ef1fb027f86d06e4
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e2d93b24584df8c25977bcea447ab18f21a5802bda10d2535e5a17c0a570752f
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230
e615adecfab746b03bbc503bd5a48ccb8c5a1c233795efe9a6ec52f49c72342a
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
edc6e501b535f89438f3e8297ac75c3473b7572c433f4af0185b4a5d96ddd1ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1dc0037eff91f68715c5ab301204e646b983c4d83eea2e53ea3df622349870d
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f51f710d48d3dc383dbe738701b90ef9f662e0d281599da55380e7c5dcc68941
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c6ae65375ab8a39123e5e0f45a4564b0179f79276167ed8716b569c4c1170f
f90b99b85cee8e860ba32f67070803d3a004c828c511e1c79f4db457817a07e5
fb10c1824e7873b505840d3d7f66b7827bf2227ad9cd151646a9fc0c5e6a0a17
fbba513a7024d8c2393a8cca7604bfd90a9ea53c62b8bd4bf127c2982d415cbf
fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c
fd89fdd5f4b6b16d5d56eb18e5798c3b38fcecb925cffe76f1bcf1e80bef6982
fe0159598b6d89955ce20eb8d8ca51fc3b53ed31ef813e0361c38ebca46589e6
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
fe3c06eeffb10add536e52ac60fb6cccc3ea545d6fa16231830de8c4630d4851