reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://reurl.cc/GE486v
Submission: On September 06 via manual (September 6th 2022, 9:00:42 pm UTC) from US — Scanned from DE

Summary HTTP 277 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 50 IPs in 11 countries across 32 domains to perform 277 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 225702.
TLS certificate: Issued by R3 on July 24th 2022. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	35.185.130.121 35.185.130.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
21	13.32.99.7 13.32.99.7	16509 (AMAZON-02) (AMAZON-02)
58	2600:9000:20e... 2600:9000:20eb:2600:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	34.95.67.231 34.95.67.231	15169 (GOOGLE) (GOOGLE)
35	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 6	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
4	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
5	2600:9000:216... 2600:9000:2165:6000:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.78.135 192.0.78.135	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6810:fc04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.78.236 192.0.78.236	2635 (AUTOMATTIC) (AUTOMATTIC)
1	34.102.176.152 34.102.176.152	15169 (GOOGLE) (GOOGLE)
2	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
12	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
15	52.68.234.1 52.68.234.1	16509 (AMAZON-02) (AMAZON-02)
7	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
1	74.6.138.64 74.6.138.64	26101 (YAHOO-BF1) (YAHOO-BF1)
1	2a00:1288:110... 2a00:1288:110:c204::b000	34010 (YAHOO-IRD) (YAHOO-IRD)
8	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10 20	34.96.119.68 34.96.119.68	15169 (GOOGLE) (GOOGLE)
10 10	172.105.203.31 172.105.203.31	63949 (LINODE-AP...) (LINODE-AP Linode)
5	34.117.219.39 34.117.219.39	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	35.78.36.205 35.78.36.205	16509 (AMAZON-02) (AMAZON-02)
1 4	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
6 6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
8 16	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	23.75.240.210 23.75.240.210	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
4	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:400e:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
277	50

6 35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 13.32.99.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-7.fra60.r.cloudfront.net

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2600:9000:20eb:2600:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.95.67.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.201.76.93 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 210.59.219.180 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2165:6000:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.135 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fc04 (United States)

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.236 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.210.196.208 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.68.234.1 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.6.138.64 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: media-router-flurry71.prod.media.vip.bf1.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 34.96.119.68 (Kansas City, United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.105.203.31 (Tokyo, Japan) 10 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1857-31.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.117.219.39 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 39.219.117.34.bc.googleusercontent.com

fp.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.78.36.205 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-78-36-205.ap-northeast-1.compute.amazonaws.com

ccm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 210.59.219.175 (Taipei, Taiwan) 1 redirects

ASN3462 (HINET Data Communication Business Group, TW)

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638::1c (France) 8 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.75.240.210 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.96.200.41 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:810::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
100	holmesmind.com 1 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 116601 fcm.holmesmind.com — Cisco Umbrella Rank: 125197 c.holmesmind.com — Cisco Umbrella Rank: 91402 adcdn.holmesmind.com — Cisco Umbrella Rank: 117678 ad.holmesmind.com — Cisco Umbrella Rank: 86167 fp.holmesmind.com — Cisco Umbrella Rank: 120330 ccm.holmesmind.com — Cisco Umbrella Rank: 410880 m.holmesmind.com — Cisco Umbrella Rank: 257193	4 MB
38	criteo.com 8 redirects bidder.criteo.com — Cisco Umbrella Rank: 834 gum.criteo.com — Cisco Umbrella Rank: 458 mug.criteo.com — Cisco Umbrella Rank: 1814	49 KB
36	scupio.com 1 redirects img.scupio.com — Cisco Umbrella Rank: 69185 bw.scupio.com — Cisco Umbrella Rank: 123502 prebid.scupio.com — Cisco Umbrella Rank: 60966 rec.scupio.com — Cisco Umbrella Rank: 138654	326 KB
35	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 76784 3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net	26 KB
30	appier.net 20 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 32146 gocm.c.appier.net — Cisco Umbrella Rank: 3894	4 KB
9	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1365 eus.rubiconproject.com — Cisco Umbrella Rank: 840 token.rubiconproject.com — Cisco Umbrella Rank: 1115 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 24812	22 KB
8	criteo.net static.criteo.net — Cisco Umbrella Rank: 782	270 KB
7	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 14031	1 KB
7	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 188 cm.g.doubleclick.net — Cisco Umbrella Rank: 303	1 KB
6	aralego.com hb.aralego.com — Cisco Umbrella Rank: 17161 sync.aralego.com — Cisco Umbrella Rank: 4304	2 KB
6	reurl.cc reurl.cc — Cisco Umbrella Rank: 225702	6 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480 fonts.googleapis.com — Cisco Umbrella Rank: 120	70 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	9 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	yahoo.com ads.yap.yahoo.com — Cisco Umbrella Rank: 12579 geo.yahoo.com — Cisco Umbrella Rank: 1922	923 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	35 KB
2	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 83618	11 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 493	57 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 976	33 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 638	30 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 7203	1 MB
1	alphaloan.co blog.alphaloan.co	151 KB
1	racingcharger.tw img.racingcharger.tw	143 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3720	22 KB
1	gbyhn.com.tw img.gbyhn.com.tw	115 KB
1	prnasia.com mma.prnasia.com — Cisco Umbrella Rank: 822446	18 KB
1	creditcards.com.tw creditcards.com.tw	46 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3469	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 19	501 B
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 582	5 KB
1	re-news.tw storage.re-news.tw	6 KB
277	32

	Domain	Requested by
58	cdn.holmesmind.com	reurl.cc cdn.holmesmind.com ad.holmesmind.com img.scupio.com
28	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
21	img.scupio.com	reurl.cc img.scupio.com rec.scupio.com code.jquery.com
20	ad2.apx.appier.net	10 redirects reurl.cc
16	gum.criteo.com	8 redirects static.criteo.net
15	ad.holmesmind.com	img.scupio.com cdn.holmesmind.com reurl.cc
12	bidder.criteo.com	img.scupio.com static.criteo.net
10	mug.criteo.com	reurl.cc
10	gocm.c.appier.net	10 redirects
8	static.criteo.net	cdn.holmesmind.com img.scupio.com static.criteo.net
7	3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net	reurl.cc t.ssp.hinet.net cdn.holmesmind.com
7	prebid.scupio.com	img.scupio.com cdn.holmesmind.com
7	prebid-asia.creativecdn.com	img.scupio.com cdn.holmesmind.com
6	cm.g.doubleclick.net	6 redirects
6	ccm.holmesmind.com	reurl.cc
6	c.holmesmind.com	1 redirects cdn.holmesmind.com img.scupio.com
6	reurl.cc	reurl.cc
5	fp.holmesmind.com	cdn.holmesmind.com
5	adcdn.holmesmind.com	cdn.holmesmind.com
4	sync.aralego.com	img.scupio.com
4	eus.rubiconproject.com	reurl.cc eus.rubiconproject.com
4	rec.scupio.com	1 redirects img.scupio.com code.jquery.com
4	bw.scupio.com	img.scupio.com ajax.googleapis.com
4	www.facebook.com	reurl.cc img.scupio.com
3	fcm.holmesmind.com	cdn.holmesmind.com
3	www.google-analytics.com	reurl.cc www.google-analytics.com
2	fonts.googleapis.com	reurl.cc
2	token.rubiconproject.com	eus.rubiconproject.com
2	secure-assets.rubiconproject.com	2 redirects
2	m.holmesmind.com	cdn.holmesmind.com
2	hb.aralego.com	img.scupio.com
2	ajax.googleapis.com	img.scupio.com
2	connect.facebook.net	reurl.cc connect.facebook.net
2	ad.sitemaji.com	reurl.cc ad.sitemaji.com
2	cdn.jsdelivr.net	reurl.cc
1	fonts.gstatic.com	fonts.googleapis.com
1	pixel-apac.rubiconproject.com	eus.rubiconproject.com
1	code.jquery.com	rec.scupio.com
1	geo.yahoo.com	reurl.cc
1	ads.yap.yahoo.com	s.yimg.com
1	s.yimg.com	ad.sitemaji.com
1	static.wixstatic.com	reurl.cc
1	blog.alphaloan.co	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	i0.wp.com	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	mma.prnasia.com	reurl.cc
1	creditcards.com.tw	reurl.cc
1	www.google.de	reurl.cc
1	www.google.com	reurl.cc
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.xx.fbcdn.net	www.facebook.com
1	storage.re-news.tw	reurl.cc
277	53

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2022-07-24` - `2022-10-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
feebee.com.tw R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2021-10-13` - `2022-11-13`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-16` - `2022-09-14`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2022-08-26` - `2022-11-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.ssp.hinet.net	`2021-10-12` - `2022-10-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
tls.automattic.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.prnasia.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2022-12-08`	a year	crt.sh
*.gbyhn.com.tw E1	`2022-08-04` - `2022-11-02`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-30` - `2022-10-27`	6 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-21` - `2022-11-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-05` - `2022-10-26`	2 months	crt.sh
m.yap.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-07-05` - `2022-12-28`	6 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-07-12` - `2023-01-04`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.t.ssp.hinet.net	`2022-04-14` - `2023-04-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh

This page contains 38 frames:

Primary Page: https://reurl.cc/GE486v
Frame ID: 1ED64E8D0C5B7060B28F8C9997B0D7CB
Requests: 36 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 6AA0DF0D403F4BB50A8C1BF4BB7ED689
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: AE8B6DA57126E2D7E9D6C689024ADCAF
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 1463C2F9FAC06AB1246D46902E5A32D9
Requests: 32 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: BCACC93971DDDE70F7A498DAAAD76DE5
Requests: 12 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: DEC19960F2502E919EC5D2F8C9D9C5DB
Requests: 21 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 74D669735A2C275FCA8E270DF2AECDDE
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: AC1C0122E70D66BCD24BD03C2647AD94
Requests: 17 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: 0461B117C63FF78DC93F1AE648BBA6EF
Requests: 16 HTTP requests in this frame

Frame: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Frame ID: 0AE2EEFA17414C19AC0454866C9F5449
Requests: 4 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&CFFPCKUUID=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Frame ID: 0586223D7FDE40AC97AF2C5D197D841C
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&CFFPCKUUID=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Frame ID: 9785D5C2FFE35C5CAE9B566A6EB16983
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&CFFPCKUUID=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Frame ID: 70F98D97F8698C8B73478B4F46C05E02
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: 8E2A1F1388BE1E0ADA4D1EAB1353AA8C
Requests: 14 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/tmp2/1.js
Frame ID: AB48BAE50DD18A1760D5B6753109775A
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: C6ACBB78CC1C7D68CEE6786186D67C06
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 774A944A10545987D5E5AA81F8EDC684
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: C1B7400A75563F8BC5354A4834C7C07C
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: FACEF31B70A14EEFBF2BCE19C2C3A886
Requests: 26 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 38F414D38A9A6D6E8A7441124D3C0200
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 508D69F2DFE7786C68CDB24C41A4D039
Requests: 25 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 34F165F7D08AD9962495B2DB53172716
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: DD02A2CA67BED43B426E425CB1E6691F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 5C028B50357A32047D0282D2D7229F60
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 2F2F418E0A6750B774DE6F4DDE4B2559
Requests: 2 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&CFFPCKUUID=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Frame ID: EF07F984784FA03F27B311CDB45C4A79
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&CFFPCKUUID=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Frame ID: 1CDDD6461BA8AB6C7AB348FF91B63C5A
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 36FB397975A9095F3F0B145ECAA45DE4
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMIWkI0j7Z1LSF_SYk-kAJU&google_cver=1&google_ula=3918219,0
Frame ID: 5A1EB1DA4E328B0B293DBA81CE64A35E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: D1CE56D07E96D998A7B8D9DE87ED5306
Requests: 3 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 1392034640E42B46976096EA07D90F0F
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMIWkI0j7Z1LSF_SYk-kAJU&google_cver=1&google_ula=3918219,0
Frame ID: B1834048003EB8A77C4447CACBBD1AC8
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 44EBDC30D87791BD4124A7DE0B4C540C
Requests: 4 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=52
Frame ID: 0A1F44BB17C32E4BAD2027A0C5B330E5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 8EEF3F9A7695FC1A880B888E827501DC
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 55A4A84FDB91B1459DC070DEAD1B899D
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: FF46FC8495C334FFB9ADF93285488175
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 94673EEA58852AA619859D3565EC6D99
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

277
Requests

91 %
HTTPS

40 %
IPv6

32
Domains

53
Subdomains

50
IPs

11
Countries

6759 kB
Transfer

8490 kB
Size

31
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://re-news.tw/
Title: 離開此頁

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/235498

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/3861830_XG61830_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/42110

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/7099

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/31532

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/24976

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/62ac3baf046fbcdeb316da93

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/password/zh-Hants
Title: 密碼序號產生器

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: UTM網址

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 83

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=9_Le8S1yCmukUC-Y-LQXYw

Request Chain 84

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=EPkjV9C5CXKIgOLK-LQXYw

Request Chain 85

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=TtqK2hUWAeyqWHAm-LQXYw

Request Chain 86

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=JHqzFV3QBmiClqad-LQXYw

Request Chain 87

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw

Request Chain 89

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=cmF6CO5JC8GyRJ27-LQXYw

Request Chain 121

https://rec.scupio.com/recweb/js/rec.js HTTP 301
https://img.scupio.com/js/rec.js

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined&google_tc= HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined&google_gid=CAESEMnDld1NMlGJ58RKL-iTrYg&google_cver=1

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined&google_tc= HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined&google_gid=CAESEBC_H0KXYxuLTEe4DWAiEJA&google_cver=1

Request Chain 175

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=5QKxQXwveDMwa201TzFncXp1dEVQbDl0MzN4R1p4blB1SGhiTVJNV1ZyaVRZRGhOaDBtVGlOaVo0RHNEWWd5dXZJeDg2T1QxQ0pNOG1uRWJhQ2dJWWw3ZlVyV2w5cUlHUW9OVTVpbkdKYStuNzZhUWtZK0lHSTVKUFRLZzFmcjZ3cE1Nd1FwbU10VXRGZ2doVjdmeWIwd3NXeWhUNVJSdHdRWTlaSEI5SzFIcjNLRXhtakxKc3g4K2MrK0d3WEFqbkpJR09WZzNPZ2ZlQ3lMeXZUMnBmczdaeDBpZFVZUTNhUmpDbFN3VWc4RDBJTGE0TFd0TVQ2RXVMVzBFK2wzWGFLZmRHRlZsdnQrZnQwWXpLN0RnN0VXK1hidWdidU1XRDJ4dk04cDNiVWYyUTZ3az18&cppv=2

Request Chain 176

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=DeLwBHxXbTY1czJjYzVtVnpxNUo2WCtEQkN0eGpSbmUyRHRPTUQrazlBZ2dCcmlRMzJzaHhxakZ4Z3QwZDlRVTloNEpVLzJKQUk0QXdJK3JydFdZUTJ1UWlxckMxYzF4b2xWOW4vOHAxeURMWVJza1ZaN25xYkxLaTluREoxVHcrcmR5L3l0TFNYa29QTUFWMnpIckJrZFRGT0xHdi9waXErOWVEejVZayt1dm55WHpDdjl0c0RMdDl0aG4rckRRaVBpVVFiUWdyN292ekZ6NnNML3dXdkhaZVVSaUlkSVFYb3pISzJ3b1FhbE9QaklCR2k5cENYb1JhdVMwM3g5MWg0dnZ2VExmbWZXUm16ZlE0Wks2aVh3SkpPSDhTNHZjcURtRjE1UWlhTzVhb3JOST18&cppv=2

Request Chain 179

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw

Request Chain 195

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1RBMjAyMjA5MDcwNTAwNDAzODI4NjE%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMIWkI0j7Z1LSF_SYk-kAJU&google_cver=1&google_ula=3918219,0

Request Chain 219

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q09BMjAyMjA5MDcwNTAwNDA1MDg2OTI%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMIWkI0j7Z1LSF_SYk-kAJU&google_cver=1&google_ula=3918219,0

Request Chain 224

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 234

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw

Request Chain 235

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw

Request Chain 260

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=VZt7Y3xTMDRPTlZKT0x1V3lPNWEyWTZEOWJpRVlQcjE3ZXFyQUo5N1lzenhXdlBvK2k2a0dVVWpvMEMxVkM1OUdqbFAyZ0UyZngxamVsc0RQN3pRL1p6WFBSd2x6VXNYdzZkWVU2MHJ4ZkhMZGJ3blZsR3h2Nytnb09yUEYzSFVWSHRQWUNGdUIxMnp5dktUS3dPV2syTFFFN1FqaDEzdzcvV3lPd1VKZ3RpcmJ1VFByNWM3c2JxQTNCdllIcmhUa3FnUE9uTURhYnp1VlVMOEpaME1TMVBtV1JhM2U4VFRBQitvL2J4T05ZazQ5UWVxY1pwenY1MTRlVCtFR2pxRFRGbHJwTzdBSEZ0cUUwc2VwdVRuRFlQWnB1dz09fA&cppv=2

Request Chain 265

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=bnWqEV8yRGE0YzVDOHZLWWFTaHNsayUyQnFGcThQR3RkTTA3bDdsOHdZMmdsRU5xVkFRTVdIZk5ha1ZReENEaiUyRlVRaUgxWWlaNUJOaGtJeldDd1NzVVg4dDlnZE1JdVdXZEslMkZ5U09INGNzODRzalRBVnE2VGpKekNUbzh4andVJTJCeTBWTVFFQmZvdzhFNFc5RUt1YSUyRnNvZkRTZW1BJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=rZznRnxlVzk2aVdmV1hNSVh6WGxneXdObHZBRWtjWFFlWkQ1S09aUHpqNGp0dHRETGc3K1E2NWZqUlp2ZTJkeWJmMVUzQmptdWZBQ2tWWFR4dXdqUGRsNi9WR3ZJdGNWeXVOcnZnVWV4UFppM3QwZTVPNDBZR3BTSnQzbVBMUy9OM2V6eDJSdFFscVlKWFdlY3dXY2prQ2lkczBBYklhR3pOTnQwUTA1SmdaQVAwT3VpU09Qbmp4Sk9PZFJRQ2w3WFI1dUhiZHBkMjFLY1MzUGZvaDRvNjZuQzJDM2xRakVHNVQ3SkI3OGp1b1RjVjd3NytGTTJ1L3BzREJMNHVaU0h0WkJmaEhuenl1S0E4cVpjQkZDZU9NWWtmQT09fA&cppv=2

Request Chain 266

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=bnWqEV8yRGE0YzVDOHZLWWFTaHNsayUyQnFGcThQR3RkTTA3bDdsOHdZMmdsRU5xVkFRTVdIZk5ha1ZReENEaiUyRlVRaUgxWWlaNUJOaGtJeldDd1NzVVg4dDlnZE1JdVdXZEslMkZ5U09INGNzODRzalRBVnE2VGpKekNUbzh4andVJTJCeTBWTVFFQmZvdzhFNFc5RUt1YSUyRnNvZkRTZW1BJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=gJI9cHwwYVRIS0dZUlRXSXBCYkQ1eUdPaEtNdTlCdkcxYzZyd3V0eWFOR1hzY21nUG14YytNWWpnZDFTU1dlKzRLWXRla0ZqUmlqbngycitlR2pXbDhGNUNLeVhGa2grbnpvWThOUlcvNzM0QTczZTlOZUlwRWVBQ09TbHhTbjYrOWZpQ0x4dkVGUHE4b0FncDZZODdTOWlXUGd6bmg3aVpzcGQwYzJYUlF6bndaWXBOcFlXY0lPNlNCVWVrNG5CZGhtdHczdUh6eThiMFZjMmQyMXluY3BXUER1RStnT0xTejlSaVBlTCs2bWtjSlRxbXVKWlJENHJHM2M1MHkydjMxZzI1T3Y3MUwrU0dlSVRFcWFRUXIwbC8rZz09fA&cppv=2

Request Chain 267

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=bnWqEV8yRGE0YzVDOHZLWWFTaHNsayUyQnFGcThQR3RkTTA3bDdsOHdZMmdsRU5xVkFRTVdIZk5ha1ZReENEaiUyRlVRaUgxWWlaNUJOaGtJeldDd1NzVVg4dDlnZE1JdVdXZEslMkZ5U09INGNzODRzalRBVnE2VGpKekNUbzh4andVJTJCeTBWTVFFQmZvdzhFNFc5RUt1YSUyRnNvZkRTZW1BJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=qRTyLHxxdUg2RHZzcmpyeGtZRCtHc3pvUklQWUFudlNkRGZMOEUxRU1XWWRWSTErZDlYU3A2aloxdXRrTThGQzVZUDRiQXpnYzhpMncxZHFaVUJMVHpuS0ZGZ3BsSnlCV2cvMFBuaEkremlmRmh2emtPWUJDQ21MeFRERjVMSW5lNi9aUkVDblNQUTVTdFZ1d3RjcWJISy9odUZXRzJadFFBcGVpT0U1aUxXVTVDcUk3QXZaYzFoNUVNa2xYL3l6U0xmOU1qTk8zRSt2N1hSNUFJR1UyVG42eUxOMUJuUGdUNXpJQ0NZMzUrM2hNZnhzd1lUTkhvc2ErVnFadUdlbUJ1bSsrQ0ZnS2k2aFBQT1B5K1ozcmQwTWZIZz09fA&cppv=2

Request Chain 269

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=PdoQB3xQVmlLcTYwQisyOC9xREpNaWloRnJibGVvTU93UmRscjhZZmRVQUFoa292SWtHRXI3WFBUM24xL3NUWm4yaGR0aVM4akN0Z3piZ2hFelhaN1g5YVRlempnS01IdS95eVI4WXpxUkh3RlUrRnlRZUliL0hBemdCZXFKNzBORnJzNWVJNFFrV0phcHl4UStvY2daTlNFM3YwNkY2eHkxTFJTMkN6U25uR0hFNHB1ZzVTc1Vqd01UYTA2ZVQ1bDNzWHFvalNlZ0N6b2JSajNONWkxVWVyWkd0eWljVDZQNDgzM2wyWmpwU2tzVVZsT3Z3VUtPQy8zQVYvYitzT05Ja1EvWkc4L3JITlZxTjVneHYrdHR0alY4RGZRQlVENGM4S1A5ZGhXaVRqYmNhQT18&cppv=2

Request Chain 273

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=M28YvnwrWUxLOVNueFIwTUhiZWhwaE1DN05MNHVjc0xWYWpsdDQ3OXJhWk4vYSt2U3JKQ0VkdXNFYVB2eVZ1eHRSOVBldy9ZNmNUQlhFbU1ReklieHFiTC8wTmxTb3dUbjJFR1RmM3dYOTlzMW9Ja0VyS3A0WkVmZ3RJRzY2cE55Z1BJdzRlQVQ1bjBzU2pCalVHUUpLQmNSYUVXYm5zUFFnU1AxdEpJdE5VbkhBeG5DUEsrbW1JakVHbG1rNkI1WmtveUNGdndONzd2MGliZGkyR1FhMWx1WFNQMUtyT2JWN3ZzY2RxMXBrc3piY1pqRHJhb3V4czdjdW53Yk5FNmpMUzFrNnJqc3hYd0l6SE8xaTdJdzh3SnFaVjFEZ3lSbTF6cjVkMlFpeSt0dWtNND18&cppv=2

277 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request GE486v Show response
reurl.cc/ 7 KB
3 KB 3035ms
499ms Document
text/html 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b7049cdcc87c915c4b9d589c9a2cae164c0125bb09dc416336cc442c8901000e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 21:00:37 GMT
server: nginx/1.18.0 (Ubuntu)
target: http://3k1.ru/y77fs
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
25 KB 93ms
34ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14643511
x-jsd-version: 4.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19132-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8gHpyJpB5U6uQLTNZoseNOHO6D1ji6XNa%2FQiP%2FXUSK4D4jPIUXD0b27TmKHHqxyHxNBF7BoxyBrxSBbebUvHBXlF7aefSS5%2BC8BAL012pKr0inB7xaIGXnCl2lmhj1f6gv6%2B2kmbBiiu%2Byo16E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 746a229f3ca301f0-ZRH

GET
H2 200 style.css
reurl.cc/stylesheets/rwd/ 3 KB
1 KB 250ms
248ms Stylesheet
text/css 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e54e601faee15c866fc80659f34bf9b78048d72901b77795bb0109d4fdabccf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/GE486v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:37 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 09:47:30 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62e109b2-dae"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Wed, 06 Sep 2023 21:00:37 GMT

GET
H2 200 pixel.js Show response
reurl.cc/javascripts/ 470 B
559 B 250ms
249ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/GE486v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:37 GMT
content-encoding: gzip
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61100f5a-1d6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 06 Sep 2023 21:00:37 GMT

GET
H2 200 ysm_reurl.js Show response
ad.sitemaji.com/ 17 KB
6 KB 309ms
17ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_reurl.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 17:10:17 GMT
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:55:05 GMT
server: nginx/1.12.1 (Ubuntu)
age: 13821
etag: W/"5d0b49e9-4488"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5880
expires: Wed, 07 Sep 2022 17:10:17 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 76 KB
24 KB 135ms
21ms Script
application/javascript 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: f641ad0c0e2731c3ab3eaabdfd3699fa311335b36cd38285a4a7e5fd41f8a896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 20:58:05 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 01:25:49 GMT
server: nginx/1.12.1
age: 152
etag: W/"630d671d-12f90"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: pkQZo8Wqxsai8cxpaL36b88NJBF_aoN-gRf6lL5YTXngzxGEO5vR4Q==
expires: Tue, 06 Sep 2022 21:13:05 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ 6 KB
7 KB 129ms
18ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
age: 27
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:25 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: PhdabRe3i83cotvmJVBEfyx7t41EkVigpbHV8jBSg3mJgLZD6pgudA==

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
32 KB 110ms
52ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14643493
x-jsd-version: 2.5.16
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19132-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJU2ihR4izVr7an%2FQuKgsI1Y6WC0lGOLxLPBI22vomaPt1hqeuztEw%2FtfHAymGix7oj7yG%2BFu6eBoXgSBBkG4QcUNLmbVTHs71mOsNf90nLtUDCHx0ZeV%2Fs01IGsdAdnWYjJTCyG7rgoWdmnldo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 746a229f4ca601f0-ZRH

GET
H2 200 renews.js Show response
reurl.cc/javascripts/ 698 B
561 B 250ms
249ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/GE486v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:37 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 00:38:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62731c89-2ba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 06 Sep 2023 21:00:37 GMT

GET
H2 200 loading.js Show response
reurl.cc/javascripts/ 240 B
370 B 251ms
250ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/loading.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 25355805f44af99037c6b951f9afd762f5fd74eb126aba4b2f82cafa563c0f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/GE486v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:37 GMT
content-encoding: gzip
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61100f5a-f0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 06 Sep 2023 21:00:37 GMT

GET
H2 200 ga2.js Show response
reurl.cc/javascripts/ 618 B
588 B 251ms
251ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/ga2.js?v=2
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/GE486v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:37 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 12:16:16 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"623c6110-26a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 06 Sep 2023 21:00:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 63ms
20ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload; includeSubDomains
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26737
x-xss-protection: 0
pragma: public
x-fb-debug: 1FuAhDt0Y8mnYfhdDykc4viXoQONKDen/Eue9tYFYIpMwM3Tr2AL43Ba9fippWJVKl2bp2Ix4BquuxeJ5sVkSg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 06 Sep 2022 21:00:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 6AA0 15 KB
9 KB 195ms
139ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9eaa8e440dc9f4343f2aa648b5cf6aa13cc19ff55854dcc4f4619024e5a26bac

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 06 Sep 2022 21:00:38 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: k0Ha/k8Z+LL/FVSN7p9TkZ+KMCQndBWmzVz2RT6ciBq+dKRlTvMNfXz07lDT7cFtFflX40+vo7xFfD6rdCcPog==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 feeds Show response
storage.re-news.tw/ 5 KB
6 KB 348ms
284ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 12bc83cd3d7f1a3dc4371c98bc05d1daaee800370ad2e9219afa7d41550d2de1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
via: 1.1 google
etag: W/"15d2-7nHNpw0dw+8dC3i3q5RtnZlCk+Q"
x-powered-by: Express
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5586

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 74ms
15ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7117
date: Tue, 06 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 06 Sep 2022 21:02:00 GMT

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 25 KB
8 KB 18ms
18ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb0ab8c1bb463aa6686113cc735d51bd33d1f78dd8c303d64e6a9353198610e4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7242
x-xss-protection: 0
pragma: public
x-fb-debug: Bz8W8Hp3Lxr4Xy23BWhY+ONPY1XShdSx0+zQHXUt9O2615uXb8tlBP63q80NB3MbznhYUFEB6O7b0gUoNVK8Dg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 06 Sep 2022 21:00:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame AE8B 5 KB
5 KB 17ms
16ms Document
text/html 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 44
content-length: 4730
content-type: text/html
date: Tue, 06 Sep 2022 21:00:25 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-id: T-DnV8DXxnyfXn2rdRWpHFMwIXpqdbUFBVL8vr-wXOHS8jZvtXM3NA==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ 662 B
1011 B 17ms
16ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
age: 13
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:26 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 662
x-amz-cf-id: OR2sD5z4BMYbcEsIA9vQlewJzGWKOHM1Ugfi5ugQE77ZeBUuhDHzlg==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 1463 9 KB
10 KB 25ms
24ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
age: 13
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:26 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: PbEil4aqMouuRbyIFkXvTtH5hUtH24SM5WGvKc779-V8atd9d9Zhxg==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame BCAC 9 KB
10 KB 18ms
18ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
age: 14
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:26 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: pJvhsFLFnbyn2s2vsSC2y8s84pKG6fDURhlj8-ZLIUPBosXY6qBJ2A==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame DEC1 9 KB
10 KB 28ms
19ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
age: 14
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:26 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: 8nG7KP61m-oNTqIg5c5zN4xTA6eXDf8AqtcdMDVyoIie3f8iPYNzHA==

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 18ms
18ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FGE486v&rl=&if=false&ts=1662498034453&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=28&fbp=fb.1.1662498034451.1018877470&it=1662498034364&coo=false&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 06 Sep 2022 21:00:38 GMT

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 74D6 39 B
191 B 982ms
114ms Document
text/html 34.95.67.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 21:00:38 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame AE8B 5 KB
2 KB 961ms
291ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 06 Sep 2022 21:10:38 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame AE8B
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
510 B

438ms
134ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Tue, 06 Sep 2022 21:00:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 17229.json Show response
img.scupio.com/js/config/ 461 B
867 B 354ms
317ms XHR
application/json 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9478e704767afc0805e5a7d79aec5a4a1d5a2279d3a3418f885b42e234284d8d

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 02:20:45 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA60-P3
etag: "6316ae7d-1cd"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 461
x-amz-cf-id: hKKqTjXY2GCU6Zp_yTTCbGYqhcTpFQS0vHtf9Jbn0bEs8_1a5rapUA==
expires: Wed, 07 Sep 2022 00:00:38 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
711 B 1232ms
296ms XHR
application/json 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.504875358835666
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 06 Sep 2022 21:00:38 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame AC1C 83 KB
22 KB 20ms
19ms Document
text/html 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.65
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2109
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 06 Sep 2022 20:25:29 GMT
etag: W/"62fdf772-14d93"
expires: Thu, 06 Oct 2022 20:25:29 GMT
last-modified: Thu, 18 Aug 2022 08:25:22 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-id: ZBnB1XA1Y9YmE96tjHumOekbunU4pjMGGRsK2RLLYjbnyHN0O-cU7g==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H2 200 17253.json Show response
img.scupio.com/js/config/ 461 B
867 B 332ms
305ms XHR
application/json 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 7e3aebdf717e37cc765a6f4404cde0d200e7b8f62d4e0c9922a318b544979bf5

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 02:20:45 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA60-P3
etag: "6316ae7d-1cd"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 461
x-amz-cf-id: wKt5LbDGC2dFe9lBFHhvsFey4DNoJArFONNGFn07napjBHITtYGERw==
expires: Wed, 07 Sep 2022 00:00:38 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
710 B 1233ms
296ms XHR
application/json 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.9486825598598398
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 06 Sep 2022 21:00:38 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame 0461 83 KB
22 KB 20ms
20ms Document
text/html 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.65
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2109
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 06 Sep 2022 20:25:29 GMT
etag: W/"62fdf772-14d93"
expires: Thu, 06 Oct 2022 20:25:29 GMT
last-modified: Thu, 18 Aug 2022 08:25:22 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-id: heSoh4pMgMky_b3KxeuRUPO7SOqmd4Hs7nOX_6l2XCiNb5TBW93dlQ==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 60ms
27ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=982380622&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FGE486v&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=180174944&gjid=952538385&cid=326867546.1662498034&tid=UA-102456694-1&_gid=247661743.1662498034&_r=1&_slc=1&z=2095166124

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
19ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=982380622&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FGE486v&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MTQ2LjcwLjExNy4xMDA&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=326867546.1662498034&tid=UA-102456694-1&_gid=247661743.1662498034&z=33783484

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 05:19:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56451
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 1463 756 B
683 B 744ms
561ms Script
text/html 2600:9000:2165:6000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13847
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2165:6000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: PMO50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: ieLRF7AJqZu3cqJh2Tf66FSDXxhFDn-BQ64TTm1IOvjI_nnK4oo2Tw==
via: 1.1 4c07b65445d8f2f871e7da9c0d911de6.cloudfront.net (CloudFront)

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame BCAC 575 B
634 B 747ms
564ms Script
text/html 2600:9000:2165:6000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2165:6000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: PMO50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: etsH3Qn0p1NAxGgbom79Bw3wkNeeCt_hp_cT2kWbq4BjCp4gxt0UAQ==
via: 1.1 4c07b65445d8f2f871e7da9c0d911de6.cloudfront.net (CloudFront)

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame DEC1 760 B
686 B 735ms
561ms Script
text/html 2600:9000:2165:6000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13848
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2165:6000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 37f7cb504e24d04c0a0ad415ed8612013957406bceb5dc53e21ce7480ecbe46d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: PMO50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: MqNBSP_VTnU67bWR55Oe3Zm82d5w8bu3gjtplXbkYXEnj5sUoK4VMQ==
via: 1.1 4c07b65445d8f2f871e7da9c0d911de6.cloudfront.net (CloudFront)

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame AC1C 95 KB
34 KB 65ms
19ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 04:26:49 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame AC1C 236 KB
83 KB 21ms
20ms Script
application/javascript 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 20:56:44 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.12.1
age: 234
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: F6srcKpkQY-5kE5qLvJ_AoO4uoBuNp88VHZdZF7RHF1I-noceuaMLQ==
expires: Thu, 06 Oct 2022 20:56:44 GMT

GET
H2 200 FkQjqY8x90V.css
static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/ Frame 6AA0 19 KB
5 KB 96ms
28ms Stylesheet
text/css 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/FkQjqY8x90V.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62eec41f1904765b1d973e774e6b3dee84f1037459149eb858547822ce89f996

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vjh0jDgDzAEgEL+5WMIAaQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5034
x-fb-rlafr: 0
x-fb-debug: 0TXyPhk/4ge2xeVESX5o9siNIFNLKXqO7uVB7iUz1WTTiu03fZIUL2Tc6Mt7RP8Au3S1YMnNmdAPSnfk2YARqg==
x-fb-trip-id: 720026100
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 05 Sep 2023 15:25:03 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 0461 95 KB
33 KB 70ms
37ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 04:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 04:26:49 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 0461 236 KB
83 KB 29ms
29ms Script
application/javascript 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 20:56:44 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.12.1
age: 234
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 7nbUMi0yyD1YVXeYesSrWB54LZfLk3R7XTV3_u6zJIQR88ftOnVywQ==
expires: Thu, 06 Oct 2022 20:56:44 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 108ms
30ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102456694-1&cid=326867546.1662498034&jid=180174944&gjid=952538385&_gid=247661743.1662498034&_u=IEBAAEAAAAAAAC~&z=562031398

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 06 Sep 2022 21:00:38 GMT
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 reurl_passback.js Show response
ad.sitemaji.com/native/ Frame 0AE2 15 KB
5 KB 320ms
12ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_reurl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 20:51:35 GMT
via: 1.1 google
last-modified: Thu, 29 Aug 2019 10:21:02 GMT
server: nginx/1.12.1 (Ubuntu)
age: 543
etag: W/"5d67a70e-3bbe"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5256
expires: Wed, 07 Sep 2022 20:51:35 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 94ms
44ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=326867546.1662498034&jid=180174944&_u=IEBAAEAAAAAAAC~&z=447245574

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 91ms
40ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=326867546.1662498034&jid=180174944&_u=IEBAAEAAAAAAAC~&z=447245574

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 %E5%B1%88%E8%87%A3%E6%B0%8F%E3%80%81%E5%BA%B7%E6%98%AF%E7%BE%8E%E3%80%81Tomods-%E5%84%AA%E6%83%A0%E5%8C%AF%E6%95%B4%E8%88%87%E7%8F%BE%E9%87%91%E5%9B%9E%E9%A5%8B%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%...
creditcards.com.tw/wp-content/uploads/2022/09/ 46 KB
46 KB 806ms
266ms Image
image/webp 192.0.78.135
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2022/09/%E5%B1%88%E8%87%A3%E6%B0%8F%E3%80%81%E5%BA%B7%E6%98%AF%E7%BE%8E%E3%80%81Tomods-%E5%84%AA%E6%83%A0%E5%8C%AF%E6%95%B4%E8%88%87%E7%8F%BE%E9%87%91%E5%9B%9E%E9%A5%8B%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.135 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ac91914ff217a1e51a8db3171a0f689fd3577d72a5e926b9179b90a694355b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
x-ac: 2.hhn _atomic_ams
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-length: 47128
x-nc: HIT bur 7
last-modified: Tue, 06 Sep 2022 05:59:59 GMT
server: nginx
etag: "bc6c30d6275666c5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Thu, 05 Sep 2024 17:59:59 GMT

GET
H2 200 MIR4_Logo.jpg
mma.prnasia.com/media2/1848100/ 17 KB
18 KB 167ms
92ms Image
image/jpeg 2606:4700::6810:fc04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/1848100/MIR4_Logo.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:fc04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d106b52be51cceb76c964d7b72f98a4e57ecfa07e6c47377adf2e3816c5d94b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
cf-cache-status: HIT
age: 54707
x-powered-by: ASP.NET
server-timing: intid;desc=8f134a4b5fffbd1b
content-length: 17691
last-modified: Tue, 06 Sep 2022 05:48:16 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 06 Sep 2022 05:48:17 GMT
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 746a22a3a9c001e3-ZRH
access-control-allow-headers: Content-Type
cf-bgj: h2pri

GET
H2 200 1662422021-f3209ebff21994087b494235b19bf911-840x525.jpg
img.gbyhn.com.tw/2022/09/ 115 KB
115 KB 640ms
49ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2022/09/1662422021-f3209ebff21994087b494235b19bf911-840x525.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef589598a2e7f53b2d64dabea0957822a6ee33e921023cafb6b6bd78ff125074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29982
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117413
last-modified: Mon, 05 Sep 2022 23:53:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqQ9iAmlWCMIL8ZBopyysvLrkCOqLiXwXb5DuYJqkvry%2Bispr84JkwdjbjmWKGvpYVB0YvSFp7dsfdq7foVa4cfpF1w3Udr3jpqOcP6C4rXz4oMZJufqihdxb9LHI7JLIy3Lproj%2FDjyyDv1XJgv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 746a22a6eaa48397-MXP
expires: Mon, 12 Sep 2022 23:56:25 GMT

GET
H2 200 Picture1.jpg
i0.wp.com/golike.tw/wp-content/uploads/2022/08/ 21 KB
22 KB 79ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2022/08/Picture1.jpg?fit=554%2C322&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

2dc59097a75277176a58499dc9c118020ec37976f392b96a76704ed444fa2396

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Tue, 06 Sep 2022 21:00:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Sep 2022 10:13:33 GMT
server: nginx
etag: "d5ca0b30c42846af"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2022/08/Picture1.jpg>; rel="canonical"
content-length: 21854
expires: Wed, 04 Sep 2024 22:13:33 GMT

GET
H2 200 2022090113263354.jpg
img.racingcharger.tw/wp-content/uploads/ 142 KB
143 KB 120ms
34ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2022090113263354.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 909b56c47451ef73e3685930dacaf27a007e65b1ab2e46bf2fafa2f8766007cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
cf-cache-status: HIT
last-modified: Thu, 01 Sep 2022 13:26:41 GMT
server: cloudflare
age: 543
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmxJly9zF0YTKW%2FzQr%2BvBe1GM1k7K9Kd5lTa3pPbfEmk%2BnlSvNYR%2B8Tv3aFvwHG67dKB7rWOVUoxieVSIgkDbS4wD2WKjY0HIrlySd3loWaL%2BsA5x8O25L0Roj6CExuWFUxUwDV6LBxwWYm5BjYaq%2BdAhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 746a22a3ba00bab2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 145772

GET
H2 200 %E8%A9%B2%E5%A6%82%E4%BD%95%E6%8A%95%E8%B3%87%E8%87%AA%E5%B7%B1%EF%BC%9F-.jpg
blog.alphaloan.co/wp-content/uploads/2022/09/ 151 KB
151 KB 244ms
154ms Image
image/jpeg 192.0.78.236
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2022/09/%E8%A9%B2%E5%A6%82%E4%BD%95%E6%8A%95%E8%B3%87%E8%87%AA%E5%B7%B1%EF%BC%9F-.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7ae2f5b5d641c02de5d3222990df1b555a4a41f06b0eedac42b7f5e984454769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Thu, 01 Sep 2022 07:11:29 GMT
server: nginx
etag: "63105b21-25a43"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 154179
expires: Tue, 13 Sep 2022 21:00:38 GMT

GET
H2 200 file.png
static.wixstatic.com/media/8d2acb_fdb46ac5354548829f23a46cc4d4a954~mv2.jpeg/v1/fit/w_1000,h_720,al_c,q_80/ 1 MB
1 MB 421ms
24ms Image
image/png 34.102.176.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/8d2acb_fdb46ac5354548829f23a46cc4d4a954~mv2.jpeg/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.21.4.1 /
Resource Hash: 42176dd8bba6d2b3043429bc0f0401f069e2c8e3e2642fa3f2cfef58cad0071b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:56:10 GMT
via: 1.1 google
server: openresty/1.21.4.1
age: 1850668
etag: ""
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
content-length: 1235774
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wix-tracer: 2DR22hhnFLJ1npvPJrvNjedjOwu
x-seen-by: image-manipulator-556498cf55-xxzhm

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 0461 108 B
506 B 42ms
25ms XHR
application/json 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 804dbf1cfb8eff67c2af5b744d54c6d809bc0077b7425463b666410b55629bac

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.65
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Sep 2022 20:57:21 GMT
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 19:15:04 GMT
server: nginx/1.12.1
age: 197
etag: "63179c38-6c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 108
x-amz-cf-id: WU1ImuuhZSSeKSeTfmrmZzemLulPfhguHWXsff_weJSS02_nGEsR8A==
expires: Tue, 06 Sep 2022 23:57:21 GMT

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 0461 0
176 B 514ms
170ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=07701f58-f490-4c42-8920-9736fa6ad775&u=https%3A%2F%2Freurl.cc%2FGE486v&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=331d2e3a-8396-4355-ae40-cfce04e63204&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 06 Sep 2022 21:00:38 GMT
access-control-allow-credentials: true
connection: close

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 0461 0
216 B 155ms
30ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=50618602505

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 0461 0
176 B 518ms
172ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 06 Sep 2022 21:00:38 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 0461 0
218 B 870ms
319ms XHR
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1662498034664&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 0461 2 KB
2 KB 1242ms
311ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9148587112284421
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a5134f687b53b742d80e3b05c9d8c13e22317b41460c75584fa7848906da514c

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 06 Sep 2022 21:00:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1365

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame AC1C 108 B
496 B 19ms
18ms XHR
application/json 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 804dbf1cfb8eff67c2af5b744d54c6d809bc0077b7425463b666410b55629bac

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.65
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Sep 2022 20:57:21 GMT
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 19:15:04 GMT
server: nginx/1.12.1
age: 197
etag: "63179c38-6c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 108
x-amz-cf-id: k50duFbeJ8sXKuVKhd0A9ueVw9Yn3r79KkP3utN5V9MPrfqdmfKblQ==
expires: Tue, 06 Sep 2022 23:57:21 GMT

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame AC1C 4 KB
1 KB 1045ms
521ms XHR
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1662498034646&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e1e2d72a187975f4e4997055834a0ae712d4831769904eeb5e3b6c8cf160095d

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame AC1C 2 KB
2 KB 1234ms
322ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.521541979665155
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0baf1cc5a1cdae91830fb8b1bd2688fa266ef5820d8670f9e520ebb629936622

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 06 Sep 2022 21:00:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1432

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame AC1C 0
215 B 125ms
31ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=28040460368

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Sep 2022 21:00:37 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame AC1C 0
176 B 484ms
167ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 06 Sep 2022 21:00:38 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame AC1C 0
176 B 449ms
136ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=07701f58-f490-4c42-8920-9736fa6ad775&u=https%3A%2F%2Freurl.cc%2FGE486v&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=246b2bf4-7c27-460c-ae77-a93627846842&w=300&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 06 Sep 2022 21:00:38 GMT
access-control-allow-credentials: true
connection: close

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 0AE2 78 KB
30 KB 161ms
29ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 20:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 8T47DAD0FQE1PKHF
x-amz-id-2: 08l/9aTaCdKjOMCPEPJiJpr78/B1R85lHK2TXTLk/hQo2oE1UOMWA9EZTkuyTSOIY5hNigi+6SU=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Feb 2022 12:02:57 GMT
server: ATS
etag: "7e002e241fddeeb8dd76383206c47a3d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=600
accept-ranges: bytes

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 0AE2 290 B
477 B 828ms
138ms Script
application/javascript 74.6.138.64
YAHOO-BF1

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=64d289b9-de9a-443b-a2c0-d45680807e46&apiKey=M2G62KV2NBNXKBPVHWQN&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Freurl.cc%2FGE486v&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.6.138.64 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

media-router-flurry71.prod.media.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H2 200 b
geo.yahoo.com/ Frame 0AE2 43 B
446 B 295ms
46ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:38 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-type: image/gif
content-length: 43

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame DEC1 2 KB
1 KB 489ms
310ms Script
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=320&o=1&d=1&b=2&ts=1&ii=3&FPCK=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 085646791641d04a5d40e50017fd92643f2be5eb4e03b6e250d78dd4d6bdf13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame DEC1 3 KB
3 KB 42ms
25ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 11
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: LmM6gJ7oNDHjJroaA8CXPe97KN01gLd0pm3b1KJJrHAtn7Omfyo1PQ==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame DEC1 119 KB
39 KB 172ms
80ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

11b360963cee2563b6f93fc397a436c1c5b8ace543f35a9bb76095bd40ceccb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:12 GMT
server: nginx
etag: W/"63041db4-1ddab"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:00:38 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame DEC1 2 KB
3 KB 39ms
23ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
age: 11
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: s9o4WSFuSSQW-C8crOFdKxvpHjQuk_HEi9D5UKHUTWmtOxmTQAr0jg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame DEC1 4 KB
5 KB 43ms
27ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
age: 40
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: jzyN0Vp_iiNIi5NmpuagoRhgjHZhch11hnY7oArcSV2n8ezztfGw4Q==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame DEC1 3 KB
3 KB 36ms
21ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 11
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: pYOzYEpBslF99sVNwa-BG1fV-prl4dAOO1ViYZQwALnjERLfGfHBzg==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame DEC1 3 KB
3 KB 39ms
24ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 15 Oct 2021 07:41:44 GMT
server: AmazonS3
age: 59
etag: "adc35fd9401ac04bdb2a47c466e46174"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2568
x-amz-cf-id: kof7ypa_Dw2_tlb5-icd11dksBA0JAKYTnyNaXpX8eLmvIF4fxpxHw==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 1463 4 KB
2 KB 496ms
322ms Script
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=191&o=1&d=1&b=2&ts=1&ii=3&FPCK=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e6d68e9266b16c730d260aa7d3b6c9cb0631c399e55f25f42a3cbc299b1e178a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 1463 3 KB
3 KB 37ms
24ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 11
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: LMEdXvoZaie3ISxmnDbOCPec9eH8te4Fv3vqjrmjlu_AHwFod9oycw==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 1463 119 KB
39 KB 141ms
53ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

11b360963cee2563b6f93fc397a436c1c5b8ace543f35a9bb76095bd40ceccb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:12 GMT
server: nginx
etag: W/"63041db4-1ddab"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:00:38 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 1463 2 KB
3 KB 35ms
22ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
age: 11
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: mnstI38PUsy5y12zpUx-ltJxJqs-793imfmdGrxpaDy_xElxw0-Grg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 1463 4 KB
5 KB 38ms
26ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
age: 40
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: dfFf1cw3MM10dJ9qAE7_HsW_B6ztv_Kuo6ZByPFkIXy6l_xutWpJDQ==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 1463 3 KB
3 KB 32ms
20ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 11
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: qaUdWIeulIs8mz-NiqztgI90SYy9BsxRuDWLPAaUzLW6hs8Dv41Bwg==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 1463 3 KB
3 KB 33ms
23ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 15 Oct 2021 07:41:44 GMT
server: AmazonS3
age: 59
etag: "adc35fd9401ac04bdb2a47c466e46174"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2568
x-amz-cf-id: 1WkNl6uH_dNjlDTYTygEQWYHqoWWHWhi1S1Mk16T1IFat0B16z5Zjg==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame BCAC 2 KB
1000 B 485ms
318ms Script
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=214&o=1&d=1&b=2&ts=1&ii=3&FPCK=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1821ca54d1a850d205fe0aef50fe76f12015c5904df8beb2ae6d354037e25a05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame BCAC 3 KB
3 KB 40ms
33ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 11
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: 8zMzzAcEtSmB2eZLOQOb7Yg3J1oQZotDgL7DYJzEN31Sl6jmg3KL-Q==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame BCAC 3 KB
3 KB 41ms
34ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 11
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: KSsAXf4MJpB0pU0pB0JrYtMopAerHVS1rJpg5aG1yu_LbSrM2s50dA==

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 1463
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=9_Le8S1yCmukUC-Y-LQXYw

2 B
19 B

362ms
289ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=9_Le8S1yCmukUC-Y-LQXYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 06 Sep 2022 21:00:40 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=9_Le8S1yCmukUC-Y-LQXYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 1463
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=EPkjV9C5CXKIgOLK-LQXYw

2 B
19 B

363ms
289ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=EPkjV9C5CXKIgOLK-LQXYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 06 Sep 2022 21:00:40 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=EPkjV9C5CXKIgOLK-LQXYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 1463
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=TtqK2hUWAeyqWHAm-LQXYw

2 B
19 B

1415ms
1414ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=TtqK2hUWAeyqWHAm-LQXYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 06 Sep 2022 21:00:40 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=TtqK2hUWAeyqWHAm-LQXYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 1463
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=JHqzFV3QBmiClqad-LQXYw

2 B
19 B

381ms
380ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=JHqzFV3QBmiClqad-LQXYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 06 Sep 2022 21:00:40 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=JHqzFV3QBmiClqad-LQXYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame DEC1
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw

2 B
19 B

1415ms
1415ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 06 Sep 2022 21:00:40 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 1463 0
170 B 179ms
172ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:38 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame DEC1
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=cmF6CO5JC8GyRJ27-LQXYw

2 B
19 B

1418ms
1417ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=cmF6CO5JC8GyRJ27-LQXYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 06 Sep 2022 21:00:40 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=cmF6CO5JC8GyRJ27-LQXYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame DEC1 0
170 B 245ms
239ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:39 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 1463 2 KB
2 KB 1006ms
303ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8552887204248045
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b9f6ed295d351ab2c7964cec5a106c7435601603eedd63bff18c196e1a24a3d2

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 06 Sep 2022 21:00:39 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1362

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 1463 2 KB
2 KB 1133ms
297ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.12018288637580055
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bd215cbd7233a9bfa56a60648a8ff578f2dd671c00f37dc339461a23fcdb2b7d

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 06 Sep 2022 21:00:39 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1369

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame DEC1 2 KB
2 KB 1154ms
314ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9351646462951404
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 24ba31ccbfb5709ce541b68a17aa6ff2d015b6a0f9cb1524a8dc14ba3403c442

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 06 Sep 2022 21:00:39 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1364

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame BCAC 0
170 B 242ms
238ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:39 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 1463 177 B
425 B 26ms
25ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=128&profileId=184&cb=71957959872

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d5c87ead41a855475e029b6138a4ea64e055ca9ed4b526448e84315b12ab6a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 163

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 1463 177 B
425 B 27ms
26ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=128&profileId=184&cb=11890553926

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

62f41c7f63454005f4800d45e171aae730d3f9c0b3bfa31f33ceb1575cb3196d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 163

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame AE8B 37 B
407 B 296ms
295ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

ddac8b8ea8b6867489f0328aa21226910dd72a57a54d6fa16091dc04ad14f941

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame DEC1 177 B
423 B 44ms
44ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=128&profileId=184&cb=97784716075

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3b94cf02b3aa5a29d83f458d7178a7f8e12a750ca9780ead6e788902ec91232e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 161

POST
H2 204 events
bidder.criteo.com/csm/ Frame 1463 0
209 B 45ms
23ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ Frame 1463 0
209 B 48ms
26ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame 0586 0
249 B 369ms
284ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&CFFPCKUUID=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 21:00:39 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame DEC1 5 KB
2 KB 290ms
290ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 06 Sep 2022 21:10:39 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame 9785 0
82 B 374ms
293ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&CFFPCKUUID=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 21:00:39 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 1463 5 KB
2 KB 298ms
297ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 06 Sep 2022 21:10:39 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame 70F9 0
82 B 361ms
285ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&CFFPCKUUID=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 21:00:39 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame BCAC 5 KB
2 KB 296ms
295ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 06 Sep 2022 21:10:39 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame DEC1 0
209 B 27ms
26ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Sep 2022 21:00:38 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame AE8B 30 B
278 B 305ms
304ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame DEC1 10 KB
10 KB 24ms
23ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=320&o=1&d=1&b=2&ts=1&ii=3&FPCK=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 11
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: nftTpywuvm2Z1dA-pf3ZQVySQouWPOVtT-icFWs737RvgnZoGNDmZA==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame BCAC 10 KB
10 KB 23ms
18ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=214&o=1&d=1&b=2&ts=1&ii=3&FPCK=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 11
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: EjiP18jEkgA8v5k_OE-KKwjZRcgqKKuGXMxvucz1UBH9R0vAUfU1Eg==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame DEC1 36 B
399 B 319ms
315ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

aa652b82ef5e852e2d5dbcb091e3965350e92cc4a452a81a994a65a4341a0960

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame BCAC 36 B
399 B 316ms
315ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

aa652b82ef5e852e2d5dbcb091e3965350e92cc4a452a81a994a65a4341a0960

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 1463 36 B
399 B 323ms
323ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

aa652b82ef5e852e2d5dbcb091e3965350e92cc4a452a81a994a65a4341a0960

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 1463 10 KB
10 KB 43ms
17ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=191&o=1&d=1&b=2&ts=1&ii=3&FPCK=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 11
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: nKfK3Tx4lpySrMCTN4USYPA_gex7DPX21xI9fDeHzYKxhWIPoB8hvQ==

GET
H2 200 chtmp.php
ccm.holmesmind.com/ 0
214 B 970ms
390ms Image
text/html 35.78.36.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj%26SID%3D52662%26Tags%3D2200%2C2198%2C2196%2C2188%2C2199%2C2197%2C2195%2C2187
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.36.205 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-36-205.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ 0
214 B 964ms
384ms Image
text/html 35.78.36.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj%26SID%3D52661%26Tags%3D2003%2C2002
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.36.205 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-36-205.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ 0
215 B 960ms
381ms Image
text/html 35.78.36.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj%26SID%3D52655%26Tags%3D2003%2C2002
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.36.205 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-36-205.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame DEC1 30 B
271 B 312ms
298ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame BCAC 30 B
271 B 314ms
302ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 1463 30 B
271 B 307ms
296ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2

200

rec.js Show response
img.scupio.com/js/ Frame 8E2A
Redirect Chain

https://rec.scupio.com/recweb/js/rec.js
https://img.scupio.com/js/rec.js

21 KB
8 KB

20ms
17ms

Script
application/javascript

13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/rec.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: a7d1ad0006cf1950121ad6835c13ef6ed3a5bcb8ad583b3b072d5cd776bc83c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 20:58:29 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 07:22:11 GMT
server: nginx/1.12.1
age: 165
etag: W/"62fb45a3-54c8"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: XOhm_r1HlmUMluKy8W7zz_Wf6ZclXsU0I9QEzqZTZtv5d6l9GinRRw==
expires: Tue, 06 Sep 2022 23:57:56 GMT

Redirect headers

Location: https://img.scupio.com/js/rec.js
Date: Tue, 06 Sep 2022 21:00:40 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 155
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame 0461 2 KB
2 KB 1198ms
299ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.18393231607226368
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1c65d18ea6b840fe917c2fc49fef00b966f10c331085ed02c22c0e0649f5edec

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 06 Sep 2022 21:00:40 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 1476

GET
H2 200 edmpVL.js Show response
cdn.holmesmind.com/js/ Frame AC1C 10 KB
10 KB 45ms
33ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmpVL.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d805e1c2cfc4d461ac38a234fdc8c26f767952c75301b21644940dbb3374a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2017 10:23:08 GMT
server: AmazonS3
age: 3
etag: "bb1f54e9cb2e7c9c3e3c1b5adae79ccb"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10022
x-amz-cf-id: A8WZHJJYPdBCtJJ1GnS_lgmm_PVV4Kec3rd71T-i4FWLXz43OOk8Bg==

GET
H2 200 1.js Show response
cdn.holmesmind.com/js/tmp2/ Frame AB48 17 KB
17 KB 43ms
32ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/tmp2/1.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd30d0f075a407e70420304e4f0e8a8ef44ac10921a62eb091e21c25cee1f915

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: PmnURWJxsYiUehdjD2qFqYH1U9EPnXKJ
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 13 May 2022 07:01:51 GMT
server: AmazonS3
age: 21
etag: "ab22f9373885f931eb6288e9242b8411"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 16952
x-amz-cf-id: DDBKAAb8SXGAybyudU3nUQ_QhIxiLgGRmsQPpy82j5OdSCGb_LOhFQ==

GET
H2 200 av_old.js Show response
cdn.holmesmind.com/js/ Frame AB48 4 KB
4 KB 30ms
20ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/av_old.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04431a827a36b70d9174180e526ed0000fee866c9688c4009da71d863d5bb73e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Wed, 09 Jun 2021 02:19:21 GMT
server: AmazonS3
age: 41
etag: "77d512f8676b6b3f12cadd9df9d1a1e0"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3990
x-amz-cf-id: RjrySAp46zBjrt4SYdJVE2N-Q9sKNe7M7nRniI93wAc_FW6jR4cN1A==

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame AC1C 2 KB
2 KB 1194ms
294ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.8606444799103625
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3e43933431911f1fbdfe20691bbbb4c380b33f9d81541c3cbc4e38efe63d3c42

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 06 Sep 2022 21:00:40 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 1474

GET
DATA 200
OK truncated
/ Frame AC1C 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0461 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame AB48 0
152 B 242ms
241ms Script
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=13534:52664:123320:fd230825b532551f39b70dcdc12c1d8b:11694&type=0
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/av_old.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame AB48 2 KB
2 KB 103ms
101ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/tmp2/1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: NaKVz_HCicjxM9ESQPttcJqfpSisoaZU
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Wed, 20 Apr 2022 09:24:31 GMT
server: AmazonS3
age: 20
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: ewfesaScoRQqqVnzgJe_03GfnhrQQS_6VzG-COZkTCEJupFzSEBhgA==

GET
H2 200 a1e46a514f301b844181d067d144c327.gif
cdn.holmesmind.com/image/11694/ Frame AB48 1 MB
1 MB 19ms
18ms Image
image/gif 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/image/11694/a1e46a514f301b844181d067d144c327.gif
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80fb066ee0178b2d2f04d3c47c256b8ce33594095b0344522106e371a0ef3d67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: B.PXdGK1C3FxdJd2wD8JxvTQbZPfOCLe
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 08:15:05 GMT
server: AmazonS3
age: 17984
etag: "61fa01a55664df7f9ceead1720de44cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
date: Tue, 06 Sep 2022 16:38:12 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1077681
x-amz-cf-id: TPxvKdOIFdOltO-rMLNHw_yAjluR7n0RLr4xrijBmzS0YIadYgjoxA==

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame AB48 0
77 B 248ms
247ms Image
image/png 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1662498039&p=13534:52664:123320:fd230825b532551f39b70dcdc12c1d8b:11694
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-type: image/png
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 1.js Show response
cdn.holmesmind.com/js/tmp2/ Frame 1463 17 KB
17 KB 75ms
70ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/tmp2/1.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd30d0f075a407e70420304e4f0e8a8ef44ac10921a62eb091e21c25cee1f915

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: PmnURWJxsYiUehdjD2qFqYH1U9EPnXKJ
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 13 May 2022 07:01:51 GMT
server: AmazonS3
age: 21
etag: "ab22f9373885f931eb6288e9242b8411"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 16952
x-amz-cf-id: RHpK8WiT_wIzVOHbY7ELkiAr7boTz6GiwGP7Zopnd9lWpI7Z5tO_oA==

GET
H2 200 cf.png
cdn.holmesmind.com/ Frame 1463 1 KB
2 KB 74ms
71ms Image
image/png 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/cf.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 812fee8364370eb24b5e585558d3b0df4785cd95a76105c9e0ab987ff8d5cd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2016 08:32:53 GMT
server: AmazonS3
age: 65641
etag: "a77740eea95ba2ef6436403310c6f59a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 06 Sep 2022 03:36:59 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1512
x-amz-cf-id: Ypel9zj-fNxKP8ht79EpAXe2OEk4YYM07AmT3IdnWNh8VYbOzw5LFA==

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame DEC1 0
187 B 305ms
303ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&mp=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net/ Frame DEC1 0
80 B 1541ms
289ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net/pixel?bd=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 pixel
3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net/ Frame BCAC 0
79 B 1533ms
289ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net/pixel?bd=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame BCAC 0
187 B 301ms
300ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&mp=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net/ Frame 1463 0
79 B 1522ms
290ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net/pixel?bd=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 1463 0
187 B 302ms
302ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&mp=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame C6AC 6 KB
7 KB 30ms
29ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
age: 29
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:25 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: v3PbbDNwicTe-NVRUbENpd5-D5EZxvYPJquuJ1PhqKElntXdpVVLOA==

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 774A 6 KB
7 KB 33ms
33ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
age: 30
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:25 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: 2kA0PBr6yQZJ-cLgY4-0f0azbLq6fGo37ZvjvlGSwZKm9WrVzc3KgA==

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame 1463 2 KB
2 KB 41ms
38ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/tmp2/1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: NaKVz_HCicjxM9ESQPttcJqfpSisoaZU
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Wed, 20 Apr 2022 09:24:31 GMT
server: AmazonS3
age: 21
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: IKXnfrp479CJ9kJUMnA5DYR-Z6IpjzjCFrlVw7KCG50hDEQD9H8Meg==

GET
H2 200 85815df7c42038df1e00752d9ac8f13f.gif
cdn.holmesmind.com/image/11694/ Frame 1463 580 KB
581 KB 42ms
40ms Image
image/gif 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/image/11694/85815df7c42038df1e00752d9ac8f13f.gif
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d16e2935563b126b1347159a3a79772be88f57fdbc024abadb0fa9a5f8b05beb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: lKJTmOIiPuXKT4YJjx_n_5GKeBzRokg6
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 09:23:21 GMT
server: AmazonS3
age: 17774
etag: "18a48fd68fe8c511ce788ced7fd21cc3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
date: Tue, 06 Sep 2022 16:04:26 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 594009
x-amz-cf-id: Z5Ccvd1SZJhMuwoW-OSQuT5gpZvsPsYvyllnRAL6v3DzpywmJmmREg==

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame 1463 0
77 B 263ms
261ms Image
image/png 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1662498039&p=13847:52664:123341:4de6000ef114f728e7507dcbe4747a06:11694
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-type: image/png
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame C1B7 5 KB
5 KB 38ms
38ms Document
text/html 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 47
content-length: 4730
content-type: text/html
date: Tue, 06 Sep 2022 21:00:25 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-id: aslvDB10CMb_0ydHd3-6T_-sloWpgiDMMbh8XKX1oNyvGbiJN_lm0A==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame C6AC 662 B
1002 B 39ms
38ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
age: 16
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:26 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 662
x-amz-cf-id: 7uCwixtYaCp_MKJ7l024jhIhEhiYR5nFkaiOIm1r65OjzBLDxE3yfg==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame FACE 9 KB
10 KB 48ms
28ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
age: 16
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:26 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: 8Wxv8i7TZFU4LmBPBSk87c6u6-W3XwXMQGmcvKfvPnAzUcOXDt4fdg==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 38F4 5 KB
5 KB 32ms
25ms Document
text/html 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 47
content-length: 4730
content-type: text/html
date: Tue, 06 Sep 2022 21:00:25 GMT
etag: "c36f5eb091d6195fe8b68f3b263f999b"
last-modified: Mon, 22 Aug 2022 03:00:17 GMT
server: AmazonS3
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-id: tvQS1Oej-adFPdg7R9zG_Q1sVKbiLcjGDWQGBK3a0YyTUyLQFgNLEg==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 774A 662 B
1002 B 37ms
30ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
age: 16
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:26 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 662
x-amz-cf-id: ttDwnIqC-YhN-L0wOJTff909RK7EjoxoiykjCDXQ4MAnVU1gSEtR7A==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 508D 9 KB
10 KB 34ms
32ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 03:00:16 GMT
server: AmazonS3
age: 16
etag: "ddf163a3d8381378b3e35e39339ad7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:26 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 9530
x-amz-cf-id: eYniGWzCYKcmVXCapIHOGhUXFBWAdZkvEPNIWnoJeNSM4GhdtDCyHA==

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 0461 87 KB
28 KB 55ms
53ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:00:40 GMT

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 34F1 95 B
242 B 429ms
122ms Document
text/html 34.95.67.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 21:00:40 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame C1B7 5 KB
2 KB 310ms
293ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 06 Sep 2022 21:10:40 GMT

GET
H3 200 cm
c.holmesmind.com/ Frame C1B7 0
15 B 1631ms
1618ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame C1B7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined&google_tc=
https://m.holmesmind.com/ml/google?cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined&google_gid=CAESEMnDld1NMlGJ58RKL-iTrYg&google_cver=1

0
481 B

1323ms
947ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined&google_gid=CAESEMnDld1NMlGJ58RKL-iTrYg&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
x-guploader-uploadid: ADPycducYR2vi32FdeUHB_BjBQAXDC-amEEmtphF3gq4Kr4aGvMcNXCYHAzRPFsZ8iTjBKZv7iaQQSDNWDrCT-MXZZUeWnFYouBe
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation: 1519198601160228
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
content-type: image/png
expires: Tue, 06 Sep 2022 22:00:41 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.holmesmind.com/ml/google?cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined&google_gid=CAESEMnDld1NMlGJ58RKL-iTrYg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame AC1C 87 KB
28 KB 37ms
36ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:00:40 GMT

GET
H3 200 cm
c.holmesmind.com/ Frame 38F4 0
15 B 1614ms
1606ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame DD02 95 B
223 B 429ms
126ms Document
text/html 34.95.67.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 21:00:40 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 38F4 5 KB
2 KB 299ms
297ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 06 Sep 2022 21:10:40 GMT

GET
H2

200

google
m.holmesmind.com/ml/ Frame 38F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined&google_tc=
https://m.holmesmind.com/ml/google?cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined&google_gid=CAESEBC_H0KXYxuLTEe4DWAiEJA&google_cver=1

0
144 B

1328ms
952ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined&google_gid=CAESEBC_H0KXYxuLTEe4DWAiEJA&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
x-guploader-uploadid: ADPycduthB95BLlFwoHR22SoLTn_CXdhVrjU-PtXf702eqVUjjuljBVXVjvA1ufB-Kl2dzdUJ7FfH0StUXNUNxAQmBxM2D29FIqN
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation: 1519198601160228
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
content-type: image/png
expires: Tue, 06 Sep 2022 22:00:41 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.holmesmind.com/ml/google?cf_uid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&uu_m=undefined&google_gid=CAESEBC_H0KXYxuLTEe4DWAiEJA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 508D 1 KB
746 B 317ms
315ms Script
text/html 2600:9000:2165:6000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2165:6000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: PMO50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: UwlEqpA2-tnF4WYpliyz1q7wDMltFE2YEgZ7qtZNbV4nWeHdRaPkTw==
via: 1.1 4c07b65445d8f2f871e7da9c0d911de6.cloudfront.net (CloudFront)

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame FACE 1 KB
755 B 116ms
114ms Script
text/html 2600:9000:2165:6000:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13849
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2165:6000:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 20:51:36 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 544
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-pop: PMO50-C1
x-amz-cf-id: CXXZMkVpKHodW1rqvoQgRnDMr_vyNRXXAwPCdWx_JSvBXTeJWuVjBA==
via: 1.1 4c07b65445d8f2f871e7da9c0d911de6.cloudfront.net (CloudFront)

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5C02 15 KB
6 KB 83ms
28ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 21:00:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 813793
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 0461 88 KB
29 KB 118ms
66ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e9969ec6163fc467674443a6cd06f78cf8d664794d386558db417565e57423d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 21:48:59 GMT
server: nginx
etag: W/"630fd74b-16068"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:00:40 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2F2F 15 KB
6 KB 71ms
27ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 21:00:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 862775
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame AC1C 88 KB
29 KB 96ms
60ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e9969ec6163fc467674443a6cd06f78cf8d664794d386558db417565e57423d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 21:48:59 GMT
server: nginx
etag: W/"630fd74b-16068"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:00:40 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame FACE 4 KB
2 KB 298ms
296ms Script
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=243&o=1&d=1&b=2&ts=1&ii=2&FPCK=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dfec631d3560c9604ba28d7f90e605a739e00ef6893626b6e785b77346136381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame FACE 3 KB
3 KB 25ms
23ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 13
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: biNWX-9R1ELXklWe-uGruB8tPWSnoOA6msCOySEF-Yki9csRF6Ew9w==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame FACE 119 KB
39 KB 44ms
42ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

11b360963cee2563b6f93fc397a436c1c5b8ace543f35a9bb76095bd40ceccb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:12 GMT
server: nginx
etag: W/"63041db4-1ddab"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:00:40 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame FACE 2 KB
3 KB 28ms
27ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
age: 13
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: a_npBBQEecUPao6Ru5nRiyhcbquqIazINvrbhShTN70cmtQ2Rskkmg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame FACE 4 KB
5 KB 33ms
32ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
age: 42
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: udwUwqQalAvxiQt2SD7Ja_qaKwOIAtklxOHjX7jKpHaD_doKdrWXjA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame FACE 3 KB
3 KB 34ms
32ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 13
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: KYNVkIA9adshj4Bo97rT33fRnAM_kqK6wPqY5UI0pyXepsRn5iXFGQ==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame FACE 3 KB
3 KB 939ms
938ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 15 Oct 2021 07:41:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "adc35fd9401ac04bdb2a47c466e46174"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:42 GMT
accept-ranges: bytes
content-length: 2568
x-amz-cf-id: JvfDnuEgt8uF0dznv0MPXHecZld9IqDC2OJ4UnYiLrOCZbad8ea1tQ==

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2F2F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=5QKxQXwveDMwa201TzFncXp1dEVQbDl0MzN4R1p4blB1SGhiTVJNV1ZyaVRZRGhOaDBtVGlOaVo0RHNEWWd5dXZJeDg2T1QxQ0pNOG1uRWJhQ2dJWWw3ZlVyV2w5cUlHUW9OVTVpbkdKYStuNzZhUWtZK0lHSTVKUFRLZz...

417 B
662 B

96ms
23ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5QKxQXwveDMwa201TzFncXp1dEVQbDl0MzN4R1p4blB1SGhiTVJNV1ZyaVRZRGhOaDBtVGlOaVo0RHNEWWd5dXZJeDg2T1QxQ0pNOG1uRWJhQ2dJWWw3ZlVyV2w5cUlHUW9OVTVpbkdKYStuNzZhUWtZK0lHSTVKUFRLZzFmcjZ3cE1Nd1FwbU10VXRGZ2doVjdmeWIwd3NXeWhUNVJSdHdRWTlaSEI5SzFIcjNLRXhtakxKc3g4K2MrK0d3WEFqbkpJR09WZzNPZ2ZlQ3lMeXZUMnBmczdaeDBpZFVZUTNhUmpDbFN3VWc4RDBJTGE0TFd0TVQ2RXVMVzBFK2wzWGFLZmRHRlZsdnQrZnQwWXpLN0RnN0VXK1hidWdidU1XRDJ4dk04cDNiVWYyUTZ3az18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fcf8cd4b9a00d18c791fd7bc542d66755951b895b73102acfd60056b6b10f03c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 944644
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:40 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=5QKxQXwveDMwa201TzFncXp1dEVQbDl0MzN4R1p4blB1SGhiTVJNV1ZyaVRZRGhOaDBtVGlOaVo0RHNEWWd5dXZJeDg2T1QxQ0pNOG1uRWJhQ2dJWWw3ZlVyV2w5cUlHUW9OVTVpbkdKYStuNzZhUWtZK0lHSTVKUFRLZzFmcjZ3cE1Nd1FwbU10VXRGZ2doVjdmeWIwd3NXeWhUNVJSdHdRWTlaSEI5SzFIcjNLRXhtakxKc3g4K2MrK0d3WEFqbkpJR09WZzNPZ2ZlQ3lMeXZUMnBmczdaeDBpZFVZUTNhUmpDbFN3VWc4RDBJTGE0TFd0TVQ2RXVMVzBFK2wzWGFLZmRHRlZsdnQrZnQwWXpLN0RnN0VXK1hidWdidU1XRDJ4dk04cDNiVWYyUTZ3az18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 660925
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5C02
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=DeLwBHxXbTY1czJjYzVtVnpxNUo2WCtEQkN0eGpSbmUyRHRPTUQrazlBZ2dCcmlRMzJzaHhxakZ4Z3QwZDlRVTloNEpVLzJKQUk0QXdJK3JydFdZUTJ1UWlxckMxYzF4b2xWOW4vOHAxeURMWVJza1ZaN25xYkxLaTluRE...

425 B
645 B

95ms
23ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=DeLwBHxXbTY1czJjYzVtVnpxNUo2WCtEQkN0eGpSbmUyRHRPTUQrazlBZ2dCcmlRMzJzaHhxakZ4Z3QwZDlRVTloNEpVLzJKQUk0QXdJK3JydFdZUTJ1UWlxckMxYzF4b2xWOW4vOHAxeURMWVJza1ZaN25xYkxLaTluREoxVHcrcmR5L3l0TFNYa29QTUFWMnpIckJrZFRGT0xHdi9waXErOWVEejVZayt1dm55WHpDdjl0c0RMdDl0aG4rckRRaVBpVVFiUWdyN292ekZ6NnNML3dXdkhaZVVSaUlkSVFYb3pISzJ3b1FhbE9QaklCR2k5cENYb1JhdVMwM3g5MWg0dnZ2VExmbWZXUm16ZlE0Wks2aVh3SkpPSDhTNHZjcURtRjE1UWlhTzVhb3JOST18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e133dd506d610c95e2491d55127a4f751f2257503c261e4a5f540d740e2083d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 905520
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:39 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=DeLwBHxXbTY1czJjYzVtVnpxNUo2WCtEQkN0eGpSbmUyRHRPTUQrazlBZ2dCcmlRMzJzaHhxakZ4Z3QwZDlRVTloNEpVLzJKQUk0QXdJK3JydFdZUTJ1UWlxckMxYzF4b2xWOW4vOHAxeURMWVJza1ZaN25xYkxLaTluREoxVHcrcmR5L3l0TFNYa29QTUFWMnpIckJrZFRGT0xHdi9waXErOWVEejVZayt1dm55WHpDdjl0c0RMdDl0aG4rckRRaVBpVVFiUWdyN292ekZ6NnNML3dXdkhaZVVSaUlkSVFYb3pISzJ3b1FhbE9QaklCR2k5cENYb1JhdVMwM3g5MWg0dnZ2VExmbWZXUm16ZlE0Wks2aVh3SkpPSDhTNHZjcURtRjE1UWlhTzVhb3JOST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 616323
content-length: 0
expires: 0

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame FACE 2 KB
2 KB 309ms
308ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.11672103089536456
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dfd14ec11d47d425a905a956ddf6984055ac6aebaede190059458a34b6a35ba3

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 06 Sep 2022 21:00:39 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1369

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame FACE 0
170 B 170ms
170ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:40 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame FACE
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw

2 B
19 B

1030ms
1029ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 06 Sep 2022 21:00:40 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame FACE 187 B
430 B 41ms
40ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=128&profileId=184&cb=92335790634

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e9f1877989aeaff609019d3749628c09ce8bc56a1de07d56ae1eb0eedfb5bfc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 168

POST
H2 204 events
bidder.criteo.com/csm/ Frame FACE 0
209 B 30ms
29ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame C1B7 36 B
406 B 293ms
293ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

aa652b82ef5e852e2d5dbcb091e3965350e92cc4a452a81a994a65a4341a0960

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 38F4 36 B
406 B 293ms
293ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

aa652b82ef5e852e2d5dbcb091e3965350e92cc4a452a81a994a65a4341a0960

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 508D 4 KB
1 KB 274ms
272ms Script
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=948&o=1&d=1&b=2&ts=1&ii=2&FPCK=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d769f735969d005643c6e4b85ef0581d32af0f783136a41cf1a6b19a3c0e466e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 508D 3 KB
3 KB 19ms
17ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 13
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: qM3aP3LCnDtzbYDqjz2JZaqh010izm-o3fsTauUFrpG-JbX9FavDHQ==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 508D 119 KB
39 KB 30ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

11b360963cee2563b6f93fc397a436c1c5b8ace543f35a9bb76095bd40ceccb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:12 GMT
server: nginx
etag: W/"63041db4-1ddab"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Sep 2022 21:00:40 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 508D 2 KB
3 KB 19ms
17ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
age: 13
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: ZjSYiQzbSQlMiFB9V4388zhoA6JIeRMsB1D-OeJd7Z55zDeRwK9S5w==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 508D 4 KB
5 KB 19ms
18ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
age: 42
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: 7elw_9_mZ6tfSGtnapDktFz_APgXvEmST63DbHyISRKLJ39jkVKqeA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 508D 3 KB
3 KB 20ms
19ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 13
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:38 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: ZW8cR8lmeyn6Ttg9dqBPrPVutGvs8NQnZH6cszNFWZdMcA3Fl3aGlA==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 508D 3 KB
3 KB 741ms
740ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 15 Oct 2021 07:41:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "adc35fd9401ac04bdb2a47c466e46174"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:41 GMT
accept-ranges: bytes
content-length: 2568
x-amz-cf-id: xkE3fT-QMsWCLxiaPlO0ymX_q5nJhffIbmmy61LMQBEX-qCRWUhoKQ==

GET
H3 200 landing.php Show response
fp.holmesmind.com/ Frame EF07 0
37 B 303ms
282ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&CFFPCKUUID=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 21:00:40 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame FACE 5 KB
2 KB 291ms
291ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 06 Sep 2022 21:10:40 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 508D 0
170 B 167ms
167ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:40 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 508D 2 KB
2 KB 296ms
296ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9806106975081257
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 86181b37d44c5d985f9861c3d0ee2d1d72f8b500ca347877678b5d13468bf088

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 06 Sep 2022 21:00:39 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 1371

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 508D
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw

2 B
19 B

930ms
929ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 06 Sep 2022 21:00:40 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 508D 177 B
425 B 28ms
28ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=128&profileId=184&cb=45910366853

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

020ebf7103f1411a2ce11ea00558e4f916338f629426b1b210e1e1672920cc06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Sep 2022 21:00:39 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 163

POST
H2 204 events
bidder.criteo.com/csm/ Frame 508D 0
209 B 27ms
26ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame FACE 10 KB
10 KB 19ms
18ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=243&o=1&d=1&b=2&ts=1&ii=2&FPCK=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 12
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: H8RGToR9GwgxNlYZvQBCSbCnY4C6lbFcv2zXrSeI_uXSp6Y7KDYL0Q==

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame C6AC 0
214 B 396ms
395ms Image
text/html 35.78.36.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj%26SID%3D52655%26Tags%3D2003%2C2002
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.36.205 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-36-205.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame C6AC 0
214 B 401ms
401ms Image
text/html 35.78.36.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj%26SID%3D52662%26Tags%3D2200%2C2198%2C2196%2C2188%2C2199%2C2197%2C2195%2C2187
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.36.205 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-36-205.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame C6AC 0
214 B 388ms
388ms Image
text/html 35.78.36.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj%26SID%3D52661%26Tags%3D2003%2C2002
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.36.205 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-36-205.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 landing.php Show response
fp.holmesmind.com/ Frame 1CDD 0
37 B 365ms
357ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&CFFPCKUUID=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&url=https%3A%2F%2Freurl.cc%2FGE486v&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 21:00:41 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 508D 5 KB
2 KB 291ms
291ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 06:51:32 GMT
server: nginx
etag: W/"62de3d74-134a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 06 Sep 2022 21:10:40 GMT

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame C1B7 30 B
278 B 297ms
297ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 508D 10 KB
10 KB 18ms
18ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FGE486v&n=948&o=1&d=1&b=2&ts=1&ii=2&FPCK=1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 12
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: F2fz2tK9p3GlcGwUKOaijWQjFFenZOzlyeNYhgkSRQdxTNBGRfvCyg==

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 38F4 30 B
278 B 294ms
294ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame FACE 36 B
399 B 294ms
294ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

aa652b82ef5e852e2d5dbcb091e3965350e92cc4a452a81a994a65a4341a0960

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:40 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 1.js Show response
cdn.holmesmind.com/js/tmp2/ Frame FACE 17 KB
17 KB 17ms
16ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/tmp2/1.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd30d0f075a407e70420304e4f0e8a8ef44ac10921a62eb091e21c25cee1f915

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: PmnURWJxsYiUehdjD2qFqYH1U9EPnXKJ
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 13 May 2022 07:01:51 GMT
server: AmazonS3
age: 22
etag: "ab22f9373885f931eb6288e9242b8411"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 16952
x-amz-cf-id: yl60diqb7HTtSCBjHsVeMr3ExwFKXm4wNC2kpN6Rv-7syG87-AkP3g==

GET
H2 200 cf.png
cdn.holmesmind.com/ Frame FACE 1 KB
2 KB 17ms
17ms Image
image/png 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/cf.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 812fee8364370eb24b5e585558d3b0df4785cd95a76105c9e0ab987ff8d5cd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2016 08:32:53 GMT
server: AmazonS3
age: 65642
etag: "a77740eea95ba2ef6436403310c6f59a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 06 Sep 2022 03:36:59 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1512
x-amz-cf-id: 0iwsSDZAsTkSSHzwI4oqfYuVmC1-E0MM4e83oQZBrnalp2FgvtoS8w==

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame C1B7 0
194 B 298ms
298ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&mp=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net/ Frame C1B7 0
79 B 545ms
291ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net/pixel?bd=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 a1e46a514f301b844181d067d144c327.gif
cdn.holmesmind.com/image/11694/ Frame FACE 1 MB
1 MB 18ms
17ms Image
image/gif 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/image/11694/a1e46a514f301b844181d067d144c327.gif
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/tmp2/1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80fb066ee0178b2d2f04d3c47c256b8ce33594095b0344522106e371a0ef3d67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: B.PXdGK1C3FxdJd2wD8JxvTQbZPfOCLe
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 08:15:05 GMT
server: AmazonS3
age: 17985
etag: "61fa01a55664df7f9ceead1720de44cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
date: Tue, 06 Sep 2022 16:38:12 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1077681
x-amz-cf-id: k-ji9yN1PwoviQ3fEHZMmIgRDvD84SS2-WPwkWF882uM2Wqe-vd2Zg==

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame FACE 2 KB
2 KB 39ms
38ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/tmp2/1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: NaKVz_HCicjxM9ESQPttcJqfpSisoaZU
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Wed, 20 Apr 2022 09:24:31 GMT
server: AmazonS3
age: 21
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: uNxbvVzM2ctdQhcbHh_rO4wfXPDD0xUVYZCgskitxNgKK_pcCgUOpg==

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame FACE 0
77 B 242ms
242ms Image
image/png 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1662498040&p=13849:52664:123320:1bc587680f81736e2a7e1bcc7c9bae94:11694
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
content-type: image/png
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 pixel
3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net/ Frame 38F4 0
79 B 527ms
290ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net/pixel?bd=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 38F4 0
194 B 294ms
294ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj&mp=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 36FB 1 KB
1 KB 19ms
18ms Document
text/html 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1253
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 06 Sep 2022 20:40:07 GMT
etag: W/"583295c9-4dc"
expires: Tue, 13 Sep 2022 20:39:47 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-id: DwDqlvMq6X74R-yAT0ig4zwHtYarzx5KhXkoXSJl-kYsbcRjdft58Q==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame 5A1E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1RBMjAyMjA5MDcwNTAwNDAzODI4NjE%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMIWkI0j7Z1LSF_SYk-kAJU&google_cver=1&google_ula=3918219,0

0
551 B

297ms
297ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMIWkI0j7Z1LSF_SYk-kAJU&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: HTTP/1.1
Server: 210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 21:00:41 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: text/javascript
Content-Length: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMIWkI0j7Z1LSF_SYk-kAJU&google_cver=1&google_ula=3918219,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D1CE
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
573 B

107ms
27ms

Document
text/html

104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 06 Sep 2022 21:00:41 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 06 Sep 2022 21:00:41 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H3 200 /
www.facebook.com/tr/ Frame 5A1E 44 B
91 B 38ms
17ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1662498037411&cd[SBST]=17&cd[PuID]=reurl

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 06 Sep 2022 21:00:41 GMT

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame 5A1E 35 B
413 B 435ms
106ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CTA20220907050040382861
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 21:00:41 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 1392 1 KB
1 KB 18ms
17ms Document
text/html 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1254
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 06 Sep 2022 20:40:07 GMT
etag: W/"583295c9-4dc"
expires: Tue, 13 Sep 2022 20:39:47 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-id: HQeOO-l3orhyVEnXXgYVHcehqZ5SldG_4yemM6SnXZT7xeZQyr2QRw==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame B183
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q09BMjAyMjA5MDcwNTAwNDA1MDg2OTI%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMIWkI0j7Z1LSF_SYk-kAJU&google_cver=1&google_ula=3918219,0

0
551 B

581ms
296ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMIWkI0j7Z1LSF_SYk-kAJU&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: HTTP/1.1
Server: 210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 21:00:41 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: text/javascript
Content-Length: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMIWkI0j7Z1LSF_SYk-kAJU&google_cver=1&google_ula=3918219,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 44EB
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
573 B

105ms
27ms

Document
text/html

104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 06 Sep 2022 21:00:41 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 06 Sep 2022 21:00:41 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H3 200 /
www.facebook.com/tr/ Frame B183 44 B
88 B 20ms
17ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 06 Sep 2022 21:00:41 GMT

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame B183 35 B
413 B 413ms
102ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=COA20220907050040508692
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 21:00:41 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 jquery-1.7.2.min.js Show response
code.jquery.com/ Frame 8E2A 93 KB
33 KB 109ms
21ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.7.2.min.js
Requested by: Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-17278"
vary: Accept-Encoding
x-hw: 1662498041.dop141.fr8.t,1662498041.cds055.fr8.hn,1662498041.cds153.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33626

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame 1463 0
152 B 246ms
246ms Script
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=13847:52664:123341:4de6000ef114f728e7507dcbe4747a06:11694&type=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 1.js Show response
cdn.holmesmind.com/js/tmp2/ Frame 508D 17 KB
17 KB 21ms
21ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/tmp2/1.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd30d0f075a407e70420304e4f0e8a8ef44ac10921a62eb091e21c25cee1f915

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: PmnURWJxsYiUehdjD2qFqYH1U9EPnXKJ
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 13 May 2022 07:01:51 GMT
server: AmazonS3
age: 23
etag: "ab22f9373885f931eb6288e9242b8411"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 16952
x-amz-cf-id: kev1w56ktu8rPAK1KHubNDSS3m_3bOUw4guo3jdtfODUZ_afwgIFBg==

GET
H2 200 cf.png
cdn.holmesmind.com/ Frame 508D 1 KB
2 KB 20ms
20ms Image
image/png 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/cf.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 812fee8364370eb24b5e585558d3b0df4785cd95a76105c9e0ab987ff8d5cd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2016 08:32:53 GMT
server: AmazonS3
age: 65643
etag: "a77740eea95ba2ef6436403310c6f59a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 06 Sep 2022 03:36:59 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1512
x-amz-cf-id: nTYtMXgn_UZv1FqnulSudFrW5TljD55yTSkAKY0LyYq3fzm9ovKd8A==

GET
H2 200 a1e46a514f301b844181d067d144c327.gif
cdn.holmesmind.com/image/11694/ Frame 508D 1 MB
1 MB 19ms
18ms Image
image/gif 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/image/11694/a1e46a514f301b844181d067d144c327.gif
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/tmp2/1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80fb066ee0178b2d2f04d3c47c256b8ce33594095b0344522106e371a0ef3d67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: B.PXdGK1C3FxdJd2wD8JxvTQbZPfOCLe
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Fri, 26 Aug 2022 08:15:05 GMT
server: AmazonS3
age: 17986
etag: "61fa01a55664df7f9ceead1720de44cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
date: Tue, 06 Sep 2022 16:38:12 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1077681
x-amz-cf-id: tyfg2msOHkULKrQ5mZ47vQg7lUtEtHUk9RlLngual_T14rEf_J8ljg==

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame 508D 2 KB
2 KB 31ms
30ms Script
application/javascript 2600:9000:20eb:2600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/tmp2/1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: NaKVz_HCicjxM9ESQPttcJqfpSisoaZU
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
last-modified: Wed, 20 Apr 2022 09:24:31 GMT
server: AmazonS3
age: 22
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 06 Sep 2022 21:00:39 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: w-XXtnZv9RLhmxUNlCiR2D9YHaVjbod4XxG27ugE9T3egTMk7P_8cQ==

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame 508D 0
77 B 244ms
243ms Image
image/png 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1662498040&p=13857:52664:123320:4f27a142c340e0f2f31fba263c51e3b0:11694
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
content-type: image/png
server: nginx/1.14.0 (Ubuntu)

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame FACE
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw

2 B
19 B

284ms
284ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:42 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 06 Sep 2022 21:00:42 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 508D
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw

2 B
19 B

287ms
287ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:42 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 06 Sep 2022 21:00:42 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=AZcay6K9AAuc89XX-LQXYw
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 0A1F 1 KB
1 KB 20ms
18ms Document
text/html 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html?mid=52
Requested by: Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1983
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 06 Sep 2022 20:27:38 GMT
etag: W/"583295c9-4dc"
expires: Tue, 13 Sep 2022 20:27:38 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-id: CoLQ7a8whKAIdZwAKmih_MmVuVmxaAL-g76sHpT8m9X3XoQIFucMaQ==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

POST
H/1.1 200
OK rec.aspx Show response
rec.scupio.com/recweb/ Frame 8E2A 11 KB
3 KB 321ms
310ms XHR
text/javascript 210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/rec.aspx?cb=0.9289085740018654
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4738e641649f59df632ace15e680a11d4fee4e101d94c03058f35a1a68746761

Request headers

Accept: */*
Referer: https://img.scupio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 06 Sep 2022 21:00:40 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: text/javascript; charset=utf-8
Content-Length: 3098

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 44EB 31 KB
10 KB 32ms
32ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bbe8560826479959291cf70d3080f513bd35cc48126cf13dd43f6ffcec28907d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 21:00:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=40171
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Wed, 07 Sep 2022 08:10:12 GMT

GET
H2 200 pixel
3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net/ Frame FACE 0
79 B 293ms
292ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net/pixel?bd=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame FACE 0
187 B 294ms
294ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&mp=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D1CE 31 KB
10 KB 31ms
31ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bbe8560826479959291cf70d3080f513bd35cc48126cf13dd43f6ffcec28907d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 21:00:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=40171
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Wed, 07 Sep 2022 08:10:12 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 44EB 284 B
536 B 91ms
19ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame D1CE 284 B
536 B 90ms
19ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/jpg

GET
H/1.1 204
No Content sync.php
pixel-apac.rubiconproject.com/exchange/ Frame 44EB 0
239 B 811ms
176ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
Content-Type: image/gif

GET
H2 200 pixel
3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net/ Frame 508D 0
79 B 291ms
289ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net/pixel?bd=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 508D 0
187 B 295ms
294ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF&mp=3cf72ec3-ceba-4b4e-b8f6-5b08b680b088

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:41 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 ad469.js Show response
img.scupio.com/staticfiles/540ab50cb55c4d8be0409d42453990d5cd7fb401/scripts/adbanner/build/ Frame 8E2A 23 KB
10 KB 24ms
24ms XHR
application/javascript 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/staticfiles/540ab50cb55c4d8be0409d42453990d5cd7fb401/scripts/adbanner/build/ad469.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: bb245a239cb23804d33118c1beadcaaf64739662cbd49e0b84caa77de1f0d75a

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 09:27:32 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 08:49:17 GMT
server: nginx/1.12.1
age: 127989
etag: W/"6315b80d-5df5"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: ntZ9-Py_tJC90czhU3d9pw_S-JsS_eqrwk2bc93dVEzw0ceUqJIwwA==
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
expires: Tue, 05 Sep 2023 09:27:32 GMT

GET
H2 200 CoverImage.js Show response
img.scupio.com/staticfiles/540ab50cb55c4d8be0409d42453990d5cd7fb401/scripts/adbanner/build/ Frame 8E2A 1 KB
1 KB 23ms
23ms XHR
application/javascript 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/staticfiles/540ab50cb55c4d8be0409d42453990d5cd7fb401/scripts/adbanner/build/CoverImage.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 08:53:19 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 08:49:17 GMT
server: nginx/1.12.1
age: 130042
etag: W/"6315b80d-54d"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 3nYxkxI4ZdIp0oP0mJ5CWhkZfkBYcxl_ZbnVEWEFGmeqDvvn02-XNA==
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
expires: Tue, 05 Sep 2023 08:53:19 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 8E2A 2 KB
590 B 79ms
28ms Stylesheet
text/css 2a00:1450:400e:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@900

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75aa5fc5ab5ca68d3d60dc850c3b5c107f1c1217eacf71d60cb4b835460c04c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 21:00:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 06 Sep 2022 21:00:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Sep 2022 21:00:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 8E2A 2 KB
2 KB 78ms
28ms Image
text/css 2a00:1450:400e:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@900

Requested by

Host: reurl.cc
URL: https://reurl.cc/GE486v

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 21:00:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 06 Sep 2022 21:00:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Sep 2022 21:00:41 GMT

GET
H2 200 2c552730-f6ed-4e35-967e-75ae6e16fae6.jpg
img.scupio.com/dsp/ad-image/931/2/ Frame 8E2A 5 KB
5 KB 22ms
20ms Image
image/jpeg 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/dsp/ad-image/931/2/2c552730-f6ed-4e35-967e-75ae6e16fae6.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: dc9c82e22cc8e4786160076e3d7a8401176b9efbfdaef587c55d443edff6eab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 20:51:38 GMT
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified: Tue, 22 Jun 2021 08:53:06 GMT
server: nginx/1.12.1
age: 543
etag: "60d1a4f2-13ba"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=21600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 5050
x-amz-cf-id: 4fZrIyn_snEBognAkhJY7dsmLno4eFUcn5jd1wbB9Wo8nGJxIvN4rQ==
expires: Wed, 07 Sep 2022 02:51:38 GMT

GET
H2 200 7092117.jpg
img.scupio.com/ec/x/931/250/117/ Frame 8E2A 9 KB
9 KB 18ms
17ms Image
image/jpeg 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/ec/x/931/250/117/7092117.jpg?h=cf8c57c38b8f521500cb74c22823f71b&v=0
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 649bb51c7988e50a72ba3202a01713b60c3ca192847bc878e1505203418a207c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:06:13 GMT
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 14:02:01 GMT
server: nginx/1.12.1
age: 21268
etag: "631752d9-22ba"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 8890
x-amz-cf-id: r10HlG4DCe2q8edxPET2cPv2wLf5QByF88CQi75Iplx9j1S4_6CFIw==
expires: Tue, 06 Sep 2022 21:06:13 GMT

GET
H2 200 7602274.jpg
img.scupio.com/ec/x/931/250/274/ Frame 8E2A 7 KB
7 KB 19ms
18ms Image
image/jpeg 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/ec/x/931/250/274/7602274.jpg?h=8c3ed0e84f38c029884bec404085ac26&v=0
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: d79b2fcf1a0aace74fe185f3bf58af9c0ca1dca2a5526507df2e5993a40603cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 18:06:27 GMT
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 17:25:08 GMT
server: nginx/1.12.1
age: 10454
etag: "63178274-1a4f"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 6735
x-amz-cf-id: FMaIFGHH84XSoQjg7G5Aq91RqNy5pwG0_LHbKSTsfMCKqXIOUwBjQQ==
expires: Wed, 07 Sep 2022 00:06:27 GMT

GET
H2 200 6821090.jpg
img.scupio.com/ec/x/931/250/090/ Frame 8E2A 8 KB
8 KB 19ms
17ms Image
image/jpeg 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/ec/x/931/250/090/6821090.jpg?h=7b987554f79962919c9495c7a88a8d4b&v=0
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 13e489437eb5e0a8fca4eb72a5340a380644bf3f18c90cd93c4dd10a35b0f3ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:47:50 GMT
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 13:25:39 GMT
server: nginx/1.12.1
age: 15171
etag: "63174a53-1e0f"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 7695
x-amz-cf-id: ivgvpOARvfWTsYo9Vyzye0syhXvrxA2BYaJKpPGxxQtOcKBR516vwg==
expires: Tue, 06 Sep 2022 22:47:50 GMT

GET
H2 200 7322764.jpg
img.scupio.com/ec/x/931/250/764/ Frame 8E2A 9 KB
9 KB 20ms
19ms Image
image/jpeg 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/ec/x/931/250/764/7322764.jpg?h=63ffeb4f132512a5a45d872f27beb340&v=0
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 340e881821542693dbadb77ea7045af2d968ef1c8bfc22fecb320d603492940a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 19:28:52 GMT
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 19:27:53 GMT
server: nginx/1.12.1
age: 5509
etag: "63179f39-23da"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 9178
x-amz-cf-id: 3q-uX0c5RedLzaJ6YUa0UahQExeIdjTJksQ5kseaz5yVmpqhrxV2Fg==
expires: Wed, 07 Sep 2022 01:28:52 GMT

GET
H2 200 7602099.jpg
img.scupio.com/ec/x/931/250/099/ Frame 8E2A 6 KB
6 KB 20ms
19ms Image
image/jpeg 13.32.99.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/ec/x/931/250/099/7602099.jpg?h=83792e528c5ac6016bd1accbf89ef530&v=0
Requested by: Host: reurl.cc
URL: https://reurl.cc/GE486v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-7.fra60.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: c8a55267724f128d063448f68b827b0b47dc605f5ba562bd94a17efb9b650c33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 18:09:19 GMT
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 14:03:34 GMT
server: nginx/1.12.1
age: 10282
etag: "63175336-1741"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 5953
x-amz-cf-id: RwZWxwg_Veyabignn1NNQUdtG0yBoppc6C9vMPBJNCktrP3EKGs9Ig==
expires: Wed, 07 Sep 2022 00:09:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8E2A 15 KB
16 KB 55ms
16ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://img.scupio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 08:45:00 GMT
x-content-type-options: nosniff
age: 562541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 08:45:00 GMT

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame FACE 0
152 B 256ms
256ms Script
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=13849:52664:123320:1bc587680f81736e2a7e1bcc7c9bae94:11694&type=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:42 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8EEF 15 KB
6 KB 28ms
28ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 21:00:41 GMT
server: Kestrel
server-processing-duration-in-ticks: 1414424
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8EEF
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=VZt7Y3xTMDRPTlZKT0x1V3lPNWEyWTZEOWJpRVlQcjE3ZXFyQUo5N1lzenhXdlBvK2k2a0dVVWpvMEMxVkM1OUdqbFAyZ0UyZngxamVsc0RQN3pRL1p6WFBSd2x6VXNYdzZkWVU2MHJ4ZkhMZGJ3blZsR3h2Nytnb09yUE...

433 B
668 B

25ms
25ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=VZt7Y3xTMDRPTlZKT0x1V3lPNWEyWTZEOWJpRVlQcjE3ZXFyQUo5N1lzenhXdlBvK2k2a0dVVWpvMEMxVkM1OUdqbFAyZ0UyZngxamVsc0RQN3pRL1p6WFBSd2x6VXNYdzZkWVU2MHJ4ZkhMZGJ3blZsR3h2Nytnb09yUEYzSFVWSHRQWUNGdUIxMnp5dktUS3dPV2syTFFFN1FqaDEzdzcvV3lPd1VKZ3RpcmJ1VFByNWM3c2JxQTNCdllIcmhUa3FnUE9uTURhYnp1VlVMOEpaME1TMVBtV1JhM2U4VFRBQitvL2J4T05ZazQ5UWVxY1pwenY1MTRlVCtFR2pxRFRGbHJwTzdBSEZ0cUUwc2VwdVRuRFlQWnB1dz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6d02791276478f4c7b71f39b48b3cdc88d45ac95f4bfbcc87a82ac630320cb64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:41 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1781876
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:41 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=VZt7Y3xTMDRPTlZKT0x1V3lPNWEyWTZEOWJpRVlQcjE3ZXFyQUo5N1lzenhXdlBvK2k2a0dVVWpvMEMxVkM1OUdqbFAyZ0UyZngxamVsc0RQN3pRL1p6WFBSd2x6VXNYdzZkWVU2MHJ4ZkhMZGJ3blZsR3h2Nytnb09yUEYzSFVWSHRQWUNGdUIxMnp5dktUS3dPV2syTFFFN1FqaDEzdzcvV3lPd1VKZ3RpcmJ1VFByNWM3c2JxQTNCdllIcmhUa3FnUE9uTURhYnp1VlVMOEpaME1TMVBtV1JhM2U4VFRBQitvL2J4T05ZazQ5UWVxY1pwenY1MTRlVCtFR2pxRFRGbHJwTzdBSEZ0cUUwc2VwdVRuRFlQWnB1dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 703924
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 55A4 15 KB
6 KB 29ms
28ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 21:00:41 GMT
server: Kestrel
server-processing-duration-in-ticks: 1757124
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FF46 15 KB
6 KB 30ms
30ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 21:00:41 GMT
server: Kestrel
server-processing-duration-in-ticks: 1346573
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9467 15 KB
6 KB 32ms
32ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 21:00:42 GMT
server: Kestrel
server-processing-duration-in-ticks: 1670639
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame 508D 0
152 B 239ms
239ms Script
text/html 52.68.234.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=13857:52664:123320:4f27a142c340e0f2f31fba263c51e3b0:11694&type=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.234.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-234-1.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:42 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2

200

sid Show response
mug.criteo.com/ Frame 55A4
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=bnWqEV8yRGE0YzVDOHZLWWFTaHNsayUyQnFGcThQR3RkTTA3bDdsOHdZMmdsRU5xVkFRTVdIZk5ha1ZReE...
https://mug.criteo.com/sid?cpp=rZznRnxlVzk2aVdmV1hNSVh6WGxneXdObHZBRWtjWFFlWkQ1S09aUHpqNGp0dHRETGc3K1E2NWZqUlp2ZTJkeWJmMVUzQmptdWZBQ2tWWFR4dXdqUGRsNi9WR3ZJdGNWeXVOcnZnVWV4UFppM3QwZTVPNDBZR3BTSnQzbV...

428 B
653 B

25ms
25ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=rZznRnxlVzk2aVdmV1hNSVh6WGxneXdObHZBRWtjWFFlWkQ1S09aUHpqNGp0dHRETGc3K1E2NWZqUlp2ZTJkeWJmMVUzQmptdWZBQ2tWWFR4dXdqUGRsNi9WR3ZJdGNWeXVOcnZnVWV4UFppM3QwZTVPNDBZR3BTSnQzbVBMUy9OM2V6eDJSdFFscVlKWFdlY3dXY2prQ2lkczBBYklhR3pOTnQwUTA1SmdaQVAwT3VpU09Qbmp4Sk9PZFJRQ2w3WFI1dUhiZHBkMjFLY1MzUGZvaDRvNjZuQzJDM2xRakVHNVQ3SkI3OGp1b1RjVjd3NytGTTJ1L3BzREJMNHVaU0h0WkJmaEhuenl1S0E4cVpjQkZDZU9NWWtmQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7c5d11fbf0875efdd16c860964234355c45a684bb5ab12f6120ca86c280dc63a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:42 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1090462
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:41 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=rZznRnxlVzk2aVdmV1hNSVh6WGxneXdObHZBRWtjWFFlWkQ1S09aUHpqNGp0dHRETGc3K1E2NWZqUlp2ZTJkeWJmMVUzQmptdWZBQ2tWWFR4dXdqUGRsNi9WR3ZJdGNWeXVOcnZnVWV4UFppM3QwZTVPNDBZR3BTSnQzbVBMUy9OM2V6eDJSdFFscVlKWFdlY3dXY2prQ2lkczBBYklhR3pOTnQwUTA1SmdaQVAwT3VpU09Qbmp4Sk9PZFJRQ2w3WFI1dUhiZHBkMjFLY1MzUGZvaDRvNjZuQzJDM2xRakVHNVQ3SkI3OGp1b1RjVjd3NytGTTJ1L3BzREJMNHVaU0h0WkJmaEhuenl1S0E4cVpjQkZDZU9NWWtmQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 670467
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame FF46
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=bnWqEV8yRGE0YzVDOHZLWWFTaHNsayUyQnFGcThQR3RkTTA3bDdsOHdZMmdsRU5xVkFRTVdIZk5ha1ZReE...
https://mug.criteo.com/sid?cpp=gJI9cHwwYVRIS0dZUlRXSXBCYkQ1eUdPaEtNdTlCdkcxYzZyd3V0eWFOR1hzY21nUG14YytNWWpnZDFTU1dlKzRLWXRla0ZqUmlqbngycitlR2pXbDhGNUNLeVhGa2grbnpvWThOUlcvNzM0QTczZTlOZUlwRWVBQ09TbH...

428 B
653 B

25ms
24ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=gJI9cHwwYVRIS0dZUlRXSXBCYkQ1eUdPaEtNdTlCdkcxYzZyd3V0eWFOR1hzY21nUG14YytNWWpnZDFTU1dlKzRLWXRla0ZqUmlqbngycitlR2pXbDhGNUNLeVhGa2grbnpvWThOUlcvNzM0QTczZTlOZUlwRWVBQ09TbHhTbjYrOWZpQ0x4dkVGUHE4b0FncDZZODdTOWlXUGd6bmg3aVpzcGQwYzJYUlF6bndaWXBOcFlXY0lPNlNCVWVrNG5CZGhtdHczdUh6eThiMFZjMmQyMXluY3BXUER1RStnT0xTejlSaVBlTCs2bWtjSlRxbXVKWlJENHJHM2M1MHkydjMxZzI1T3Y3MUwrU0dlSVRFcWFRUXIwbC8rZz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

35dbc07a80b96dba368e82dddf30ebe6810402472c60fbadabfc6a6bb663f40b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:41 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2126360
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:41 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=gJI9cHwwYVRIS0dZUlRXSXBCYkQ1eUdPaEtNdTlCdkcxYzZyd3V0eWFOR1hzY21nUG14YytNWWpnZDFTU1dlKzRLWXRla0ZqUmlqbngycitlR2pXbDhGNUNLeVhGa2grbnpvWThOUlcvNzM0QTczZTlOZUlwRWVBQ09TbHhTbjYrOWZpQ0x4dkVGUHE4b0FncDZZODdTOWlXUGd6bmg3aVpzcGQwYzJYUlF6bndaWXBOcFlXY0lPNlNCVWVrNG5CZGhtdHczdUh6eThiMFZjMmQyMXluY3BXUER1RStnT0xTejlSaVBlTCs2bWtjSlRxbXVKWlJENHJHM2M1MHkydjMxZzI1T3Y3MUwrU0dlSVRFcWFRUXIwbC8rZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 726388
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9467
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=bnWqEV8yRGE0YzVDOHZLWWFTaHNsayUyQnFGcThQR3RkTTA3bDdsOHdZMmdsRU5xVkFRTVdIZk5ha1ZReE...
https://mug.criteo.com/sid?cpp=qRTyLHxxdUg2RHZzcmpyeGtZRCtHc3pvUklQWUFudlNkRGZMOEUxRU1XWWRWSTErZDlYU3A2aloxdXRrTThGQzVZUDRiQXpnYzhpMncxZHFaVUJMVHpuS0ZGZ3BsSnlCV2cvMFBuaEkremlmRmh2emtPWUJDQ21MeFRERj...

444 B
659 B

24ms
24ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=qRTyLHxxdUg2RHZzcmpyeGtZRCtHc3pvUklQWUFudlNkRGZMOEUxRU1XWWRWSTErZDlYU3A2aloxdXRrTThGQzVZUDRiQXpnYzhpMncxZHFaVUJMVHpuS0ZGZ3BsSnlCV2cvMFBuaEkremlmRmh2emtPWUJDQ21MeFRERjVMSW5lNi9aUkVDblNQUTVTdFZ1d3RjcWJISy9odUZXRzJadFFBcGVpT0U1aUxXVTVDcUk3QXZaYzFoNUVNa2xYL3l6U0xmOU1qTk8zRSt2N1hSNUFJR1UyVG42eUxOMUJuUGdUNXpJQ0NZMzUrM2hNZnhzd1lUTkhvc2ErVnFadUdlbUJ1bSsrQ0ZnS2k2aFBQT1B5K1ozcmQwTWZIZz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1d1cb0756f08b1c5d1e269276d64eace0e588e5e248b387e2738120c614aed52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:42 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1895390
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:41 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=qRTyLHxxdUg2RHZzcmpyeGtZRCtHc3pvUklQWUFudlNkRGZMOEUxRU1XWWRWSTErZDlYU3A2aloxdXRrTThGQzVZUDRiQXpnYzhpMncxZHFaVUJMVHpuS0ZGZ3BsSnlCV2cvMFBuaEkremlmRmh2emtPWUJDQ21MeFRERjVMSW5lNi9aUkVDblNQUTVTdFZ1d3RjcWJISy9odUZXRzJadFFBcGVpT0U1aUxXVTVDcUk3QXZaYzFoNUVNa2xYL3l6U0xmOU1qTk8zRSt2N1hSNUFJR1UyVG42eUxOMUJuUGdUNXpJQ0NZMzUrM2hNZnhzd1lUTkhvc2ErVnFadUdlbUJ1bSsrQ0ZnS2k2aFBQT1B5K1ozcmQwTWZIZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 643340
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 80ms
27ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 06 Sep 2022 21:00:42 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 533827
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0461
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=PdoQB3xQVmlLcTYwQisyOC9xREpNaWloRnJibGVvTU93UmRscjhZZmRVQUFoa292SWtHRXI3WFBUM24xL3NUWm4yaGR0aVM4akN0Z3piZ2hFelhaN1g5YVRlempnS01IdS95eVI4WXpxUkh3RlUrRnlRZUliL0hBemdCZX...

417 B
687 B

27ms
24ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=PdoQB3xQVmlLcTYwQisyOC9xREpNaWloRnJibGVvTU93UmRscjhZZmRVQUFoa292SWtHRXI3WFBUM24xL3NUWm4yaGR0aVM4akN0Z3piZ2hFelhaN1g5YVRlempnS01IdS95eVI4WXpxUkh3RlUrRnlRZUliL0hBemdCZXFKNzBORnJzNWVJNFFrV0phcHl4UStvY2daTlNFM3YwNkY2eHkxTFJTMkN6U25uR0hFNHB1ZzVTc1Vqd01UYTA2ZVQ1bDNzWHFvalNlZ0N6b2JSajNONWkxVWVyWkd0eWljVDZQNDgzM2wyWmpwU2tzVVZsT3Z3VUtPQy8zQVYvYitzT05Ja1EvWkc4L3JITlZxTjVneHYrdHR0alY4RGZRQlVENGM4S1A5ZGhXaVRqYmNhQT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5580b2d66c302b20927218c0509a9de658975ed243f9e6838aa2f352cb30c1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:42 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1555463
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:41 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=PdoQB3xQVmlLcTYwQisyOC9xREpNaWloRnJibGVvTU93UmRscjhZZmRVQUFoa292SWtHRXI3WFBUM24xL3NUWm4yaGR0aVM4akN0Z3piZ2hFelhaN1g5YVRlempnS01IdS95eVI4WXpxUkh3RlUrRnlRZUliL0hBemdCZXFKNzBORnJzNWVJNFFrV0phcHl4UStvY2daTlNFM3YwNkY2eHkxTFJTMkN6U25uR0hFNHB1ZzVTc1Vqd01UYTA2ZVQ1bDNzWHFvalNlZ0N6b2JSajNONWkxVWVyWkd0eWljVDZQNDgzM2wyWmpwU2tzVVZsT3Z3VUtPQy8zQVYvYitzT05Ja1EvWkc4L3JITlZxTjVneHYrdHR0alY4RGZRQlVENGM4S1A5ZGhXaVRqYmNhQT18&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 497890
content-length: 0
expires: 0

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 0461 35 B
266 B 312ms
102ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 21:00:43 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cm
c.holmesmind.com/ Frame 0461 0
13 B 205ms
204ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:42 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 32ms
26ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 06 Sep 2022 21:00:42 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 502849
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame AC1C
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=M28YvnwrWUxLOVNueFIwTUhiZWhwaE1DN05MNHVjc0xWYWpsdDQ3OXJhWk4vYSt2U3JKQ0VkdXNFYVB2eVZ1eHRSOVBldy9ZNmNUQlhFbU1ReklieHFiTC8wTmxTb3dUbjJFR1RmM3dYOTlzMW9Ja0VyS3A0WkVmZ3RJRz...

401 B
678 B

28ms
26ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=M28YvnwrWUxLOVNueFIwTUhiZWhwaE1DN05MNHVjc0xWYWpsdDQ3OXJhWk4vYSt2U3JKQ0VkdXNFYVB2eVZ1eHRSOVBldy9ZNmNUQlhFbU1ReklieHFiTC8wTmxTb3dUbjJFR1RmM3dYOTlzMW9Ja0VyS3A0WkVmZ3RJRzY2cE55Z1BJdzRlQVQ1bjBzU2pCalVHUUpLQmNSYUVXYm5zUFFnU1AxdEpJdE5VbkhBeG5DUEsrbW1JakVHbG1rNkI1WmtveUNGdndONzd2MGliZGkyR1FhMWx1WFNQMUtyT2JWN3ZzY2RxMXBrc3piY1pqRHJhb3V4czdjdW53Yk5FNmpMUzFrNnJqc3hYd0l6SE8xaTdJdzh3SnFaVjFEZ3lSbTF6cjVkMlFpeSt0dWtNND18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2fb3d156b348e3680da35c06b4989d95e635b3195745a921a89c2cb9e268b09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:41 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1591526
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Sep 2022 21:00:42 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=M28YvnwrWUxLOVNueFIwTUhiZWhwaE1DN05MNHVjc0xWYWpsdDQ3OXJhWk4vYSt2U3JKQ0VkdXNFYVB2eVZ1eHRSOVBldy9ZNmNUQlhFbU1ReklieHFiTC8wTmxTb3dUbjJFR1RmM3dYOTlzMW9Ja0VyS3A0WkVmZ3RJRzY2cE55Z1BJdzRlQVQ1bjBzU2pCalVHUUpLQmNSYUVXYm5zUFFnU1AxdEpJdE5VbkhBeG5DUEsrbW1JakVHbG1rNkI1WmtveUNGdndONzd2MGliZGkyR1FhMWx1WFNQMUtyT2JWN3ZzY2RxMXBrc3piY1pqRHJhb3V4czdjdW53Yk5FNmpMUzFrNnJqc3hYd0l6SE8xaTdJdzh3SnFaVjFEZ3lSbTF6cjVkMlFpeSt0dWtNND18&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 637601
content-length: 0
expires: 0

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame AC1C 35 B
266 B 316ms
110ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 21:00:43 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cm
c.holmesmind.com/ Frame AC1C 0
13 B 678ms
677ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:00:42 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 79ms
23ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 06 Sep 2022 21:00:42 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 579468
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 79ms
25ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 06 Sep 2022 21:00:42 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 477236
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reurl.cc/	1970-01-20 07:57:54	Name: _fbp Value: fb.1.1662498034451.1018877470
.facebook.com/	1970-01-20 07:57:54	Name: fr Value: 0LPoVFMebXTYsS2nu..BjF7T2...1.0.BjF7T2.
.reurl.cc/	1970-01-20 15:24:18	Name: _ga Value: GA1.2.326867546.1662498034
.reurl.cc/	1970-01-20 05:49:44	Name: _gid Value: GA1.2.247661743.1662498034
.reurl.cc/	1970-01-20 05:48:18	Name: _gat Value: 1
.prnasia.com/	1970-01-20 05:48:19	Name: __cf_bm Value: FFAbOysUyXwizYN4U3NXC8cefJohOY7o5JmHHV8Q5_k-1662498038-0-AYVWj0wRk0GY6kn1vuL6dIASOMHsFh4Cs6KwJd6DcfRRg6GQ6cazRSv/L6/38GE1tfC6dikwYgp27kO3zrfHUrc=
.holmesmind.com/	1970-01-20 15:24:18	Name: P Value: 284495-q6y2Up2ur3dAF6NrXDEM9elNYC7Js6Qj
.holmesmind.com/	1970-01-20 06:09:25	Name: Vision Value: 20220907-23:59,20220907-08,20220907-08,20220907-23:59
.holmesmind.com/	1970-01-20 06:09:25	Name: C Value: null
.holmesmind.com/	1970-01-20 08:13:15	Name: RK Value: null
reurl.cc/	1970-01-20 06:31:30	Name: CFFPCKUUID Value: 1845-QQA9esw1KEUX2EOc91s0dbtqnjlTIXhn
.reurl.cc/	1970-01-20 06:31:30	Name: CFFPCKUUIDMAIN Value: 4103-68bADD8u7mCht9qHD5ShamVXN9nkY3jF
.hinet.net/	1970-01-20 15:24:18	Name: uuid Value: 3cf72ec3-ceba-4b4e-b8f6-5b08b680b088
.reurl.cc/	1970-01-20 14:33:54	Name: __htid Value: 3cf72ec3-ceba-4b4e-b8f6-5b08b680b088
.reurl.cc/	1970-01-20 05:49:44	Name: _ht_50ef57 Value: 1
.reurl.cc/	1970-01-20 05:48:21	Name: _ht_em Value: 1
.criteo.com/	1970-01-20 15:09:54	Name: uid Value: a19f6ea7-a879-4416-96f7-419b712d7015
.doubleclick.net/	1970-01-20 15:09:54	Name: IDE Value: AHWqTUm240LbnFjQOxz3p-ovpjQH6Ta8BK3SSETb-C1kJK-v-8z3REEF3-9k9jEKlUw
.holmesmind.com/	1970-01-20 05:49:44	Name: fcm Value: 1
.c.appier.net/	1970-01-20 14:33:54	Name: _auid Value: AZcay6K9AAuc89XX-LQXYw
.reurl.cc/	1970-01-20 05:49:44	Name: _ht_hi Value: 1
.scupio.com/	1970-01-20 05:58:22	Name: fxc Value: 1
.scupio.com/	1970-01-20 14:33:54	Name: OrgKeyValue Value: COA20220907050040508692
.scupio.com/	1970-01-20 14:33:54	Name: gx Value: H4sIAHglGGMA%2fxNmYGDg4uZoOPls55ypHdYCrEIsHPYCTADTQ41ZFwAAAA%3d%3d
.scupio.com/	1970-01-20 05:58:22	Name: gxc Value: 1
.aralego.com/	1970-01-20 14:33:54	Name: gdpr Value: 1
.aralego.com/	1970-01-20 14:33:54	Name: sspid Value: 0cfa2853-b0b0-3ea1-b6ee-498351ca5398
.holmesmind.com/	1970-01-20 06:09:25	Name: R Value: null
.holmesmind.com/	1970-01-20 08:13:15	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-20 15:24:18	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.reurl.cc/	1970-01-20 15:09:54	Name: cto_bundle Value: H1JoRl8yRGE0YzVDOHZLWWFTaHNsayUyQnFGcTlIQWN1NXY0TFA4UiUyRjNRQmhJQUolMkJoV01maUxxJTJGS2RwRm5BUzdYWkljRzZKVmZQU040bzFRYjNOTCUyRm9hQno5UEVRbGUwSUZaSE1iJTJCc3Nyd1UwSGRlNnFydFU1MVBSUWNqTkdJYTQ5dGk4ZzJoeDBHMFN5TjZWdGM0JTJGcW5IOVJDQSUzRCUzRA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3cf72ec3-ceba-4b4e-b8f6-5b08b680b088.t.ssp.hinet.net
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.yap.yahoo.com
ajax.googleapis.com
bidder.criteo.com
blog.alphaloan.co
bw.scupio.com
c.holmesmind.com
ccm.holmesmind.com
cdn.holmesmind.com
cdn.jsdelivr.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
creditcards.com.tw
eus.rubiconproject.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
fp.holmesmind.com
geo.yahoo.com
gocm.c.appier.net
gum.criteo.com
hb.aralego.com
i0.wp.com
img.gbyhn.com.tw
img.racingcharger.tw
img.scupio.com
m.holmesmind.com
mma.prnasia.com
mug.criteo.com
pixel-apac.rubiconproject.com
prebid-asia.creativecdn.com
prebid.scupio.com
rec.scupio.com
reurl.cc
s.yimg.com
secure-assets.rubiconproject.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
sync.aralego.com
t.ssp.hinet.net
token.rubiconproject.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
103.132.192.30
104.96.145.246
13.32.99.7
142.250.181.226
162.210.196.208
172.105.203.31
178.250.2.131
178.250.2.146
192.0.77.2
192.0.78.135
192.0.78.236
192.96.200.41
2001:4de0:ac18::1:a:1a
203.75.214.136
210.59.219.175
210.59.219.180
210.59.219.181
23.75.240.210
2600:9000:20eb:2600:0:e06c:e940:93a1
2600:9000:2165:6000:3:1794:2540:93a1
2606:4700::6810:5714
2606:4700::6810:fc04
2a00:1288:110:c204::b000
2a00:1288:f03d:1fa::2000
2a00:1450:4001:809::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c08::9d
2a00:1450:400e:810::200a
2a02:2638::1c
2a02:2638::3
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3120::c
34.102.176.152
34.117.219.39
34.95.67.231
34.96.119.68
35.185.130.121
35.186.215.140
35.201.76.93
35.227.249.156
35.244.196.223
35.78.36.205
52.68.234.1
69.173.144.165
69.173.158.64
74.6.138.64
020ebf7103f1411a2ce11ea00558e4f916338f629426b1b210e1e1672920cc06
04431a827a36b70d9174180e526ed0000fee866c9688c4009da71d863d5bb73e
085646791641d04a5d40e50017fd92643f2be5eb4e03b6e250d78dd4d6bdf13f
0baf1cc5a1cdae91830fb8b1bd2688fa266ef5820d8670f9e520ebb629936622
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b360963cee2563b6f93fc397a436c1c5b8ace543f35a9bb76095bd40ceccb2
12bc83cd3d7f1a3dc4371c98bc05d1daaee800370ad2e9219afa7d41550d2de1
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935
13e489437eb5e0a8fca4eb72a5340a380644bf3f18c90cd93c4dd10a35b0f3ad
1821ca54d1a850d205fe0aef50fe76f12015c5904df8beb2ae6d354037e25a05
1c65d18ea6b840fe917c2fc49fef00b966f10c331085ed02c22c0e0649f5edec
1d1cb0756f08b1c5d1e269276d64eace0e588e5e248b387e2738120c614aed52
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721
24ba31ccbfb5709ce541b68a17aa6ff2d015b6a0f9cb1524a8dc14ba3403c442
25355805f44af99037c6b951f9afd762f5fd74eb126aba4b2f82cafa563c0f90
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
2dc59097a75277176a58499dc9c118020ec37976f392b96a76704ed444fa2396
2fb3d156b348e3680da35c06b4989d95e635b3195745a921a89c2cb9e268b09d
340e881821542693dbadb77ea7045af2d968ef1c8bfc22fecb320d603492940a
35dbc07a80b96dba368e82dddf30ebe6810402472c60fbadabfc6a6bb663f40b
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
37f7cb504e24d04c0a0ad415ed8612013957406bceb5dc53e21ce7480ecbe46d
3b94cf02b3aa5a29d83f458d7178a7f8e12a750ca9780ead6e788902ec91232e
3e43933431911f1fbdfe20691bbbb4c380b33f9d81541c3cbc4e38efe63d3c42
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42176dd8bba6d2b3043429bc0f0401f069e2c8e3e2642fa3f2cfef58cad0071b
4738e641649f59df632ace15e680a11d4fee4e101d94c03058f35a1a68746761
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5580b2d66c302b20927218c0509a9de658975ed243f9e6838aa2f352cb30c1a1
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
62eec41f1904765b1d973e774e6b3dee84f1037459149eb858547822ce89f996
62f41c7f63454005f4800d45e171aae730d3f9c0b3bfa31f33ceb1575cb3196d
649bb51c7988e50a72ba3202a01713b60c3ca192847bc878e1505203418a207c
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d02791276478f4c7b71f39b48b3cdc88d45ac95f4bfbcc87a82ac630320cb64
6e842f654a304fd1eece02a5d588d2a998cc87cc65730b04d1e2c916e3a72a10
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
75aa5fc5ab5ca68d3d60dc850c3b5c107f1c1217eacf71d60cb4b835460c04c7
7ae2f5b5d641c02de5d3222990df1b555a4a41f06b0eedac42b7f5e984454769
7c5d11fbf0875efdd16c860964234355c45a684bb5ab12f6120ca86c280dc63a
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e3aebdf717e37cc765a6f4404cde0d200e7b8f62d4e0c9922a318b544979bf5
804dbf1cfb8eff67c2af5b744d54c6d809bc0077b7425463b666410b55629bac
80fb066ee0178b2d2f04d3c47c256b8ce33594095b0344522106e371a0ef3d67
812fee8364370eb24b5e585558d3b0df4785cd95a76105c9e0ab987ff8d5cd84
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86181b37d44c5d985f9861c3d0ee2d1d72f8b500ca347877678b5d13468bf088
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8d805e1c2cfc4d461ac38a234fdc8c26f767952c75301b21644940dbb3374a5f
909b56c47451ef73e3685930dacaf27a007e65b1ab2e46bf2fafa2f8766007cc
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd
9478e704767afc0805e5a7d79aec5a4a1d5a2279d3a3418f885b42e234284d8d
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f
9eaa8e440dc9f4343f2aa648b5cf6aa13cc19ff55854dcc4f4619024e5a26bac
9ee1b5f0991caed05a8149e2e2d86f43a8a0d8600d5c83d2799601714a8af3c6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
a5134f687b53b742d80e3b05c9d8c13e22317b41460c75584fa7848906da514c
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793
a7d1ad0006cf1950121ad6835c13ef6ed3a5bcb8ad583b3b072d5cd776bc83c9
aa652b82ef5e852e2d5dbcb091e3965350e92cc4a452a81a994a65a4341a0960
ac91914ff217a1e51a8db3171a0f689fd3577d72a5e926b9179b90a694355b87
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7049cdcc87c915c4b9d589c9a2cae164c0125bb09dc416336cc442c8901000e
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
b9f6ed295d351ab2c7964cec5a106c7435601603eedd63bff18c196e1a24a3d2
bb245a239cb23804d33118c1beadcaaf64739662cbd49e0b84caa77de1f0d75a
bbe8560826479959291cf70d3080f513bd35cc48126cf13dd43f6ffcec28907d
bd215cbd7233a9bfa56a60648a8ff578f2dd671c00f37dc339461a23fcdb2b7d
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c8a55267724f128d063448f68b827b0b47dc605f5ba562bd94a17efb9b650c33
cb0ab8c1bb463aa6686113cc735d51bd33d1f78dd8c303d64e6a9353198610e4
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267
d106b52be51cceb76c964d7b72f98a4e57ecfa07e6c47377adf2e3816c5d94b4
d16e2935563b126b1347159a3a79772be88f57fdbc024abadb0fa9a5f8b05beb
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d5c87ead41a855475e029b6138a4ea64e055ca9ed4b526448e84315b12ab6a3c
d769f735969d005643c6e4b85ef0581d32af0f783136a41cf1a6b19a3c0e466e
d79b2fcf1a0aace74fe185f3bf58af9c0ca1dca2a5526507df2e5993a40603cd
dc9c82e22cc8e4786160076e3d7a8401176b9efbfdaef587c55d443edff6eab0
dd30d0f075a407e70420304e4f0e8a8ef44ac10921a62eb091e21c25cee1f915
ddac8b8ea8b6867489f0328aa21226910dd72a57a54d6fa16091dc04ad14f941
dfd14ec11d47d425a905a956ddf6984055ac6aebaede190059458a34b6a35ba3
dfec631d3560c9604ba28d7f90e605a739e00ef6893626b6e785b77346136381
e133dd506d610c95e2491d55127a4f751f2257503c261e4a5f540d740e2083d2
e1e2d72a187975f4e4997055834a0ae712d4831769904eeb5e3b6c8cf160095d
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54e601faee15c866fc80659f34bf9b78048d72901b77795bb0109d4fdabccf7
e6d68e9266b16c730d260aa7d3b6c9cb0631c399e55f25f42a3cbc299b1e178a
e9969ec6163fc467674443a6cd06f78cf8d664794d386558db417565e57423d3
e9f1877989aeaff609019d3749628c09ce8bc56a1de07d56ae1eb0eedfb5bfc0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef589598a2e7f53b2d64dabea0957822a6ee33e921023cafb6b6bd78ff125074
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f641ad0c0e2731c3ab3eaabdfd3699fa311335b36cd38285a4a7e5fd41f8a896
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c
f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fcf8cd4b9a00d18c791fd7bc542d66755951b895b73102acfd60056b6b10f03c

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

277 Requests

91 %HTTPS

40 %IPv6

32 Domains

53 Subdomains

50 IPs

11 Countries

6759 kBTransfer

8490 kBSize

31 Cookies

19 Outgoing links

Redirected requests

277 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

277
Requests

91 %
HTTPS

40 %
IPv6

32
Domains

53
Subdomains

50
IPs

11
Countries

6759 kB
Transfer

8490 kB
Size

31
Cookies

277 HTTP transactions
2 data transactions