reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://reurl.cc/
Effective URL:
https://reurl.cc/main/tw
Submission: On June 21 via manual (June 21st 2023, 11:52:56 pm UTC) from US — Scanned from DE

Summary HTTP 359 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 73 IPs in 8 countries across 58 domains to perform 359 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 231147.
TLS certificate: Issued by R3 on May 22nd 2023. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	35.185.130.121 35.185.130.121	15169 (GOOGLE) (GOOGLE)
7	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
3	34.149.98.30 34.149.98.30	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.129.55 151.101.129.55	54113 (FASTLY) (FASTLY)
28	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
16	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1 1	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
28	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:225... 2600:9000:2250:de00:a:e047:753:be1	() ()
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
30	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f13... 2a03:2880:f13d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
10	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 6	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c03::9d	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
30	2600:9000:225... 2600:9000:225b:c600:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	18.173.154.44 18.173.154.44	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.185.136.122 35.185.136.122	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:fd04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.78.25 192.0.78.25	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.78.187 192.0.78.187	2635 (AUTOMATTIC) (AUTOMATTIC)
1	34.160.81.203 34.160.81.203	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:205... 2600:9000:2057:a200:1e:5c56:d400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
7	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	18.173.154.80 18.173.154.80	16509 (AMAZON-02) (AMAZON-02)
8	18.176.174.178 18.176.174.178	16509 (AMAZON-02) (AMAZON-02)
4	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 6	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2600:9000:20c... 2600:9000:20c3:ae00:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.84.88.17 99.84.88.17	16509 (AMAZON-02) (AMAZON-02)
4	52.193.181.52 52.193.181.52	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.34 108.138.36.34	16509 (AMAZON-02) (AMAZON-02)
1	35.208.216.174 35.208.216.174	15169 (GOOGLE) (GOOGLE)
5 15	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
2	210.59.219.34 210.59.219.34	3462 (HINET Dat...) (HINET Data Communication Business Group)
4 8	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
4 4	172.105.235.90 172.105.235.90	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
4	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
6	2606:4700:20:... 2606:4700:20::ac43:47fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	192.96.203.13 192.96.203.13	() ()
2 2	23.56.202.187 23.56.202.187	() ()
4	23.37.42.132 23.37.42.132	() ()
2	69.173.144.139 69.173.144.139	() ()
1	2a00:1450:400... 2a00:1450:4001:830::200a	() ()
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	() ()
1 1	151.101.130.49 151.101.130.49	() ()
2 2	34.91.62.186 34.91.62.186	() ()
1	52.223.40.198 52.223.40.198	() ()
2 4	104.75.89.75 104.75.89.75	() ()
2 2	185.89.210.153 185.89.210.153	() ()
4 4	3.120.51.52 3.120.51.52	() ()
1	2600:1901:0:7... 2600:1901:0:76b9::	() ()
8	2606:4700:20:... 2606:4700:20::681a:bd1	() ()
1 1	185.29.132.241 185.29.132.241	() ()
2 2	185.80.39.216 185.80.39.216	() ()
1	185.86.138.153 185.86.138.153	() ()
1 2	51.75.86.98 51.75.86.98	() ()
1	2606:4700:20:... 2606:4700:20::681a:61b	() ()
2	2606:4700:20:... 2606:4700:20::681a:ad1	() ()
1	3.11.176.98 3.11.176.98	() ()
359	73

9 35.185.130.121 (Taipei, Taiwan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com

storage.reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.55 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c01bcb74-500b-4f26-8402-f1714ae83cd7.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1081:1 (Germany) 1 redirects

ASN200325 (BUNNYCDN, SI)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-fra3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:de00:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3fe4ca1b9b7691af6061552287e5c162.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f7c3b059f0bdb07684081ee1204115f3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
799ab191b5c01877d7208ac2796f9804.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f13d:83:face:b00c:0:25de (Prague, Czech Republic)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-fra3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2600:9000:225b:c600:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-44.muc50.r.cloudfront.net

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.185.136.122 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 122.136.185.35.bc.googleusercontent.com

re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fd04 (United States)

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.25 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.81.203 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 203.81.160.34.bc.googleusercontent.com

www.rayskyinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:a200:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-80.muc50.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.176.174.178 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-174-178.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.201.76.93 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20c3:ae00:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-17.muc50.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.193.181.52 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-181-52.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-34.muc50.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.184.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.34 (Houzhuangzi, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.190.36.98 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.105.235.90 (Tokyo, Japan) 4 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1889-90.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.210.196.208 (Ashburn, United States) 2 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.96.203.13 (None, )

ASN- ()

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.202.187 (None, ) 2 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.37.42.132 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (None, )

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (None, ) 1 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.91.62.186 (None, ) 2 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.89.75 (None, ) 2 redirects

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.153 (None, ) 2 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.120.51.52 (None, ) 4 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (None, )

ASN- ()

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:bd1 (None, )

ASN- ()

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (None, ) 2 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.153 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (None, ) 1 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (None, )

ASN- ()

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.176.98 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	holmesmind.com 2 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 149717 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 157447 fcm.holmesmind.com — Cisco Umbrella Rank: 175417 c.holmesmind.com — Cisco Umbrella Rank: 116521 adcdn.holmesmind.com — Cisco Umbrella Rank: 163939 ad.holmesmind.com — Cisco Umbrella Rank: 121305 m.holmesmind.com — Cisco Umbrella Rank: 303135	258 KB
58	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 3fe4ca1b9b7691af6061552287e5c162.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com f7c3b059f0bdb07684081ee1204115f3.safeframe.googlesyndication.com 799ab191b5c01877d7208ac2796f9804.safeframe.googlesyndication.com a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com	465 KB
45	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 124 cm.g.doubleclick.net — Cisco Umbrella Rank: 244	872 KB
26	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 659 scontent-fra3-2.xx.fbcdn.net — Cisco Umbrella Rank: 13045 scontent-fra3-1.xx.fbcdn.net — Cisco Umbrella Rank: 12530	589 KB
20	google.com www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 107	86 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com Failed	691 KB
16	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 73284 c01bcb74-500b-4f26-8402-f1714ae83cd7.t.ssp.hinet.net	17 KB
13	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2114 bidder.criteo.com — Cisco Umbrella Rank: 742	22 KB
12	appier.net 8 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 44047 gocm.c.appier.net — Cisco Umbrella Rank: 2634	3 KB
12	reurl.cc 2 redirects reurl.cc — Cisco Umbrella Rank: 231147 storage.reurl.cc	158 KB
10	ad4m.at as.ad4m.at ad4m.at assets.ad4m.at	141 KB
8	rubiconproject.com 2 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	23 KB
8	aralego.com 2 redirects ads.aralego.com — Cisco Umbrella Rank: 29258 sync.aralego.com	5 KB
7	criteo.net static.criteo.net — Cisco Umbrella Rank: 583	97 KB
7	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	130 KB
6	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 13297	82 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	52 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	279 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1832 www.google-analytics.com — Cisco Umbrella Rank: 60	21 KB
4	bidswitch.net 4 redirects x.bidswitch.net	2 KB
4	teads.tv 2 redirects sync.teads.tv	899 B
3	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 36431 go.trvdp.com — Cisco Umbrella Rank: 32478 s.trvdp.com — Cisco Umbrella Rank: 34089	145 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1383 google-bidout-d.openx.net — Cisco Umbrella Rank: 1387	668 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	92 KB
2	onetag-sys.com 1 redirects onetag-sys.com	487 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	simpli.fi 2 redirects um.simpli.fi	1 KB
2	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18939	341 B
2	scupio.com prebid.scupio.com — Cisco Umbrella Rank: 81827	4 KB
2	re-news.tw storage.re-news.tw re-news.tw	32 KB
1	webgains.com track.webgains.com	2 KB
1	smartadserver.com ssbsync.smartadserver.com	75 B
1	mathtag.com 1 redirects sync.mathtag.com	728 B
1	adsrvr.org match.adsrvr.org	265 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	541 B
1	quantserve.com cms.quantserve.com	465 B
1	googleapis.com fonts.googleapis.com	1 KB
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 20501	717 B
1	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 28670	2 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3755	488 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5422	332 KB
1	rayskyinvest.com www.rayskyinvest.com	31 KB
1	alphaloan.co blog.alphaloan.co	181 KB
1	creditcards.com.tw creditcards.com.tw	81 KB
1	prnasia.com mma.prnasia.com — Cisco Umbrella Rank: 728019	19 KB
1	gbyhn.com.tw img.gbyhn.com.tw	129 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4835	408 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	600 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509	2 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1553	8 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	5 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 11992	729 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	85 KB
1	anymind360.com anymind360.com — Cisco Umbrella Rank: 17979	31 KB
0	webgains.team Failed cdn.track.production.webgains.team Failed
0	webgains.io Failed analytics.webgains.io Failed
359	58

	Domain	Requested by
30	cdn.holmesmind.com	securepubads.g.doubleclick.net cdn.holmesmind.com ad.holmesmind.com reurl.cc
28	pagead2.googlesyndication.com	reurl.cc pagead2.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
27	securepubads.g.doubleclick.net	reurl.cc securepubads.g.doubleclick.net www.googletagservices.com ads.aralego.com cdn.aralego.net
24	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
23	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com reurl.cc
15	cm.g.doubleclick.net	5 redirects 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com
14	www.google.com	reurl.cc www.gstatic.com www.google.com tpc.googlesyndication.com 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
13	t.ssp.hinet.net	reurl.cc cdn.holmesmind.com t.ssp.hinet.net
10	www.gstatic.com	www.google.com www.gstatic.com 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
9	reurl.cc	2 redirects reurl.cc
8	ad2.apx.appier.net	4 redirects
8	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
7	fonts.gstatic.com	www.google.com reurl.cc fonts.googleapis.com
7	static.criteo.net	securepubads.g.doubleclick.net cdn.holmesmind.com reurl.cc static.criteo.net
7	cdn.jsdelivr.net	reurl.cc securepubads.g.doubleclick.net
6	cdn.aralego.net	reurl.cc ads.aralego.com
6	c.holmesmind.com	2 redirects cdn.holmesmind.com
6	gum.criteo.com	3 redirects static.criteo.net
6	www.facebook.com	reurl.cc static.xx.fbcdn.net
6	adservice.google.com	securepubads.g.doubleclick.net
5	www.googletagservices.com	securepubads.g.doubleclick.net 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com reurl.cc
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	reurl.cc as.ad4m.at ad4m.at
4	x.bidswitch.net	4 redirects
4	sync.teads.tv	2 redirects a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com
4	eus.rubiconproject.com	ads.aralego.com eus.rubiconproject.com
4	sync.aralego.com	ads.aralego.com
4	ads.aralego.com	2 redirects ads.aralego.com
4	bidder.criteo.com	static.criteo.net
4	gocm.c.appier.net	4 redirects
4	ad.holmesmind.com	cdn.holmesmind.com
4	adcdn.holmesmind.com	cdn.holmesmind.com
4	fcm.holmesmind.com	cdn.holmesmind.com
3	c01bcb74-500b-4f26-8402-f1714ae83cd7.t.ssp.hinet.net	reurl.cc
3	mug.criteo.com	reurl.cc
3	www.google-analytics.com	reurl.cc www.google-analytics.com
3	connect.facebook.net	reurl.cc connect.facebook.net
3	storage.reurl.cc	reurl.cc
2	assets.ad4m.at	as.ad4m.at
2	onetag-sys.com	1 redirects a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com
2	ssum-sec.casalemedia.com	2 redirects
2	secure.adnxs.com	2 redirects
2	um.simpli.fi	2 redirects
2	a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	token.rubiconproject.com	eus.rubiconproject.com
2	90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	secure-assets.rubiconproject.com	2 redirects
2	prebid-asia.creativecdn.com	cdn.holmesmind.com
2	prebid.scupio.com	cdn.holmesmind.com
2	m.holmesmind.com	cdn.holmesmind.com
2	oajs.openx.net	1 redirects reurl.cc
2	region1.google-analytics.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	track.webgains.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	ssbsync.smartadserver.com	a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	prod-rtb.ad4mat.net	reurl.cc
1	match.adsrvr.org	90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
1	fonts.googleapis.com	90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
1	799ab191b5c01877d7208ac2796f9804.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	f7c3b059f0bdb07684081ee1204115f3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	rt.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	stg.truvidplayer.com	go.trvdp.com
1	go.trvdp.com	cnt.trvdp.com
1	i0.wp.com	reurl.cc
1	static.wixstatic.com	reurl.cc
1	www.rayskyinvest.com	reurl.cc
1	blog.alphaloan.co	reurl.cc
1	creditcards.com.tw	reurl.cc
1	mma.prnasia.com	reurl.cc
1	re-news.tw	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	cnt.trvdp.com	securepubads.g.doubleclick.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	www.google.de	reurl.cc
1	scontent-fra3-1.xx.fbcdn.net	www.facebook.com
1	scontent-fra3-2.xx.fbcdn.net	www.facebook.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	storage.re-news.tw	reurl.cc
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	3fe4ca1b9b7691af6061552287e5c162.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdnjs.cloudflare.com	reurl.cc
1	cdn.rawgit.com	1 redirects
1	www.googletagmanager.com	reurl.cc
1	anymind360.com	reurl.cc
0	csi.gstatic.com Failed	securepubads.g.doubleclick.net
0	cdn.track.production.webgains.team Failed	as.ad4m.at
0	analytics.webgains.io Failed	track.webgains.com
359	94

This site contains links to these domains. Also see Links.

Domain
imgus.cc
youtils.cc
shop.stock499.com
re-news.tw
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2023-05-22` - `2023-08-20`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
storage.reurl.cc GTS CA 1D4	`2023-06-21` - `2023-09-19`	3 months	crt.sh
anymind360.com R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-31` - `2023-06-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2023-06-11` - `2023-09-09`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-02-22` - `2023-09-23`	7 months	crt.sh
gbyhn.com.tw GTS CA 1P5	`2023-05-27` - `2023-08-25`	3 months	crt.sh
re-news.tw R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.prnasia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-12-08`	a year	crt.sh
tls.automattic.com R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
*.rayskyinvest.com R3	`2023-05-08` - `2023-08-06`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-05` - `2023-09-01`	6 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2022-09-02` - `2023-10-04`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-06-04` - `2023-09-02`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh

This page contains 63 frames:

Primary Page: https://reurl.cc/main/tw
Frame ID: CF5952EE48DF14A1553FECF301210128
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html
Frame ID: 3F67D7DD9A220B95ADB74DE28507EDB6
Requests: 1 HTTP requests in this frame

Frame: https://3fe4ca1b9b7691af6061552287e5c162.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 90CCFEC9464242B0675539CB2C3C507F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9999486404371312&output=html&adk=1812271804&adf=3025194257&lmt=1687391569&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687391569010&bpp=3&bdt=424&idt=158&shv=r20230620&mjsv=m202306160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4220742296030&frm=20&pv=2&ga_vid=1138288519.1687391569&ga_sid=1687391569&ga_hid=625014394&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075412%2C31075467%2C44788442&oid=2&pvsid=901328187611937&tmod=1541360663&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=180
Frame ID: 075F6D5939266F170690CAC5BFF5A135
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 68BF0E6CA4B99EB63CC09F04D84A47A0
Requests: 33 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: 07609E13B7E78F6DBEA3CF62DE7ADF6C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=xplssmr8teip
Frame ID: E7F05C60161D5E89198F8A8F2933B0ED
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-KWIzHvQinNP50ikEbI28j7vDfYwstdEuzhwYO99ErJRxr2k0JRy4zt8UaNCLjXQZlElc_sAcm27e0IJQptlG5lmypRHDqw2jTuy3X0Y2X1IJg0J_GGaSIo1wRDUf05y5zsRs9V2Ln4UHc4d4YN4tcKMc9xIiNAIp33teFZf04gSmFjTeWwgb061e1mFrD_Tzy-JYHRqL1LKExg_z_cViWs8XTH2SoHGptfa544bNl3a5vVTd-YjBXawsoAp11h6Xh7wDUtd6C4elEs8YKjoebjKWl6sdPrmadmvwiLwk-SdWuN6nmKNImqAd_pBO63r_DgNw3akzwj4tz1uyEKFhDgSpDGQ2U3T11g&sai=AMfl-YS_8kNLHb1Jvtgx9JMcyBigs8L9s4AdU-cEK8Mniii7GvWpZfBTBxFbBi8kuO96WtnZVZsh-if72h0H1B9-zinlvSTSfV7U5Z-RCQ7SjF60Y8CZk3k_HryZFqW6Q7wmUaXai5Eor4Z72gXCxuk&sig=Cg0ArKJSzFi84PpjIypLEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A39369565ABCF99D88962DBEF4353FC5
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGoxvPhLEvVMzREHCI5EYs3ppGPQCjMhM3Vf9vVN__-B0kq1XBjEnZ59mKne0IjtLdXt34CFoV8bTgEt_1kZYBIEp-rEZ_OTEIVbXxONCkyPtCtZ2ZOoAxhlLb0d9c83BTiLGUOMbNb2oYBNkHB6k094eIOdeUeC1SSpZZwdIphwPjInzHR6IbU5WnfByJOMm1bBg51CaYsDOjW9tTcbmHk66b49RG7zAuMDddl-vjDbkWZWIoca1hKDXi2P2i82Xvg6-OJjJx--cudbKIl93fb5fTznmk7owEu-8oCCs6xsx7VTw07Mq0_07nNesjty_PjJgjJKTsGGofUQtj0G8xECVp3zKR0basbg&sai=AMfl-YThP2UzymDWsuz5vgClXoXFhp_kzTB-IGGdmQzK6ZSj3rkOHq3yN8DaVkDfdZAqGPDrlkcmOp_4-ZIORewxtAFzwCS87Io92iYBzFp78OkDsmOeIiQVu1tBmziX2SN3tAySi6z9TL5MP3aVonY&sig=Cg0ArKJSzKa38rPdGUVVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 40FB86E05D4BFAF146BF8310840B2BAA
Requests: 7 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 887A0383202D42590A4E06BCD7431B9D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurdJY4Zs2xZmBBWxtDpyYv8DNpEh1uGu_3n_7g8aTcrDtG4AwCbriADtyhvKd-EWd-Fg-gUldQyjyo5n-nOjaxszDZb-EHnqLq0csy9Drhg4cOZcC5MYnf9GmQuKXHreiVkMqcCADDhFlOItIldqR_SAlTxx2XXPsUbE5EPk7XfDkeMFZa--qvmLU96XYZg1JgOwbo3O2yXVmlYMel-jEqtcw8jP4LzhxndQ6Sxxtnhj-K0swyg2LG6Pjzgym1iv2GdlKEihTWC9Rd1d7VdJt2F_A5QXbSCjs3fgcDTpopAPqHGR21BIrPbWm_a4K8hXIRBPxcHbCYwBOnKQUZjzvccTNfI3H0IQ&sai=AMfl-YS9o7c9FObr-J8BhLrsw56_uxaHwVj18nAWuc8cWUU4oXwFW3YosrdBTsmGVNU7BBnktKzqKP-DfQIEXM7lFjvWxoOvOzN6zm3dCMM0Dubmdnyrw2stfsFaidk3sw&sig=Cg0ArKJSzDRZWDxzhDk0EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 39A607F6410A5B9EA25C445759A696D5
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 287DF9C0C9079EBFB7EF6C1A546D9D3D
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 09E88376F56AD398BEEC45577B4FA53C
Requests: 7 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: B71D5E4228330ACEBC45E2F78D755F6C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 1DF2B9DFB26A42E1784E307E585B646D
Requests: 6 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: D6383D7BDE7B93334B1EC76BB40B22FA
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 0CAA2CC90D2727B3DB68F9338E5FEB5D
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 4D247E6A78E439F15D1C0F625F8AC441
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: F3500B5E519070F564253B08F76B936E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
Frame ID: A22F60C32524D1A3A7189E64B178FD2E
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 8EA01EC0291C210D6A7447BFEADB10DB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 212AC1423EA1A25D47597B42AFA27519
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Frame ID: E5E9814E589890FE6099F868DDD4433E
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: B152355E1C5A18C49AFE3A487727A6BD
Requests: 19 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Frame ID: F72D09B6BBC1A6911AC1BDE1711B702A
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: E74DFE4CA3C64BE3FF5AAF747A742752
Requests: 21 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: 21FEAFB8C6F921891FEAFBFC29E8EFC2
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 73A57E58065F9CF9191B09F6036D90C1
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: 0A5933C46390AC89D18BCCE60F4C69C6
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 1B0A64B2E161791CC5B4DE9E71E11F4E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: BA5EB418C54378E6E84B5FCF99B91401
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: E8C69780A4099A21022A0336C8C05B21
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: CD68C7FF57CABFEEDABC51745F72AC59
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3F8F3B9A980B73C7098E25BBA912E188
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6FFEC69AF1A5E2E4567405E480BA4EE8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 16C1AC317921A9D6B76FDC159F94BEAC
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: FD5884BA89F500E29B83FEB6E91D0F93
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 8832FECD58A6D7FD71B7461E21563B3C
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: DD31F1AB1E3508D54A0DE32518FEE6D9
Requests: 3 HTTP requests in this frame

Frame: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: 20C903D3038FE2E4B892699DEFDFD620
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 2A1657F2713AB24FE1F82F3308158A38
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 1E9A2331450FDC5CFBF6D62C476CE8AD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 26BA574B9B4BEAA5328EFB7CF8FFD910
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 84A0FB3DE567B9C6730816F78E8EC436
Requests: 2 HTTP requests in this frame

Frame: https://f7c3b059f0bdb07684081ee1204115f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: C3EFCA616D92C9E94F59CA9A279C4E72
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C5C2569470202499D82A024ACB4010DC
Requests: 7 HTTP requests in this frame

Frame: https://799ab191b5c01877d7208ac2796f9804.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: 5352BD6400FE2084E0BEE1BA7B680640
Requests: 1 HTTP requests in this frame

Frame: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: C2D608A3EC30415AFB66C681011BB5A5
Requests: 1 HTTP requests in this frame

Frame: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: 820C3EB976055BED8983BBC4A4AE2BFF
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E1649C7EB968E434D15D6635EDAC2DA0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C2549BFD8B083A6AEAC5F7B4CABB021C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8ABC018354741515BF749BA50C17A890
Requests: 9 HTTP requests in this frame

Frame: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: C23A9FFCD267DFDD0CCBB80D20FACFA6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E4FC6A377222F8F523A5B10934A1FFE1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 58C1D16056599DBBBF0C468FE028EE6D
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7WgNV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoE_gFP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarE6LWv4r-gRJ0aFS_P05ZIZsc1_iKSfOIm0lA9J7Stpc9p44rfD-eAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=sk9m4WpjlgI&uach_m=[UACH]&cid=CAQSOwBygQiDRgiz9SDvckM1m2ihnEf3KsbbM2Co9yAEUV0zrfubE51s1MlxWUGQl2GuJZ4ZjbDS4ow4LVJGGAE
Frame ID: C1B5D50D2BB03BA6D5016741B263735A
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kmva2eyct1yvwkfv7ypb11mfjsche82rrcprjy98js499eq42bpkf2wvv8z6hczfspce47axka7qfr74pv17x1nb96nq3hzdnmd1h124y0a9sq4vxsmda8w1k6wfzgm1j4b817kng0qn5ys3p4f2xygd0c4nr4nxc3brje9j6kzqcc9gmhns0g6pqeg7dnp7pf1qev51x2vy1jkpy1ac48zdyh4pjn40j3hy4r00swpx3gqv11v8kaaek3mr17bxewpvtz7r74g5w4vqad8rpfa11tq4qn8q5ng8jw28v7es1phgmxc8kf7f3evyqgvft96ssmjfgp8x0091vn7pj75mhrwqj8x637p8kqm35ykjxw0ad43vcsp8zmf1c1nbgd6azsrxzqrma1bwyrn0vz0s8rhcpej4aaf9sgsfresvqvds3a45xhp95jwdh5sn9pr7ejc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 1CB42EA89E67F456B194B7E3DEE3D338
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 54E9389A628C82FA67BBA8C64ED319E5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E06225491CDAA026396B63C7A30A8286
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4A1DC32754496D31A6F01669D7F33182
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js
Frame ID: 7BCE247334AD41DA1971486D39D83943
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 526522201B2AA391C1308F291CD7540C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=e403037f412ae754fd94619aa3f556f8%2F8262950622702159921&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687391576348&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz66qwqpgamjjdn9gb3bz963cb7bxnjra560r8zn1cyz85qfg94gjhmd1gy2eqfn1x8qmngy488v7tp1vr60hxftdacf1az9w6mvmkze5kxbn7a92wd73jy6qnc7y6bnq3x2xtczy9fg5h34y5k420r3wz7ax8gnq0bpnjdg0zyf1xn159zm4hfdmwcmcf8wmxtm4y20m93ezdtbdag85gpvz41tbrssqhm42srcc9mpn6pfj7645wjp9s550zs65hgrakhvpkpmnh6fs3j57rd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Frame ID: 6485BD9B3B2F2DD8D039219F9D3D663F
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

http://reurl.cc/ HTTP 301
https://reurl.cc/ HTTP 302
https://reurl.cc/main/tw Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

359
Requests

92 %
HTTPS

44 %
IPv6

58
Domains

94
Subdomains

73
IPs

8
Countries

5664 kB
Transfer

13274 kB
Size

36
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://imgus.cc/
Title: 縮圖片

Search URL Search Domain Scan URL

URL: https://youtils.cc/yt-dlp/main/zh-hants
Title: 下載youtube

Search URL Search Domain Scan URL

URL: https://shop.stock499.com/499?utm_source=reurl&utm_medium=banner&utm_campaign=stock499_300x250_3.png

Search URL Search Domain Scan URL

URL: https://shop.stock499.com/499?utm_source=reurl&utm_medium=banner&utm_campaign=stock499_720x90_3.png

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: 什麼是utm?

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/49455

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/41272

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/4133519_XG33519_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/262247

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/20451

Search URL Search Domain Scan URL

URL: https://re-news.tw/rayskyinvest/98223

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/643372f4ae3afc3372568f7b

Search URL Search Domain Scan URL

URL: https://re-news.tw/renews/151

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/14027

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/password/zh-Hants
Title: 密碼序號產生器

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://reurl.cc/ HTTP 301
https://reurl.cc/ HTTP 302
https://reurl.cc/main/tw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js HTTP 301
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

Request Chain 45

https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rid=esp&cc=1

Request Chain 69

https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=YhTO-3xPTXdEOXp5bXBtNnRWaHA3eTMrR2pjS2duSjlWOUFnaU5hSHFQN1NZS09rT0x6UW0zVk1ua3JLajVXUnF6OWdHZDNkMUl2SVRqVTJZTVArQjB3TGU0TjIrS0xFTVYya2krei9MK0NlUHR4MTM3L0U5UEFRYUpPWCt5NGt2alE0OGxOc1BPaTVtK0lrU0dBVHRqYllzOVhaYWttaVcrKy9iRG9hSENOZ0xvYjYxSFpOSWt5QmVpNTdzL3k3Y0N2M1NuQmdwTTdJQVNZT2p5SzB1b3d4WlRuN0FVenNZSDVRSEFlYjU2K1puRnZ2VTV1alhYbDNtT3dZSUI4bE1LRGNXVkhrYmJ0MnY4UExOMS9rMm5UelI5dz09fA&cppv=2

Request Chain 118

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 120

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=204924-CdtJdDVi3MpiXHkXJhmcfjCHjugHSTle&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=204924-CdtJdDVi3MpiXHkXJhmcfjCHjugHSTle&uu_m=undefined&google_gid=CAESEDzIe7n0WyPVhmMJnq1g-oY&google_cver=1

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=204924-CdtJdDVi3MpiXHkXJhmcfjCHjugHSTle&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=204924-CdtJdDVi3MpiXHkXJhmcfjCHjugHSTle&uu_m=undefined&google_gid=CAESEDzIe7n0WyPVhmMJnq1g-oY&google_cver=1

Request Chain 192

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=D9KENXFuD2iVjQDTVY2TZA

Request Chain 193

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=1LL3wZBMCyWWwOSQVY2TZA

Request Chain 205

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=FkpGNgfKABWoY7fHVY2TZA

Request Chain 206

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=MD2NX4uJDUC-jGokVY2TZA

Request Chain 226

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=n_eAvl9BUE4zdEdGclo1MTk5RHg0ZWNuRkJBdUxzWHlQM0dxVkwxRFVZTE1OSWdYYm9Ec2tqZ2dOdXdmWWg5Z1MlMkJpb29MSm16Smx2M01FWjFNTmw2c1BOJTJGRyUyRkdEOWphNWJpOW1lVWdPJTJGZXQ4RkFFcVBzb0IyTXBGUmdiZm94TU9BZyUyQmd3ZmlvRm5kc292bFpBZSUyQm55Z1l2dXclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=wdHCUHxHSzJKSTVkdnk5YkFqWjh5T1R0b1UzMXVMblFWb3VLVThjNndHbnZueCtvTlBoT3VDc24rZ09YbHlzL2xmM3MxOTVZd0VaeGhhZTdnb1ppc0MzRHBhZGxZZWxNUUp1NHBqTnUwSEszdmxmbXRCK3ViaFNxdzRGQVVtRTdQZUx0NzFyZ0Ewaks0azJBMUVvanNvUlNDSGE2V1VKZXNkUHk3R3BNUjNYWEtBZjhiQ1FPSDhJaVREeGN1TEM4OFZtNXVBNW0wSldGQm9wb3AzcTBYcCthcWlBUU5YYmFpSi96U3VSZEkybzIyMkVMMUxPYk4rSFFsYnBVeHJPM1E5WTFCVzB5REI3RktKYk44NVVXZUJiSHMxQ1Ztdi9qVllHd2JKeEdDYTFtNXBTdz18&cppv=2

Request Chain 227

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 228

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=n_eAvl9BUE4zdEdGclo1MTk5RHg0ZWNuRkJBdUxzWHlQM0dxVkwxRFVZTE1OSWdYYm9Ec2tqZ2dOdXdmWWg5Z1MlMkJpb29MSm16Smx2M01FWjFNTmw2c1BOJTJGRyUyRkdEOWphNWJpOW1lVWdPJTJGZXQ4RkFFcVBzb0IyTXBGUmdiZm94TU9BZyUyQmd3ZmlvRm5kc292bFpBZSUyQm55Z1l2dXclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=sVGXH3xNWHN2VVYwQjNDZWlqQTVaRGtzTnVhUHBQYW9HbDNUNWVWbWw4WFpYWHdvS3BYK3FZYWFKL1RiMlFpMmpxT0RldzZ5YzlBVjdrS3JNNXNhak43T0Rya1JmK2tzWWxUbURqQ1lXR2FMb3JTU0tsUzJvMXhxdkdtc0poRHUzdld2Y3RWbGxMUGoxdlQ4b25CUENFbG9iTUdFM3I4bjRHeUtHcEVLNFlJSHcrenFYVWhhcnorMWZWdlFHdVlRL1ZCVWcxWmppM3RrT1hZRS92VXNkM2xDQVZxK0c5QzR6UGhMYmJmNWw0cEt5czBCVHJCSTZ2SWxTTk1jcUtyMmttczk0bmdOWmYrSTdWeXcveWVLU0U0bkZZQT09fA&cppv=2

Request Chain 235

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 248

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 259

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 309

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEL_UsDi31DNX3MrWTuh712Q&google_cver=1&google_push=ATf1kGMzHoI5c8vKfpCWesDc5kNmhs_7cKzb2y3JEEO3TKBPz6mOivcUv3ETAHO5M8Ba8qmur2IUvqAVCFzxV2z5rD7XRIgKhw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL_UsDi31DNX3MrWTuh712Q&google_push=ATf1kGMzHoI5c8vKfpCWesDc5kNmhs_7cKzb2y3JEEO3TKBPz6mOivcUv3ETAHO5M8Ba8qmur2IUvqAVCFzxV2z5rD7XRIgKhw

Request Chain 310

https://um.simpli.fi/gp_match?google_gid=CAESEESrX7ZGl9UyE0T2kv1o_m8&google_cver=1&google_push=ATf1kGOlR7aJ84zxHPg-Zja8MfQoaXUQEe7Z5EWy8dcADfKYVcKuAEiyXxSoW1AxHT5-ZgzC06BozAbNMpvHCcjC1mDSlVDK8tQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8214D880E4AE426E9A15AEF150EFB89E&google_push=ATf1kGOlR7aJ84zxHPg-Zja8MfQoaXUQEe7Z5EWy8dcADfKYVcKuAEiyXxSoW1AxHT5-ZgzC06BozAbNMpvHCcjC1mDSlVDK8tQ

Request Chain 312

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELRitn9AwGxBWjtuVUZCJDM&google_cver=1&google_push=ATf1kGNN2QsauDsX6A0eup3B6kbL4jkYxLmKu_Z10x8xvdolc3q-GmnWiHKFTCO8nww1hqMUSKEhW1RrBDAH1kBI5BEXmEoaIp8Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGNN2QsauDsX6A0eup3B6kbL4jkYxLmKu_Z10x8xvdolc3q-GmnWiHKFTCO8nww1hqMUSKEhW1RrBDAH1kBI5BEXmEoaIp8Y HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 313

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGOHvqi44wu0IjEsLPSPJeY&google_cver=1&google_push=ATf1kGNneu27IWk9DqwqrKTUP8Yfcc89gBbWa-91zZRfGwlu2ZSKuxlE9S4MyvWhNX8TmU_uw2w0yVP7Z_VgGlo-Vvij6C2zSOkA HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEGOHvqi44wu0IjEsLPSPJeY%26google_cver%3D1%26google_push%3DATf1kGNneu27IWk9DqwqrKTUP8Yfcc89gBbWa-91zZRfGwlu2ZSKuxlE9S4MyvWhNX8TmU_uw2w0yVP7Z_VgGlo-Vvij6C2zSOkA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDAxMjUwODI5MzA0MzE4NjMwMw%3D%3D&google_gid=CAESEGOHvqi44wu0IjEsLPSPJeY&google_cver=1&google_push=ATf1kGNneu27IWk9DqwqrKTUP8Yfcc89gBbWa-91zZRfGwlu2ZSKuxlE9S4MyvWhNX8TmU_uw2w0yVP7Z_VgGlo-Vvij6C2zSOkA

Request Chain 314

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEtZYM88OJPXPgFqgkQzArY&google_cver=1&google_push=ATf1kGMxEeTEasak9Un0TiO6DCQzlda8vqUC0uc5uEukB3ehG8x4ZB1GKyz388iSPDfIi0mIU02QpsELXRCRwjDJK7vY9ZGj5pU HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEtZYM88OJPXPgFqgkQzArY&google_cver=1&google_push=ATf1kGMxEeTEasak9Un0TiO6DCQzlda8vqUC0uc5uEukB3ehG8x4ZB1GKyz388iSPDfIi0mIU02QpsELXRCRwjDJK7vY9ZGj5pU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ed2c029d-a764-47b1-bb30-13fdec35ad26&%%GOOGLE_PUSH_PAIR%%

Request Chain 331

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKVbMNJsWzalt0Kek75miBg&google_cver=1&google_push=ATf1kGOBZ3M0CoOCIp0thOmWjEAcACjvnwvRtlf-xfaxCqrvPiu_3Xphxl1Hv77Ru-vBlFtVa17FY_rC4r1aaXQ1NDHymC9QhLM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOBZ3M0CoOCIp0thOmWjEAcACjvnwvRtlf-xfaxCqrvPiu_3Xphxl1Hv77Ru-vBlFtVa17FY_rC4r1aaXQ1NDHymC9QhLM

Request Chain 332

https://um.simpli.fi/gp_match?google_gid=CAESEESrX7ZGl9UyE0T2kv1o_m8&google_cver=1&google_push=ATf1kGNLcbL8HEavlkXqxiHs8rjJ2KEo88oL-a5JAqRiahoQagyZShyMSio_Mmzi7iSUAeIVoZAnOmzwL8_NxqPRDdEGjFLsFAI- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A33D6510709842E5AAE96B11ADD046C8&google_push=ATf1kGNLcbL8HEavlkXqxiHs8rjJ2KEo88oL-a5JAqRiahoQagyZShyMSio_Mmzi7iSUAeIVoZAnOmzwL8_NxqPRDdEGjFLsFAI-

Request Chain 333

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJLPfqn0OI8t0mG3VF2_-3k&google_cver=1&google_push=ATf1kGNbjpt27GJGoXk84aOkCiGarrI_zu6WK6AHb7lkY7TCYTky-AuZwQvaTrtRWiR8pR-Z8El-9iozB8HM2aVoT9yZKCgt0x4 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJLPfqn0OI8t0mG3VF2_-3k&google_push=ATf1kGNbjpt27GJGoXk84aOkCiGarrI_zu6WK6AHb7lkY7TCYTky-AuZwQvaTrtRWiR8pR-Z8El-9iozB8HM2aVoT9yZKCgt0x4&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJLPfqn0OI8t0mG3VF2_-3k&google_hm=ZJONV0Ow6a_o3aco72DGTAAADFoAAAIB&google_nid=index&google_push=ATf1kGNbjpt27GJGoXk84aOkCiGarrI_zu6WK6AHb7lkY7TCYTky-AuZwQvaTrtRWiR8pR-Z8El-9iozB8HM2aVoT9yZKCgt0x4

Request Chain 335

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPhFyq65bvwPpCuXRBmF1qY&google_cver=1&google_push=ATf1kGM2mRvXw-1VIbQQmvrqK-jeKGgjuMwlS-hsc4rSTdPXYEOrH48o3xGE6pXo_ehGniQ05g5p8HddUMxwzZzyv3lbqpC-BJtV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM2mRvXw-1VIbQQmvrqK-jeKGgjuMwlS-hsc4rSTdPXYEOrH48o3xGE6pXo_ehGniQ05g5p8HddUMxwzZzyv3lbqpC-BJtV HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 336

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELRitn9AwGxBWjtuVUZCJDM&google_cver=1&google_push=ATf1kGPZ0L3b4k0QxkGWcE6ISEQcZwMK_7lrQPW-a_tUQtFvMDUWfihsBfZbJ9sJLvWrIrKA2j9PSnwwgn_wPHkBpW6g9ezBgmD4JQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPZ0L3b4k0QxkGWcE6ISEQcZwMK_7lrQPW-a_tUQtFvMDUWfihsBfZbJ9sJLvWrIrKA2j9PSnwwgn_wPHkBpW6g9ezBgmD4JQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 337

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEtZYM88OJPXPgFqgkQzArY&google_cver=1&google_push=ATf1kGPWsvTWnP5dtZ2o_IMmEtRa2sL_xBQ4dQZKbp8J0OsPZSGHDX0mpFJdEz9EsbynBClkzTJKUzfHYZ3mBfDR7aoOCee3JzFKnA HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEtZYM88OJPXPgFqgkQzArY&google_cver=1&google_push=ATf1kGPWsvTWnP5dtZ2o_IMmEtRa2sL_xBQ4dQZKbp8J0OsPZSGHDX0mpFJdEz9EsbynBClkzTJKUzfHYZ3mBfDR7aoOCee3JzFKnA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ed2c029d-a764-47b1-bb30-13fdec35ad26&%%GOOGLE_PUSH_PAIR%%

359 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tw Show response
reurl.cc/main/
Redirect Chain

http://reurl.cc/
https://reurl.cc/
https://reurl.cc/main/tw

15 KB
5 KB

263ms
263ms

Document
text/html

35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c0b077eea50c9e0b054c57ca0b4816e6b0bc28e333089a29ad4158f7de4c9f45

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 23:52:48 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

Redirect headers

content-length: 31
content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 23:52:48 GMT
location: /main/tw
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
25 KB 68ms
19ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 23:52:48 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4401274
x-jsd-version: 4.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25648
x-served-by: cache-fra-etou8220048-FRA
x-jsd-version-type: version
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
storage.reurl.cc/stylesheets/rwd/ 2 KB
1 KB 79ms
22ms Stylesheet
text/css 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/stylesheets/rwd/style.css
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:20:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 23546
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public,max-age=28800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 918

GET
H2 200 ats.js Show response
anymind360.com/js/9479/ 124 KB
31 KB 212ms
22ms Script
application/javascript 151.101.129.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/9479/ats.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3d9a612f852ba9f3564e53516bcd21b0283341c3b3655c3f439f2e84bdc4faa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Tue, 20 Jun 2023 18:42:42 GMT
date: Wed, 21 Jun 2023 23:52:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 105006
x-guploader-uploadid: ADPycduNbFjjiPTqR9PEDiRWFkkT2_XrTpXPPYN4bYu-XEgMImQUUtHZriG8h-o-4h6BAlOFsPEg9YJCK0IBbCfEKEBymA
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31540
x-served-by: cache-tyo11954-TYO, cache-fra-eddf8230084-FRA
last-modified: Thu, 20 Apr 2023 06:30:15 GMT
server: UploadServer
x-timer: S1687391569.785276,VS0,VE1
etag: "952e4c8d56156d3e3cc5e40a9b199ed2"
vary: Accept-Encoding
x-goog-generation: 1681972215759031
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=h0V3+Q==, md5=lS5MjVYVbT48xeQKmxme0g==
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 31540
accept-ranges: bytes
x-cache-hits: 637, 1

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
46 KB 96ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9999486404371312

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

757df19f9f00e3c358e6f9b89ffdd2d462557810471182a4ae656c5d2aa378cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Origin: https://reurl.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47089
x-xss-protection: 0
server: cafe
etag: 11819721935730944146
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:52:48 GMT

GET
H2 200 pixel.js Show response
reurl.cc/javascripts/ 429 B
524 B 262ms
262ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:48 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-1ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Thu, 20 Jun 2024 23:52:48 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 5 KB
3 KB 986ms
249ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 22 Jun 2023 00:02:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
85 KB 89ms
38ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54599319e06f10619877473e0d5fa1247333e265ef38776ec8f00560d0dceba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86668
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Jun 2023 23:52:48 GMT

GET
H3

200

clipboard.min.js Show response
cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/
Redirect Chain

https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

11 KB
4 KB

23ms
22ms

Script
application/javascript

2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6188294
x-jsd-version: 1.7.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3571
x-served-by: cache-fra-etou8220115-FRA
x-jsd-version-type: version
etag: W/"2aa5-qeaI8MJlRinRJjDbMhGpT3WiLLY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

date: Wed, 21 Jun 2023 23:52:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 864
age: 14446
x-cache: MISS, HIT
cdn-cachedat: 06/21/2023 23:52:49
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 113
x-served-by: cache-fra-eddf8230071-FRA, cache-chi-kigq8000171-CHI
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 301
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers: *
cache-control: public, max-age=2592000
cdn-cache: EXPIRED
cdn-requestid: 1b26996c27f8c35add7732eff97b49cc
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 13 KB
5 KB 73ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8084299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4224
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6a-3580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3afuyFr3kGsNO8lmUKjiRliWOGF0arqq4dLSpoYQGdmQ1Gb8LKvPuGyIh7j7b8dDTls54QuG4DJLxnyPY0boSHpZj6T7cZwqD5uBpC17VcgmFw0IIh%2F69iCWVqfv%2BHgOSmP79pZ3WkuHuZvsKsIzrin9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7db02ad9a9379b58-FRA
expires: Mon, 10 Jun 2024 23:52:48 GMT

GET
H3 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.net/npm/sweetalert2@9/dist/ 66 KB
19 KB 39ms
37ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@9/dist/sweetalert2.all.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 23:52:48 GMT
x-content-type-options: nosniff
content-encoding: br
age: 40947
x-jsd-version: 9.17.4
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18790
x-served-by: cache-fra-etou8220115-FRA
x-jsd-version-type: version
etag: W/"1080d-uB5K/9b4efMtYCfkBM9HcldmPDk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 FileSaver.js Show response
reurl.cc/javascripts/ 4 KB
2 KB 519ms
517ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/FileSaver.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5ad88988f5871797f8a6ae266d8cf7449aaaa85007064bf7fcc256abb80b39d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:48 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-efa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Thu, 20 Jun 2024 23:52:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 108ms
52ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0c848867b9c9f41b3b680d67b4f6b1bb3b07bc4efda44e4e43a0f48c98b3fb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48244
x-xss-protection: 0
server: cafe
etag: 12333135122806937636
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:52:48 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 103ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed43f477b638a5b66000d5ac48b187ea28c499c62a233e7bc7aba1fb6b9567e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26701
x-xss-protection: 0
server: cafe
etag: 134 / 19529 / 31075546 / config-hash: 4269681316764798759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:52:48 GMT

GET
H2 200 stock499_300x250_3.png
storage.reurl.cc/images/ 70 KB
71 KB 288ms
286ms Image
image/png 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.reurl.cc/images/stock499_300x250_3.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 29e4e16d3198163f2b0c956fa4eeac49bd6df01a3086a7b2b48883d8e86837b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:42:34 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 14 Jun 2023 14:59:26 GMT
age: 615
vary: Accept-Encoding
content-type: image/png; charset=UTF-8
cache-control: public,max-age=28800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72121

GET
H2 200 stock499_720x90_3.png
storage.reurl.cc/images/ 68 KB
69 KB 324ms
322ms Image
image/png 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.reurl.cc/images/stock499_720x90_3.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 9919bdcf392ccc6c02a6b13de955e3b72224855c5e2e755b81cee22bef8058bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 14 Jun 2023 14:59:26 GMT
vary: Accept-Encoding
content-type: image/png; charset=UTF-8
cache-control: public,max-age=28800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.4.1/dist/ 86 KB
32 KB 20ms
19ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.4.1/dist/jquery.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 23:52:48 GMT
x-content-type-options: nosniff
content-encoding: br
age: 433342
x-jsd-version: 3.4.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32472
x-served-by: cache-fra-etou8220048-FRA
x-jsd-version-type: version
etag: W/"15851-iFI5JDUbrAtdVg/gxXgeJVbnaT0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/ 59 KB
17 KB 21ms
21ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 23:52:48 GMT
x-content-type-options: nosniff
content-encoding: br
age: 154724
x-jsd-version: 4.4.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17008
x-served-by: cache-fra-etou8220115-FRA
x-jsd-version-type: version
etag: W/"ea6a-s8EWxl5vBTqqtF5WGaeOwAJxpQ8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
33 KB 20ms
20ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 23:52:48 GMT
x-content-type-options: nosniff
content-encoding: br
age: 577875
x-jsd-version: 2.5.16
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33184
x-served-by: cache-fra-etou8220115-FRA
x-jsd-version-type: version
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 vue-qrcode.min.js Show response
reurl.cc/javascripts/ 18 KB
7 KB 262ms
261ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/vue-qrcode.min.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0165c15a2bedf362f02f1dd1835b5c625faa48d7c0807de80cc4dd3ca40de809

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:48 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-46e9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Thu, 20 Jun 2024 23:52:48 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
875 B 82ms
30ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

20a78167d8c88d7e1d3917f78d9e664a4693b384f294fbaa496283f7656c7dce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 1; mode=block
expires: Wed, 21 Jun 2023 23:52:48 GMT

GET
H2 200 main.js Show response
reurl.cc/javascripts/ 3 KB
1 KB 265ms
260ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/main.js?v=15
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f49ee6865adfa19b7a80104eeeea91a42b07dc3f9bcef001ccb142da35f4ede8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:48 GMT
content-encoding: gzip
last-modified: Sat, 01 Oct 2022 01:29:32 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"633797fc-bce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Thu, 20 Jun 2024 23:52:48 GMT

GET
H2 200 renews.js Show response
reurl.cc/javascripts/ 412 B
493 B 264ms
261ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:48 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-19c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Thu, 20 Jun 2024 23:52:48 GMT

GET
H2 200 ga2.js Show response
reurl.cc/javascripts/ 536 B
550 B 264ms
262ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/ga2.js?v=2
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:48 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-218"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Thu, 20 Jun 2024 23:52:48 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 112 KB
29 KB 88ms
20ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9d9c248d1c87f59c7f19b198c5ed7310a4bfd0f57759dd87d649b00ec9fdb5b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Jun 2023 23:52:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28296
x-xss-protection: 0
pragma: public
x-fb-debug: d1DrIqI6bDMSY+PEiplwnBk5Swmby3tX/wRLk6+42JnQgyMZZRmfPhx49c5d3GRX/SQniBNx9/y/t+an+K742w==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 150 KB
42 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.108&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86e28e0666f518e6ca5a7bae09bde3ae6c88e74f7be7e6b61de7b30f33bbb964

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Jun 2023 23:52:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 42852
x-xss-protection: 0
pragma: public
x-fb-debug: H17bGkQvycckty19umzQMtr6netjrOY0rJ7RUW8AoTUhiaXNZ2C8f2YHawVHgsD5lUkGL5rpFKWaIDDlG2NBzQ==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/ 393 KB
125 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

923ac60ae2b51d9cb2025f34d30e8188c5bdfb61e04f7d5c88908b56800c7ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47803
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127691
x-xss-protection: 0
server: cafe
etag: 13681810057703077335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 20 Jun 2024 10:36:06 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160101/ 352 KB
118 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9999486404371312&plah=reurl.cc&bust=31075467

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9999486404371312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a3a8ee1e9514affafdb69f1d7bf89b4762af1ddd13113ff3ef77113f3de0f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120819
x-xss-protection: 0
server: cafe
etag: 3032149255224754485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:52:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/ Frame 3F67 10 KB
5 KB 71ms
20ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9999486404371312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2596
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:09:33 GMT
etag: 15057649708203361565
expires: Wed, 05 Jul 2023 23:09:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 80ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je36e2&_p=625014394&cid=1138288519.1687391569&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687391569&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 71 KB
21 KB 20ms
20ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Jun 2023 23:52:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21675
x-xss-protection: 0
pragma: public
x-fb-debug: xXLXeQ89s8VGD+nUH5N/SodC2nGjwp7iIBISpSBPRiAr02+Umt3tEASYs3xFfoaAkm0D1/IvZ5fcrkHzJRvgpw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 104ms
28ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 67ms
20ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 12:24:20 GMT
content-encoding: gzip
age: 386909
x-guploader-uploadid: ADPycdsuws19q6gut2HVw5Cbtoy2R9nMFWEkfsW4j28cg71BlAh_maBVLR9J0a9wek9aI3l80Gjw2adcfLZSJ2do6Qt7pQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 16 Jun 2024 12:24:20 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
795 B 22ms
21ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1986
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-etou8220115-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 99ms
21ms Script
text/javascript 2600:9000:2250:de00:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:de00:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
Date: Wed, 21 Jun 2023 05:58:55 GMT
Via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 64435
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: _E8GeWBGeijIqrE1WbZfRoiAHlB1L7cM23J9Hz6uynHoTnI-Qr9dZQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 166ms
66ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 22 Jun 2023 23:52:49 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
13 KB 341ms
340ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=901328187611937&correlator=372205839438373&eid=31075026%2C31075546%2C31075028&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13858%2C13860&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x250%2C300x250&ifi=2&adks=2988576075%2C3475397127&sfv=1-0-40&cust_params=url%3D%252Fmain%252Ftw%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1687391569128&lmt=1687391569&dlt=1687391568586&idt=510&adxs=245%2C815&adys=460%2C460&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&frm=20&vis=1&psz=570x250%7C570x250&msz=540x250%7C540x250&fws=0%2C0&ohw=0%2C0&ga_vid=1138288519.1687391569&ga_sid=1687391569&ga_hid=625014394&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY4YmAg44xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOGJgIOOMUgAUgIIZBIUCgVvcGVueBjgiYCDjjFIAFICCGQSGQoKdWlkYXBpLmNvbRjhiYCDjjFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8832a0ab9fbedbc095db1673eb945964f6ea6185f665c210130e38a757a5a8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13242
x-xss-protection: 0
google-lineitem-id: 6298577756,6295930452
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138432370208,138433089508
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3fe4ca1b9b7691af6061552287e5c162.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 90CC 6 KB
3 KB 127ms
28ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3fe4ca1b9b7691af6061552287e5c162.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:49 GMT
expires: Thu, 20 Jun 2024 23:52:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
600 B 90ms
28ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-9999486404371312

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9999486404371312&plah=reurl.cc&bust=31075467

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

866fc88eb099deb7389ec3373dac9b521c5c3e03afdde0b1c4bbe607e61ee2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-expand-lg%20navbar-dark%20bg-reurl%20fixed-top%20nav-no-padding&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 075F 603 B
245 B 75ms
74ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9999486404371312&output=html&adk=1812271804&adf=3025194257&lmt=1687391569&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687391569010&bpp=3&bdt=424&idt=158&shv=r20230620&mjsv=m202306160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4220742296030&frm=20&pv=2&ga_vid=1138288519.1687391569&ga_sid=1687391569&ga_hid=625014394&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075412%2C31075467%2C44788442&oid=2&pvsid=901328187611937&tmod=1541360663&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=180

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:49 GMT
expires: Wed, 21 Jun 2023 23:52:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 104ms
33ms Image
text/plain 2a03:2880:f13d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rl=&if=false&ts=1687391569205&sw=1600&sh=1200&v=2.9.108&r=stable&ec=0&o=28&fbp=fb.1.1687391569203.1501194056&cs_est=true&it=1687391568982&coo=false&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Jun 2023 23:52:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ 430 KB
173 KB 80ms
21ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Origin: https://reurl.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 20:16:17 GMT

GET
H2 200 feeds Show response
storage.re-news.tw/ 8 KB
8 KB 470ms
287ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 44ead2bf273e09f7d836ec46d6ed6a856ecdd1ee544b0be7eab75e1763088144

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1eb2-7MzlySulGGTyUo1kcLUdlOu3/Oo"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7858

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
20ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 22:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4647
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 22 Jun 2023 00:35:22 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 68BF 93 KB
27 KB 164ms
125ms Document
text/html 2a03:2880:f13d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

92d3fe1b9192f0e991eb6ed9421b2faf6722740f6a056df9a326574325d85272

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:49 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: n0CwoiQXNyniN9Gp9kmTk4ImWBWVjgWKT868ftQ3eW+ePySN2wWU9aUPVEIkp5DL7Bam3qP5SxrjvHuesZfu9Q==
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rid=esp&cc=1

85 B
202 B

139ms
138ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rid=esp&cc=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: acf2315cf4ec52d9fcf59650288d70f8a1d678d9c961466e844a55cdb3012278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-ZoiGIknP0sF6DgndS0mYWRsetV0"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 21 Jun 2023 23:52:49 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://reurl.cc
location: /esp?url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 30ms
29ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 328ms
328ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=901328187611937&correlator=372205839438373&eid=31075026%2C31075546%2C31075028&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=4&adks=3261691140&sfv=1-0-40&cust_params=url%3D%252Fmain%252Ftw%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1687391569299&lmt=1687391569&dlt=1687391568586&idt=510&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&frm=20&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=1138288519.1687391569&ga_sid=1687391569&ga_hid=625014394&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231601870aa05fe4984692f1da731878e254343bab9247496c0bd03104571442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11823
x-xss-protection: 0
google-lineitem-id: 6263003938
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138428653768
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0760 15 KB
6 KB 143ms
38ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 293177
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
142 B 31ms
30ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=625014394&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1048124537&gjid=718026544&cid=1138288519.1687391569&tid=UA-102456694-1&_gid=83471657.1687391569&_r=1&_slc=1&z=974746767

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 24ms
24ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=625014394&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=0&el=MjE3LjExNC4yMTguMjc&ev=1&_u=IADAAEABAAAAACAAI~&jid=&gjid=&cid=1138288519.1687391569&tid=UA-102456694-1&_gid=83471657.1687391569&z=572711242

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 12:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42235
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
344 B 115ms
27ms XHR
text/plain 2a00:1450:400c:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=1138288519.1687391569&jid=1048124537&gjid=718026544&_gid=83471657.1687391569&_u=IADAAEAAAAAAACAAI~&z=1720065764

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gHVKg_8u4Ap.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 68BF 22 KB
6 KB 100ms
34ms Stylesheet
text/css 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/gHVKg_8u4Ap.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5405641a82a2f8ea2c21a47bbe17d3a8cd12cb272974f4ef396ea8075363c109

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 07YOi88XTcn+kUQPw7aQEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5713
x-fb-debug: NbgYJbyTGk0jA324+7f+kQFXLxudiv6yTV03K7l3dGiBCGyP6QX8r4f9GPEsNCqW8L5s2zKNcs89zNoy8ARkSA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 18 Jun 2024 18:00:24 GMT

GET
H2 200 5Efu-Dd9ERG.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame 68BF 33 KB
7 KB 86ms
20ms Stylesheet
text/css 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fl5R7gBdn+7q3joF/eO71w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6398
x-fb-rlafr: 0
x-fb-debug: uAzgWGf9gg+qrw3oPOVrGvWV/bZnqTxolI2jzFoyi7Y90qivglodXAfhl6e09j9KYQ/IBLSLnINmtbQH3fsYfA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 08 Jun 2024 15:20:43 GMT

GET
H2 200 Z3z_FHVXFFA.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame 68BF 20 KB
5 KB 86ms
20ms Stylesheet
text/css 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/Z3z_FHVXFFA.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78b0a06030378d763f8c3a76d6fc981f1e00b94adee2ba40ad533482644a574f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hKlEf3/4BItETsqSoSXBUQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4580
x-fb-debug: OdIGyGznxUEHF8p/pGuLjBVzi/C4UvxZFbUaEDRPxRiC7zxVZAOIX6o94hln9Q0FdTiMbOuvTGAzEIPg+jzb2Q==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 18 Jun 2024 18:00:28 GMT

GET
H2 200 bqgSUx3PwMB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 68BF 321 KB
84 KB 140ms
75ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/bqgSUx3PwMB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

923488cde5c00539e3d3a4eb3cdfd2b29310da7996dc3350da079e3245f3b94d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 01rZlWwLYJYG2lMGqoGQ2w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85933
x-fb-debug: TWQ+q0/5ppFCHwzAu1t7J4GUs07VWdtx8ixJwQ7XTtxpoEmonxisuCjDGB6tzPoc15trx0s+mbl7sN2p/xFBYg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 20 Jun 2024 22:11:14 GMT

GET
H2 200 qNTnhmBsX4_.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 68BF 85 KB
26 KB 100ms
35ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/qNTnhmBsX4_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60b4c8697c73df4d71743a99e6f78f0d9f62a2c8eea3bc1b59319adf52ba1348

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pRhjWPqrXDrbjQxIFg6X9A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26131
x-fb-rlafr: 0
x-fb-debug: SSncufmvYNrJrOqlFux4MMh5zxNkFRZR5inQYWTB70xwsCvrIToXDTYTrb7SGN0klZXDWUCyeYBmOGyqKi62PA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 12 Jun 2024 05:43:54 GMT

GET
H2 200 38tLHa-GDLn.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLNf4/yS/l/de_DE/ Frame 68BF 234 KB
66 KB 99ms
34ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLNf4/yS/l/de_DE/38tLHa-GDLn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1b04074e2c31fc977c4c2a463b3839966b5eb6946a7823eebc795278c7e95c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DgWrrf93AjlheP41B9zRlQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 67228
x-fb-debug: KF8v5m+JWVtGDqW+upJAgJshCw98DGWdVvYp/IVHli4ygPkEZWnwvgSsPLoppYW31pDd9QuegKGZamZbFqPmeQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 16 Jun 2024 01:17:18 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 68BF 507 B
487 B 100ms
35ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: 9vFzsu7jU3Iy/HZ4ugEWyDrZb4Eze3j9zgtm8VQt0ddkVGfhBIMThgvrNy/nIj/Uihk/TS/IL6xD36UDUHRElg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 08 Jun 2024 15:20:16 GMT

GET
H2 200 RCW6h_5U8Bd.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yO/l/de_DE/ Frame 68BF 104 KB
30 KB 141ms
76ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yO/l/de_DE/RCW6h_5U8Bd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3970d64493daf2ddc2860fbaefdf2a9cd83c7ad22ca8c66b01164649deba787d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3O9siQO90v5jLrNJekIJLw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30675
x-fb-rlafr: 0
x-fb-debug: OQsfL5fFeZr4C7QJyHiM9b+6YsvF/n9Et+czhvCPxksSYnBxrMb7YXmtYTnXWIlqQjqqasiNLlUKUC4Vg+ltlw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:47:12 GMT

GET
H2 200 A51MPrPHTbq.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 68BF 63 KB
17 KB 141ms
76ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/A51MPrPHTbq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67e0b190ce0f7b6811c629b0b3ec28c8a6458101b5a2e51a859493601b2b32a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ivcnLRWHrpH+3t5wsh0CEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17596
x-fb-debug: DvjZwdkvQOlwJFGsez5U+TYRjOlKVfLDqhwCxSHlVdkzXSpVFy8FsCXsAZ5Yb/LpVPuzlFo2c9tU0LGMd3Shug==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 16 Jun 2024 18:04:50 GMT

GET
H2 200 RkOmhQjOlwf.js Show response
static.xx.fbcdn.net/rsrc.php/v3iFDQ4/yb/l/de_DE/ Frame 68BF 342 KB
81 KB 141ms
76ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iFDQ4/yb/l/de_DE/RkOmhQjOlwf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76af87dd66f4d56280df8478271dc2a505d1a7fd9c65c7e2215a22a3f656019d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YGSH6yV6yBkMXU2EkiAnHQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 82819
x-fb-debug: sXxZIzk1SEkG2oGLXZ3ozoJNJFevtXiXdSb+xrs+pgFoEZ+UbDtMzVd7JdzgakVfPOVBYUDOC/SFpK38hgqwnQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 13 Jun 2024 01:37:59 GMT

GET
H2 200 -eta1g6FLOh.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUWb4/yX/l/de_DE/ Frame 68BF 390 KB
92 KB 168ms
103ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUWb4/yX/l/de_DE/-eta1g6FLOh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

865f95c6a053b2c70fc3add16e84645e1ba02c45ee62b6382b260c23dc5ac8e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4vW+M7+pkv7yMUmDsKvNKw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93662
x-fb-debug: Yed++kA8yolTegLiAEqsLpGWyLDU7m10vc+gQlq8zxKLAUP7v3WIo7o9jGKMdKkPbrou2qiLd1UnEzaRzaGIGA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 20 Jun 2024 21:12:25 GMT

GET
H2 200 kkIRk0lOQLv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 68BF 44 KB
12 KB 140ms
76ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/kkIRk0lOQLv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4be6845a718a4c6afc3b35bed4cdb1b777c713a62ebfa78954fc6bd86b68fadc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YE2Bmn+gukwd4WUrcAnCJA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12302
x-fb-debug: 6ucSzU5jtrsIsmGIalyTh+MpmFVwmaY3vBsxOx9jzzTTHRquNoDorpV41fQydwf9tvKNQfQdZIjDiOqbU89k8A==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 20 Jun 2024 15:52:33 GMT

GET
H2 200 h8ulkmpky8f.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 68BF 55 KB
15 KB 140ms
75ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lbhbphR1BNPxW6RqDJiiow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15174
x-fb-rlafr: 0
x-fb-debug: 6qXXp91I8SB8alLnJVR0g7uFJCbk62YyoG8mGcIndUWcQpra+RwloJeSzaSMW9bHWw3/68HEgysaNnuuwl7d+Q==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 08 Jun 2024 15:20:16 GMT

GET
H2 200 FMMie_OL3wL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 68BF 5 KB
2 KB 140ms
75ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/FMMie_OL3wL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62bf7e57ebc12f7a61aa36a8e4b4b25c8412f2212f91ff6f9b77d393245eecb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vCUBJYYMHOYvLIAh94niHQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1575
x-fb-rlafr: 0
x-fb-debug: mkEcsrXYpitlnBCNbGb2iyPD/kSmUTrx4EXZgfI3MvDQsA4uaNXnKDP4wGB4xG5gWVFoDLp1ah1619LJ4FBpUg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:43:10 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E7F0 51 KB
29 KB 45ms
43ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=xplssmr8teip

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40ab8b122eba50158f9724fae8a2bbdae1a22eeedf7984aa5a3bb1e9c5cf7358

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ULjACnmXjosiENfGWP22cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28773
content-security-policy: script-src 'report-sample' 'nonce-ULjACnmXjosiENfGWP22cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 325141786_6140032619364934_7377705774471631398_n.jpg
scontent-fra3-2.xx.fbcdn.net/v/t39.30808-6/ Frame 68BF 16 KB
17 KB 31ms
22ms Image
image/jpeg 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-2.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=dd9801&_nc_ohc=uvJgnm_cBDEAX-jBf6v&_nc_ht=scontent-fra3-2.xx&edm=ADwHzz8EAAAA&oh=00_AfAQFunI3YZ4jhpWZ1-jkCU7L4Cj5mCNknNs_LXYo8yWfA&oe=64981505
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
x-fb-trip-id: 1679558926
x-fbtype: 30808
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 13 Jan 2023 04:15:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1433450679
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2910780274
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 16853

GET
H2 200 305964663_450890893727816_1742559653774706626_n.jpg
scontent-fra3-1.xx.fbcdn.net/v/t39.30808-1/ Frame 68BF 1 KB
2 KB 77ms
22ms Image
image/jpeg 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=FJkJLroQ_MQAX-UJtmQ&_nc_ht=scontent-fra3-1.xx&edm=ADwHzz8EAAAA&oh=00_AfCuSUmEcoFEkqoude6PABzVHscXS3Insd8VGMQEVSCGSg&oe=6498CED5
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-haystack-needlechecksum: 760809244
date: Wed, 21 Jun 2023 23:52:49 GMT
x-fbtype: 30808
content-digest: adler32=2540016234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1345
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-needle-checksum: 88386505
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0760
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=YhTO-3xPTXdEOXp5bXBtNnRWaHA3eTMrR2pjS2duSjlWOUFnaU5hSHFQN1NZS09rT0x6UW0zVk1ua3JLajVXUnF6OWdHZDNkMUl2SVRqVTJZTVArQjB3TGU0TjIrS0xFTVYya2krei9MK0NlUHR4MTM3L0U5UEFRYUpPWC...

430 B
670 B

146ms
32ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=YhTO-3xPTXdEOXp5bXBtNnRWaHA3eTMrR2pjS2duSjlWOUFnaU5hSHFQN1NZS09rT0x6UW0zVk1ua3JLajVXUnF6OWdHZDNkMUl2SVRqVTJZTVArQjB3TGU0TjIrS0xFTVYya2krei9MK0NlUHR4MTM3L0U5UEFRYUpPWCt5NGt2alE0OGxOc1BPaTVtK0lrU0dBVHRqYllzOVhaYWttaVcrKy9iRG9hSENOZ0xvYjYxSFpOSWt5QmVpNTdzL3k3Y0N2M1NuQmdwTTdJQVNZT2p5SzB1b3d4WlRuN0FVenNZSDVRSEFlYjU2K1puRnZ2VTV1alhYbDNtT3dZSUI4bE1LRGNXVkhrYmJ0MnY4UExOMS9rMm5UelI5dz09fA&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6550a91820257882f785df34d823773b0c9ea18159231508b8d346150f41b081

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1563398
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=YhTO-3xPTXdEOXp5bXBtNnRWaHA3eTMrR2pjS2duSjlWOUFnaU5hSHFQN1NZS09rT0x6UW0zVk1ua3JLajVXUnF6OWdHZDNkMUl2SVRqVTJZTVArQjB3TGU0TjIrS0xFTVYya2krei9MK0NlUHR4MTM3L0U5UEFRYUpPWCt5NGt2alE0OGxOc1BPaTVtK0lrU0dBVHRqYllzOVhaYWttaVcrKy9iRG9hSENOZ0xvYjYxSFpOSWt5QmVpNTdzL3k3Y0N2M1NuQmdwTTdJQVNZT2p5SzB1b3d4WlRuN0FVenNZSDVRSEFlYjU2K1puRnZ2VTV1alhYbDNtT3dZSUI4bE1LRGNXVkhrYmJ0MnY4UExOMS9rMm5UelI5dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 308810
content-length: 0
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A393 0
0 79ms
78ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-KWIzHvQinNP50ikEbI28j7vDfYwstdEuzhwYO99ErJRxr2k0JRy4zt8UaNCLjXQZlElc_sAcm27e0IJQptlG5lmypRHDqw2jTuy3X0Y2X1IJg0J_GGaSIo1wRDUf05y5zsRs9V2Ln4UHc4d4YN4tcKMc9xIiNAIp33teFZf04gSmFjTeWwgb061e1mFrD_Tzy-JYHRqL1LKExg_z_cViWs8XTH2SoHGptfa544bNl3a5vVTd-YjBXawsoAp11h6Xh7wDUtd6C4elEs8YKjoebjKWl6sdPrmadmvwiLwk-SdWuN6nmKNImqAd_pBO63r_DgNw3akzwj4tz1uyEKFhDgSpDGQ2U3T11g&sai=AMfl-YS_8kNLHb1Jvtgx9JMcyBigs8L9s4AdU-cEK8Mniii7GvWpZfBTBxFbBi8kuO96WtnZVZsh-if72h0H1B9-zinlvSTSfV7U5Z-RCQ7SjF60Y8CZk3k_HryZFqW6Q7wmUaXai5Eor4Z72gXCxuk&sig=Cg0ArKJSzFi84PpjIypLEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 23:52:49 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame A393 17 KB
17 KB 141ms
30ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0696c5e661e7c6a48cd7c8d06695a1a9080271fa630cee908d8383282e6424cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: zD9.Cbfx8TYSkl7RuTjaI7R4kG4gYwIG
date: Wed, 21 Jun 2023 23:52:32 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 09:57:53 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 24
x-amz-server-side-encryption: AES256
etag: "43a50f8c40c3cffa2f15e77ea30165c9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17223
x-amz-cf-id: IP3fnEwfLL3u84nlOe3EP-unZIejssKf7va3Yrv4SEIMEhog2IaLvA==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A393 178 KB
56 KB 118ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:52:49 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 40FB 0
0 72ms
71ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGoxvPhLEvVMzREHCI5EYs3ppGPQCjMhM3Vf9vVN__-B0kq1XBjEnZ59mKne0IjtLdXt34CFoV8bTgEt_1kZYBIEp-rEZ_OTEIVbXxONCkyPtCtZ2ZOoAxhlLb0d9c83BTiLGUOMbNb2oYBNkHB6k094eIOdeUeC1SSpZZwdIphwPjInzHR6IbU5WnfByJOMm1bBg51CaYsDOjW9tTcbmHk66b49RG7zAuMDddl-vjDbkWZWIoca1hKDXi2P2i82Xvg6-OJjJx--cudbKIl93fb5fTznmk7owEu-8oCCs6xsx7VTw07Mq0_07nNesjty_PjJgjJKTsGGofUQtj0G8xECVp3zKR0basbg&sai=AMfl-YThP2UzymDWsuz5vgClXoXFhp_kzTB-IGGdmQzK6ZSj3rkOHq3yN8DaVkDfdZAqGPDrlkcmOp_4-ZIORewxtAFzwCS87Io92iYBzFp78OkDsmOeIiQVu1tBmziX2SN3tAySi6z9TL5MP3aVonY&sig=Cg0ArKJSzKa38rPdGUVVEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 23:52:49 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 40FB 17 KB
17 KB 138ms
37ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0696c5e661e7c6a48cd7c8d06695a1a9080271fa630cee908d8383282e6424cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: zD9.Cbfx8TYSkl7RuTjaI7R4kG4gYwIG
date: Wed, 21 Jun 2023 23:52:32 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 09:57:53 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 24
x-amz-server-side-encryption: AES256
etag: "43a50f8c40c3cffa2f15e77ea30165c9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17223
x-amz-cf-id: 8DvJBMKWs7hJzeH6C1PWkNntJ6XeBtxe4mDKgGp65B1G6B9KQ2PnOw==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40FB 178 KB
56 KB 140ms
63ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:52:49 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame E7F0 55 KB
24 KB 82ms
21ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=xplssmr8teip

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 20:14:58 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame E7F0 430 KB
173 KB 92ms
31ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 20:16:17 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 57ms
56ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1138288519.1687391569&jid=1048124537&_u=IADAAEAAAAAAACAAI~&z=852764925

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 96ms
30ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1138288519.1687391569&jid=1048124537&_u=IADAAEAAAAAAACAAI~&z=852764925

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 887A 0
176 B 93ms
32ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 21 Jun 2023 23:52:49 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 39A6 0
0 60ms
59ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurdJY4Zs2xZmBBWxtDpyYv8DNpEh1uGu_3n_7g8aTcrDtG4AwCbriADtyhvKd-EWd-Fg-gUldQyjyo5n-nOjaxszDZb-EHnqLq0csy9Drhg4cOZcC5MYnf9GmQuKXHreiVkMqcCADDhFlOItIldqR_SAlTxx2XXPsUbE5EPk7XfDkeMFZa--qvmLU96XYZg1JgOwbo3O2yXVmlYMel-jEqtcw8jP4LzhxndQ6Sxxtnhj-K0swyg2LG6Pjzgym1iv2GdlKEihTWC9Rd1d7VdJt2F_A5QXbSCjs3fgcDTpopAPqHGR21BIrPbWm_a4K8hXIRBPxcHbCYwBOnKQUZjzvccTNfI3H0IQ&sai=AMfl-YS9o7c9FObr-J8BhLrsw56_uxaHwVj18nAWuc8cWUU4oXwFW3YosrdBTsmGVNU7BBnktKzqKP-DfQIEXM7lFjvWxoOvOzN6zm3dCMM0Dubmdnyrw2stfsFaidk3sw&sig=Cg0ArKJSzDRZWDxzhDk0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 7942.js Show response
cnt.trvdp.com/js/1250/ Frame 39A6 535 B
899 B 90ms
26ms Script
application/javascript 18.173.154.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1250/7942.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-44.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:19:50 GMT
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 15:54:16 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 412380
etag: "f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 535
x-amz-cf-id: kiokkvdCgFjQVKr1qRuBiOTo4f0764wU1YbpVTDHNRLMcWvVva0W4A==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 39A6 178 KB
56 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:52:49 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 68BF 573 B
626 B 20ms
19ms Image
image/png 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/gHVKg_8u4Ap.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/gHVKg_8u4Ap.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: nzgOGLlps8ihbnocf/5J5fjyzYqDTwNe9ytO78LyI3HMhBBHzIXyInb9BfrJWPrf4xWamBLEe+ssUtDUInwRBA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 07 Jun 2024 17:53:35 GMT

GET
H2 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame 68BF 98 KB
23 KB 278ms
275ms XHR
application/x-javascript 2a03:2880:f13d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19529.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1007719123&__s=%3A%3A8ivklz&__hsi=7247291606306780944&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw6awZwaOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w&__csr=&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yO/l/de_DE/RCW6h_5U8Bd.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

789a3eaf046d5a2a635b25f95815ab35bdd8cca24c8eb8928c622bc7e948d996

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: AITRAJDXVDz7nyH_vJXKW4
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 23:52:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
pragma: no-cache
x-fb-debug: Zza8JZDSHunVImU6x1I5pTC9VvMWjFQWqQiTGLuCoN4rsGO0Kmrxp1fBPDvoTGOdwcTRb45hfo2hE2RTTziCqA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 68BF 907 B
808 B 76ms
76ms XHR
application/x-javascript 2a03:2880:f13d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yO/l/de_DE/RCW6h_5U8Bd.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbe39df97a2e759d8ce3af4ea4a5f55d3b2cc1833c9a1998e1312dd9f50ad696

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: AITRAJDXVDz7nyH_vJXKW4
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 23:52:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
pragma: no-cache
x-fb-debug: mNPs1V/C7NQ2mmo7KCc4O5f1CieKiGhTHVUiG3Zbv1P3be3fKvx4Z7T/Kj95Z+XfCUS4sIpXx3OPk9XVq3nhJw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 68BF 907 B
645 B 76ms
76ms XHR
application/x-javascript 2a03:2880:f13d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yO/l/de_DE/RCW6h_5U8Bd.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aef1df2144123d7e45ca32f656aa3584b6a06259ef3e132881be2e9ee9c71911

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: AITRAJDXVDz7nyH_vJXKW4
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 23:52:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
pragma: no-cache
x-fb-debug: NyRoy0CWkm0G5yNQp1BrRxO4925hJs7bO64n3UAU0AIwzNpCC/r1/sXerODNncjbV3mxfYaZ5vBCSw9+HZIv6g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 68BF 12 KB
12 KB 20ms
19ms Image
image/png 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
x-fb-rlafr: 0
x-fb-debug: BJ1Yge5QxBY8emVtdK4jyzwnNQj0APel5LUXnLec+anEP81eY4SZxYkqMfWB9w3Ndt1qSxQ2vaAeazryLO9HjQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 07 Jun 2024 09:37:08 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 68BF 1 KB
1 KB 22ms
22ms Image
image/png 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/gHVKg_8u4Ap.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/gHVKg_8u4Ap.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-rlafr: 0
x-fb-debug: QIX6RcCTKus9LICCy2YA4yy9k3s/2g9FTzHARoK3RZv2kdyaZNi6wQvoubKsFN+Vfa/XgTozYdrGjWlMCXH53w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 07 Jun 2024 13:58:01 GMT

GET
DATA 200
OK truncated
/ Frame A393 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3aff857eaabb2aefb0444dee3642e34376dc8349403e1f207b19d28a2240822c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1687378666-5f4c8c1d4970a526c7dd0e03447ef085-840x525.jpg
img.gbyhn.com.tw/2023/06/ 128 KB
129 KB 238ms
25ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2023/06/1687378666-5f4c8c1d4970a526c7dd0e03447ef085-840x525.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43ee064b51045fde1325550b5fff1d7f23a45aded7e601bc151d22e38d23e3c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9414
alt-svc: h3=":443"; ma=86400
content-length: 131087
last-modified: Wed, 21 Jun 2023 20:17:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWINp8g1zbAotMs4XUnSjqQjDxKseGNP2qgeS71kTPMgKUh9UXDgiHuKHdM1i53l%2FmWCJDPTgBDS7eD4aJ8KtN1d9PpG%2FIFw1%2BwI6G2gfdHlZKe5jbR81ia5V2%2BzyEwxSvdNzoBR65fqMFFbZFEQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7db02ae07974bbc2-FRA
expires: Wed, 28 Jun 2023 20:23:56 GMT

GET
H2 200 renews-title1.png
re-news.tw/images/ 24 KB
24 KB 1137ms
266ms Image
image/png 35.185.136.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re-news.tw/images/renews-title1.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.136.122 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.136.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
last-modified: Sun, 28 Nov 2021 04:19:19 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "61a30347-5fad"
content-length: 24493
content-type: image/png

GET
H2 200 Joint_Logo_Ace_Green_Recycling_Hakurnas_Lead_Works.jpg
mma.prnasia.com/media2/2107365/ 19 KB
19 KB 90ms
33ms Image
image/jpeg 2606:4700::6810:fd04
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/2107365/Joint_Logo_Ace_Green_Recycling_Hakurnas_Lead_Works.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:fd04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c1e9ca56cc6036265b475e203e47598e2ab91cdee075686ebeb30df76e57ede8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
cf-cache-status: HIT
age: 35947
x-powered-by: ASP.NET
server-timing: intid;desc=b710b8d063bbe21b
content-length: 19331
cf-bgj: h2pri
last-modified: Wed, 21 Jun 2023 13:53:42 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=1
accept-ranges: bytes
cf-ray: 7db02adf882a03d8-FRA
access-control-allow-headers: Content-Type
expires: Wed, 21 Jun 2023 13:53:43 GMT

GET
H2 200 2021-%E5%88%86%E6%9C%9F%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2021/03/ 80 KB
81 KB 538ms
307ms Image
image/webp 192.0.78.25
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2021/03/2021-%E5%88%86%E6%9C%9F%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5153f72ad515627ca9811772d1a5965424ae3a3679269fad7de2f368be079ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ac: 2.hhn _atomic_ams BYPASS
content-length: 82358
x-nc: HIT bur 2
last-modified: Thu, 03 Feb 2022 16:45:22 GMT
server: nginx
etag: "e7e4a8c332d33491"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Sun, 04 Feb 2024 04:45:22 GMT

GET
H2 200 %E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 180 KB
181 KB 225ms
166ms Image
image/jpeg 192.0.78.187
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
last-modified: Thu, 27 Apr 2023 05:06:22 GMT
server: nginx
etag: "644a02ce-2d1f7"
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 184823
expires: Wed, 28 Jun 2023 23:52:49 GMT

GET
H2 200 ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94...
www.rayskyinvest.com/wp-content/uploads/2023/03/ 31 KB
31 KB 120ms
23ms Image
image/webp 34.160.81.203
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/2023/03/ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94%A2%E5%93%81-750x375.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.160.81.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 203.81.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Wed, 21 Jun 2023 23:52:49 GMT
expires: Thu, 20 Jun 2024 05:48:45 GMT
last-modified: Thu, 30 Mar 2023 16:44:53 GMT
server: nginx
etag: "6425bc85-7a08"
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 31240
x-cdn-c: all
x-sg-cdn: 1

GET
H2 200 file.png
static.wixstatic.com/media/08c74d_ba3a5eb8e092499c974acd5b3e418350~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 331 KB
332 KB 112ms
26ms Image
image/png 2600:9000:2057:a200:1e:5c56:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/08c74d_ba3a5eb8e092499c974acd5b3e418350~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a200:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: fe3c06eeffb10add536e52ac60fb6cccc3ea545d6fa16231830de8c4630d4851

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-seen-by: image-manipulator-6b469b496d-2dx8m
date: Sun, 11 Jun 2023 07:40:07 GMT
via: 1.1 google, 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: openresty/1.21.4.1
x-amz-cf-pop: FRA6-C1
age: 922362
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: iWPQf7HU4-1dq71MiZuxPnkOkx-DtRY3Yq_uRRz03M6_XMj-E0JY5g==
content-length: 338711
wix-tracer: 2R3C7CelfiubhwiVOza7q33vt3e

GET
H2 200 1672766450-7-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/01/ 487 KB
488 KB 70ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg?fit=2560%2C1920&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

81a83ad8c65b893ec909609444e653b7e0be9395ccf59016e03284e0d1a13844

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Jan 2023 09:08:26 GMT
server: nginx
etag: "42053212710e4c28"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg>; rel="canonical"
content-length: 498450
expires: Wed, 08 Jan 2025 21:08:26 GMT

GET
DATA 200
OK truncated
/ Frame 40FB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad0eac93294381182482db743bcffb4fce826ca7972379ec10ad39870251ab26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E7F0 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 00:33:37 GMT
x-content-type-options: nosniff
age: 83952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 28 Jun 2023 00:33:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E7F0 15 KB
16 KB 74ms
20ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 00:54:58 GMT
x-content-type-options: nosniff
age: 428271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 00:54:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E7F0 15 KB
15 KB 78ms
25ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:23:37 GMT
x-content-type-options: nosniff
age: 98952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 20:23:37 GMT

GET
H2 200 Es47YDVPeXV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 68BF 336 KB
73 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/Es47YDVPeXV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/bqgSUx3PwMB.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e615adecfab746b03bbc503bd5a48ccb8c5a1c233795efe9a6ec52f49c72342a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: U0JoHf1vLn5iLsipWkTuGQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74335
x-fb-rlafr: 0
x-fb-debug: qtb7U+5JijyrTebgkvE78+gSDgG5llae0W0CFRaTDkJM1pjVaLja9RxlwyDb+FjhDCQigVM7buAOjoue+nkadg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 08 Jun 2024 15:20:16 GMT

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 287D 8 KB
8 KB 27ms
27ms Document
text/html 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39
content-length: 7890
content-type: text/html
date: Wed, 21 Jun 2023 23:52:11 GMT
etag: "e090f4ac111bd0e0dd865bdbb97fa28f"
last-modified: Wed, 14 Jun 2023 13:45:19 GMT
server: AmazonS3
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
x-amz-cf-id: HEBskbVlmpx-ramcHIsdEnKTqy3ZL84OGDoNE65HZfVT2EafWUsEMg==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: S2DFp1kCOKWY1.ffDCmGy6vawdQiJHiT
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame A393 662 B
1 KB 29ms
28ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: kxGTttkSnY54PF5gFAWoFPEzbSOmH_Sj
date: Wed, 21 Jun 2023 23:52:33 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:44:58 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 30
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: cc2NV1DS9_m6HBVY4FymS4foDMTywe-G6Auj7AahLLiWEh8zhRvEIQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 09E8 15 KB
16 KB 29ms
28ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: enDyvkee2bFtwe5gJbVvig7G0KnS4pcd
date: Wed, 21 Jun 2023 23:52:02 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:45:07 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 50
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: pPkMz9AVzH1A9v0yE_K6f6yGf0NWnBUjQiZTcw8HlNb5H7Tlir5TMg==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame B71D 8 KB
8 KB 28ms
27ms Document
text/html 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39
content-length: 7890
content-type: text/html
date: Wed, 21 Jun 2023 23:52:11 GMT
etag: "e090f4ac111bd0e0dd865bdbb97fa28f"
last-modified: Wed, 14 Jun 2023 13:45:19 GMT
server: AmazonS3
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
x-amz-cf-id: sLw0pnB96vEk7B0BAzzW5xCqdZnuTCO0B19SOrxsrLUabTue95iijw==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: S2DFp1kCOKWY1.ffDCmGy6vawdQiJHiT
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 40FB 662 B
1 KB 27ms
25ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: kxGTttkSnY54PF5gFAWoFPEzbSOmH_Sj
date: Wed, 21 Jun 2023 23:52:33 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:44:58 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 30
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: urCJiSsvoGa3cKZoKZN7VqQJ6gWZYV3DgoMjErfZSCa0k2SMFd7ZTA==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 1DF2 15 KB
16 KB 31ms
26ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: enDyvkee2bFtwe5gJbVvig7G0KnS4pcd
date: Wed, 21 Jun 2023 23:52:02 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:45:07 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 50
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: _bJIUGT0ybDNcksk9vSAmMoaSWUfVMr23yhuKZo87A_1joA1hrMEKw==

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 68BF 198 B
255 B 24ms
22ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/bqgSUx3PwMB.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: wEnUcA4yctjQd/lr79J0QUejv6PKYX6y2TdmrQ5XBVG6UhoF+IOVkdyAKFwkaT7Xm02hV9BRxIV/qxspiHf1FA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 08 Jun 2024 15:37:04 GMT

GET
H2 200 7942.js Show response
go.trvdp.com/init/ 6 KB
6 KB 111ms
27ms Script
binary/octet-stream 18.173.154.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/7942.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-80.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 22 May 2023 02:08:23 GMT
via: 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
last-modified: Sat, 25 Mar 2023 08:02:02 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 2670266
etag: "cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: qmbez6CVWWLjKqI2vKI4nLYxktOzixHMakXDYVe31nf2_CuA3AIwSA==

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame E7F0 102 B
133 B 31ms
30ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=IqA9DpBOUJevxkykws9RiIBs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9&co=aHR0cHM6Ly9yZXVybC5jYzo0NDM.&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=xplssmr8teip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Wed, 21 Jun 2023 23:52:49 GMT

GET
DATA 200
OK truncated
/ Frame 39A6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1abb52bab5d55d71ea92df09578bc06ce4789822451547ee00aec5dda155af0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 39A6 0
0 103ms
59ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss94fH_u3dJX7epHOcndHTnRk1ALCFUW-WTpAgTLSdzCq9GW8SW8naRaiF3-CnwRN8JKYEYArM8_KTXG3nMlNJ5_mN2PB1l1GyAjbXpX-bKDPwOJxvJwhp1oYV9KVnNBHOkDMa0jJ6cNbCc43LAccjUIgMhJdCWVNwU8OJunyA0YcYXICMeSiWof_mxK6JjytTcDltP6UEcCSSDG0lJwd9keFrYijbzcrPJ_w5bvZyHK3j0mexvZ1Egc5BZQGJiZKlvcnpmzyzj_lNRUmf5hO-jVFXe_b9lvy7Iupx_YWq1p8KUOiL2S0zfD8zEjhmM9xPbf21JugNl-um4rKOzz6D-PC4uoSwQP8cA&sai=AMfl-YR2EVWFYKeUY8osLNvOIkUMjEDWxJ2P_ndsI6c2Ika7-fTNg5MOyI7GNNT3JXlnpyqoIR65M_7KEtbLdalAjB9qyp_TOxNLHa_AGuQW-A3QNkYpBKJEtgBWHIkPyw&sig=Cg0ArKJSzDBm_Tlv-miuEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 23:52:49 GMT

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame D638 0
217 B 948ms
266ms Document
text/html 18.176.174.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.174.178 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-174-178.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 23:52:50 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 0CAA 39 B
97 B 3797ms
3119ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 23:52:53 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 287D 5 KB
3 KB 251ms
251ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 22 Jun 2023 00:02:50 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 287D
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
510 B

135ms
134ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Wed, 21 Jun 2023 23:52:50 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 287D 0
218 B 946ms
264ms Image
text/html 18.176.174.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.174.178 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-174-178.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame B71D
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
510 B

142ms
141ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Wed, 21 Jun 2023 23:52:50 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame B71D 0
217 B 938ms
266ms Image
text/html 18.176.174.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.174.178 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-174-178.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 4D24 0
217 B 935ms
267ms Document
text/html 18.176.174.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.174.178 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-174-178.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 23:52:50 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame F350 39 B
191 B 785ms
122ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 23:52:50 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
401 B 254ms
254ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

63fc0c8b82e815845086a17bd7c36267a65a7d4ec5bed7fd9a564971242dae6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 09E8 634 B
639 B 691ms
72ms Script
text/html 2600:9000:20c3:ae00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13858
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:ae00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9521562582cce8c20dc4e62e619a707d5484ee08f7ae6644888bbe19637afee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:44:48 GMT
content-encoding: gzip
via: 1.1 7497b6df995aa2d58f27a725f51d6240.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: MUC50-C1
age: 482
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: DShsUlbeaRS_v0QUwJZ6E-DkCPMGW_Z_ebda6Zo4V4Z_3pDm_hN9sw==

GET
H3 200 OddrI9NOuB_.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame 68BF 10 KB
3 KB 27ms
26ms Stylesheet
text/css 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/OddrI9NOuB_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/bqgSUx3PwMB.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8af274c171647062d29744e679763f07957583da4aa6f9690aaee4c0132480ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zMdf1N1zjFRkgtELDiTmRg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2569
x-fb-rlafr: 0
x-fb-debug: EyF26vdE8efogPwCfFlj+929gNTG+yBFtq38Xvz/UXQ21NgOa428z6lpDgK5Ww2dAGSDfSLiIGpLSE9tBU4mKw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=0
expires: Sat, 08 Jun 2024 15:20:28 GMT

GET
DATA 200
OK truncated
/ Frame 68BF 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 vFrQxWP6ZYA.css
static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/ Frame 68BF 18 KB
4 KB 27ms
27ms Stylesheet
text/css 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/vFrQxWP6ZYA.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/bqgSUx3PwMB.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

84c0b447cee69b0835b94a1aa4c8fed05a2005721d401bc02aa3d70316f59e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fRbsMFgeMrn4qmarpukfBA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4424
x-fb-rlafr: 0
x-fb-debug: 6LUS7EQqQ+w0Dv9LEIY13hq/SUJv2mdwDpPwPi9Pzx7kaZ1RaBtQwPBP7UeT9eXyTBNYXkARfXaWmLqFByhGSg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=0
expires: Sat, 08 Jun 2024 15:20:43 GMT

GET
H3 200 Qlj2f8M1fRU.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 68BF 64 KB
17 KB 28ms
28ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/Qlj2f8M1fRU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/bqgSUx3PwMB.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7694573a86f303cabb2d2c27064dcaf58e0df866a47ccf73d14a6b682bf7450b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: l03F0wvFW6lQhOoFpr15Ew==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16971
x-fb-rlafr: 0
x-fb-debug: gHo7gWGO41B0PkB/EJCTo8Jm3/QSSPkr/CQGMqe2HHZtwZ7GhbHNSgOpAtNDqM3S7XEOzttObcVqmv26u/XQNw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sun, 09 Jun 2024 17:46:06 GMT

GET
H3 200 3P2oB1R2XCB.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUY_4/yh/l/de_DE/ Frame 68BF 25 KB
7 KB 30ms
29ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUY_4/yh/l/de_DE/3P2oB1R2XCB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/bqgSUx3PwMB.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ef4b2f0ef3cbfe357017be8e759786eadc92ab0f2d51fd2642b8c5bd135902

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4DWZeZmQqkIfNUyteEVnFQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7490
x-fb-debug: d5D0kPj1n+1TGKrC96F9kTocpauakjBqP1LB5qb+d53e7kIB6rn3Q9i9TDLFNMVU3FffHzz2z8aKAB/k8v4rlQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Wed, 12 Jun 2024 19:08:06 GMT

GET
H3 200 ie38mp0O07P.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 68BF 25 KB
10 KB 44ms
44ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/bqgSUx3PwMB.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CEYVgZg04j7erS0ub7sNsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10390
x-fb-rlafr: 0
x-fb-debug: j/nOA1B+AMnuZozYBcoDaRxMernbFKNw2FEP5zheUa/KUd3Mk4vRHEcxa8f22722scvKE4WloDb9WR+yTEcbsw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 08 Jun 2024 15:20:19 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 1DF2 634 B
642 B 631ms
51ms Script
text/html 2600:9000:20c3:ae00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13860
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:ae00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9521562582cce8c20dc4e62e619a707d5484ee08f7ae6644888bbe19637afee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:44:48 GMT
content-encoding: gzip
via: 1.1 7497b6df995aa2d58f27a725f51d6240.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: MUC50-C1
age: 482
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: 4XlMS7C8MZJVguOFcXtjE9e8XFTgDAZy-RFBFP8E9l4CwgjRdQ7YdA==

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
271 B 255ms
254ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=c01bcb74-500b-4f26-8402-f1714ae83cd7

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 cm Show response
t.ssp.hinet.net/ 0
187 B 255ms
254ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=c01bcb74-500b-4f26-8402-f1714ae83cd7

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
c01bcb74-500b-4f26-8402-f1714ae83cd7.t.ssp.hinet.net/ 0
79 B 495ms
251ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c01bcb74-500b-4f26-8402-f1714ae83cd7.t.ssp.hinet.net/pixel?bd=c01bcb74-500b-4f26-8402-f1714ae83cd7&t=a546ca&referrer=%25%25%20referrer%20%25%25

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:51 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 438ms
370ms XHR
application/json 99.84.88.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=1502.3510597548473&pid=5434&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-17.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 1b66c2d27056ad044abb3b3443ed46f21ef0b6187628b777ba815850c55e2e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:51 GMT
content-encoding: gzip
via: 1.1 24615eefe0727e5d65935ccaddca2f78.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: ZWiQk7YGjYID3Cu1IDSn8esyHGFvfw1gmq7tyL5tTeuwjtfZ7saHaQ==

GET /
www.facebook.com/login/ Frame 68BF 0
0

GET
H3 200 /
www.facebook.com/login/ Frame 68BF 0
0 108ms
108ms Document
text/html 2a03:2880:f13d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/bqgSUx3PwMB.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f13d:83:face:b00c:0:25de Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 21 Jun 2023 23:52:50 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: ER37u5S3mkQv+V3dq2+idWDFlH8YXuaNZA42x8MkNxASpUOAGn0G79xJCuy8ooBJ4wRCozTjqzDlD2Ye8Fz/zg==
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame A22F 7 KB
1 KB 43ms
42ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58eaf262bb1c0ad4234023a690594b66273f65ba2857341ab5a8547e5b3d191a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-29qHiDPxFwxwlidp059DTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1154
content-security-policy: script-src 'report-sample' 'nonce-29qHiDPxFwxwlidp059DTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 287D 36 B
407 B 253ms
253ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e0540a96a3275114a67a6ba6685a53883abebf126522b434e024ce00e816e6cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:50 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame A22F 55 KB
24 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 20:14:58 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame A22F 430 KB
173 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 20:16:17 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 1DF2 2 KB
1 KB 1006ms
413ms Script
text/html 52.193.181.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13860&rf=https%3A%2F%2Freurl.cc&n=85&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf&fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.181.52 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-181-52.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dddfaae923516f156c8e87142ff90ec7a842c1731f144a48cd06157781e51938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 21 Jun 2023 23:52:51 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 09E8 2 KB
1 KB 994ms
402ms Script
text/html 52.193.181.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13858&rf=https%3A%2F%2Freurl.cc&n=145&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf&fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.181.52 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-181-52.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7ba3b9e9481b6e7e98d3d13ef40fa3d6daacdbbfebfe2b10ff549afe4a2f110f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 21 Jun 2023 23:52:51 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 39A6 42 B
174 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuL_0NBb0pJQOyOEf8CKkmoOx5_8mut6GRj0HM2koY2vuJEdxqLiCKAnbCbw_ZVArn_wBF8TS6UpcaRc-mFJ7iLXjV-sy1vhbN3heyAu6n_uiw_nMGt&sig=Cg0ArKJSzEpY4l0-SUcvEAE&id=lidar2&mcvt=1001&p=1181,1599,1182,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230620&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687391569654&rpt=258&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame A22F 40 KB
24 KB 75ms
75ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

89e1934c1df1459e564ab6bbdfed91853d10bfb64f93a6266bfa8a007806e9a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 21 Jun 2023 23:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25007
x-xss-protection: 1; mode=block
expires: Wed, 21 Jun 2023 23:52:51 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame A22F 600 B
624 B 20ms
20ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 03:01:22 GMT
x-content-type-options: nosniff
age: 507089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 23 Jun 2023 03:01:22 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame A22F 530 B
554 B 25ms
23ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 18:31:39 GMT
x-content-type-options: nosniff
age: 364872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 24 Jun 2023 18:31:39 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame A22F 665 B
689 B 26ms
24ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:30:32 GMT
x-content-type-options: nosniff
age: 368539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 24 Jun 2023 17:30:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A22F 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 00:54:58 GMT
x-content-type-options: nosniff
age: 428273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 00:54:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A22F 15 KB
15 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:03:22 GMT
x-content-type-options: nosniff
age: 359369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 20:03:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A22F 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:23:37 GMT
x-content-type-options: nosniff
age: 98954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 20:23:37 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame A22F 27 KB
27 KB 31ms
31ms Image
image/jpeg 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AL8dmw_ko4-iH4WVOvqwQa1K9mEfatOuGDvKk5VQBkLypSPYmTtK6DVPEFidXPXrAUWszI_qYEvbT8UH4NAETTFqnFAUaAxpgAgwx61DyZknBQViXEHJpg1vUoRw8ofDMn_x6dlBPf_OhHG5VZ9DQTsZYR-FAvyASOa4iyJI_0DE0xhE2_FJQgg43rY1JaSe-qPQeKZ4yx_pQZBlQA0wMQWPIgv-j33WvA&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0b73cde4ad87b027277f12f5cbfe5fdcaf47a670c65c52d3fcda057897a8ac74

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=IqA9DpBOUJevxkykws9RiIBs&k=6Ldi8TIUAAAAAJun3UxUGrHA2YVhQjVZ7URvPSc9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:51 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27625
x-xss-protection: 1; mode=block
expires: Wed, 21 Jun 2023 23:52:51 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 1DF2 5 KB
3 KB 251ms
250ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:51 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 22 Jun 2023 00:02:51 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 09E8 5 KB
3 KB 251ms
250ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:51 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 22 Jun 2023 00:02:51 GMT

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.802/ 466 KB
138 KB 102ms
33ms Script
application/javascript 108.138.36.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.802/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-34.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86df418d759487f91b379ac929723336e45cf28b31395bb383bc4439b2150125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:39:02 GMT
content-encoding: gzip
via: 1.1 3fbcd51d3039c17ef404823aaeb1f66c.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2023 13:09:34 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 11002430
etag: W/"bc1129a1d65d16ce761ff5637cdc8f53"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 7qL68yMH2eNqilyDNaJu1i1_2jP7BFOxscAqTapivKUTin-GB0JZyw==

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 52 B
717 B 539ms
136ms XHR
text/plain 35.208.216.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=DE&l4=desktop&l5=5.802&cb=0.34007409589985005
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/float.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 23:52:51 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://reurl.cc
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 52

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 1DF2 36 B
400 B 253ms
253ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e0540a96a3275114a67a6ba6685a53883abebf126522b434e024ce00e816e6cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:51 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 09E8 0
187 B 259ms
258ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf&mp=c01bcb74-500b-4f26-8402-f1714ae83cd7

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:51 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
c01bcb74-500b-4f26-8402-f1714ae83cd7.t.ssp.hinet.net/ Frame 09E8 0
79 B 250ms
250ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c01bcb74-500b-4f26-8402-f1714ae83cd7.t.ssp.hinet.net/pixel?bd=c01bcb74-500b-4f26-8402-f1714ae83cd7&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:51 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 09E8 9 KB
9 KB 28ms
27ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13858&rf=https%3A%2F%2Freurl.cc&n=145&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf&fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 163861ba1f99a5f399021588724bc0930e9de7f7dea9c4a5d8d06e03f169f30c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: BdlLWqRSJhtoqWyWgdowgeFYPkUrdf8r
date: Wed, 21 Jun 2023 23:52:35 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jun 2023 16:43:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 26
x-amz-server-side-encryption: AES256
etag: "5605cb8cc8a95ce9c39d43b26ce2823b"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8980
x-amz-cf-id: CTttxRHmhiYn-zsBqmWEdeCRGLtw6KQ6lJYWwQHLM0foAuiT4C-tEg==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 1DF2 9 KB
9 KB 27ms
26ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13860&rf=https%3A%2F%2Freurl.cc&n=85&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf&fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 163861ba1f99a5f399021588724bc0930e9de7f7dea9c4a5d8d06e03f169f30c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: BdlLWqRSJhtoqWyWgdowgeFYPkUrdf8r
date: Wed, 21 Jun 2023 23:52:35 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jun 2023 16:43:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 26
x-amz-server-side-encryption: AES256
etag: "5605cb8cc8a95ce9c39d43b26ce2823b"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8980
x-amz-cf-id: SwRApguILg1vKITSOqQWKdJzUh0-2mmIoFgwixcWi0-rK_HepyiuSA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 40FB 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwyFaqqQI0Gb3b8uEcCfGBFcZEbejzD0h0i7ZNX-qzThHE4QNVG7VxRldbanSWmtOh-VcCKhFdn-zJgosxaf_9IluESDoWn6OZgaBpOYk8DzUkAGwfIjVD9I5_hrHbwMtqBRpmnB-B6lLYGGlBofQmwBjU5yc6nqBOgREa8dJsy8nHLlEa1rZkGQlMyA86F415qOUgdrpfkT7Ho-sOtLvDUSwZUK3dshDNkeNGqGbFQL3mOtVDq-TBze_J000irTGf9lcLJqyrEC3hSacFxA0ac6cvxBGBrzdaGJtqQ9-dX04jMAGjyya4Kdl2QycTdz3v9bQ0mAECvAaRdojq_bg8raGn6pIlT5fQNpWW&sai=AMfl-YQij6aLFFdZ_JTy7_Cwk0B46n6qX8vTXJy-mTRYmc7EJjBD8IxCU0hMU5ndPJRU4W61f_VNvPX9qNQ2J2Okg48vCdNopfYq66jsiiZWcmAnPsmaEilqjt2SgV5UhHa4JRF5Ui_yNOfgED0Y9dI&sig=Cg0ArKJSzLSlNxMs9RcJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 23:52:51 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 8EA0 17 KB
17 KB 28ms
28ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0696c5e661e7c6a48cd7c8d06695a1a9080271fa630cee908d8383282e6424cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: zD9.Cbfx8TYSkl7RuTjaI7R4kG4gYwIG
date: Wed, 21 Jun 2023 23:52:32 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 09:57:53 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 27
x-amz-server-side-encryption: AES256
etag: "43a50f8c40c3cffa2f15e77ea30165c9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17223
x-amz-cf-id: CjGu5WCCVWaEUOU9pSGbs8G6xaUucGFHdwKpGCpEav-2K_Kw1uvgyA==

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 212A 17 KB
17 KB 29ms
28ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0696c5e661e7c6a48cd7c8d06695a1a9080271fa630cee908d8383282e6424cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: zD9.Cbfx8TYSkl7RuTjaI7R4kG4gYwIG
date: Wed, 21 Jun 2023 23:52:32 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 09:57:53 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 27
x-amz-server-side-encryption: AES256
etag: "43a50f8c40c3cffa2f15e77ea30165c9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17223
x-amz-cf-id: OlIKvElW-VTrCWuJELy2sxxNxz--NwPnmD-9O2DG7HRZNK9QgMxyTw==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame E5E9 8 KB
8 KB 27ms
26ms Document
text/html 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42
content-length: 7890
content-type: text/html
date: Wed, 21 Jun 2023 23:52:11 GMT
etag: "e090f4ac111bd0e0dd865bdbb97fa28f"
last-modified: Wed, 14 Jun 2023 13:45:19 GMT
server: AmazonS3
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
x-amz-cf-id: Z6sR471OFIP3-BW6bWOtoJGwF043WjGBsDHMsxuCwwWo0Xr-ewcrBA==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: S2DFp1kCOKWY1.ffDCmGy6vawdQiJHiT
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 8EA0 662 B
1 KB 26ms
25ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: kxGTttkSnY54PF5gFAWoFPEzbSOmH_Sj
date: Wed, 21 Jun 2023 23:52:33 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:44:58 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 33
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: CPtV-9lSycuqrpktRT_POkyr9PMIhs-QLdI_I3hmHkp_XpYjq6NhbQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame B152 15 KB
16 KB 29ms
28ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: enDyvkee2bFtwe5gJbVvig7G0KnS4pcd
date: Wed, 21 Jun 2023 23:52:02 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:45:07 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 53
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: 45xXXGbEWUa7LSrV6-XMrWYAMaFpkBYYVh1b17oaHY6vYaJLzwRumA==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame F72D 8 KB
8 KB 27ms
27ms Document
text/html 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42
content-length: 7890
content-type: text/html
date: Wed, 21 Jun 2023 23:52:11 GMT
etag: "e090f4ac111bd0e0dd865bdbb97fa28f"
last-modified: Wed, 14 Jun 2023 13:45:19 GMT
server: AmazonS3
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
x-amz-cf-id: cELPxq2uOEFYDB7AMHHhvcDp1DIib1eHIscAVA6VGnzvVMiWQj7SgA==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: S2DFp1kCOKWY1.ffDCmGy6vawdQiJHiT
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 212A 662 B
1 KB 25ms
25ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: kxGTttkSnY54PF5gFAWoFPEzbSOmH_Sj
date: Wed, 21 Jun 2023 23:52:33 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:44:58 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 33
x-amz-server-side-encryption: AES256
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 662
x-amz-cf-id: 2MrQzhVTka1QpgwsADMFHx7NTTjLWaJjjj2Hjz0KWvUHaUjz40pX0g==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame E74D 15 KB
16 KB 28ms
28ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: enDyvkee2bFtwe5gJbVvig7G0KnS4pcd
date: Wed, 21 Jun 2023 23:52:02 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:45:07 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 53
x-amz-server-side-encryption: AES256
etag: "fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 15489
x-amz-cf-id: yzt1SUwUxUGtHK8CisNlzdyH5jAbdy-YtXXA9AhpKRD7a9-WdGPiSQ==

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 21FE 0
217 B 265ms
265ms Document
text/html 18.176.174.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.174.178 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-174-178.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 23:52:52 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 73A5 95 B
242 B 125ms
123ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 23:52:52 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame E5E9 0
217 B 265ms
263ms Image
text/html 18.176.174.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.174.178 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-174-178.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:52 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H3 200 cm
c.holmesmind.com/ Frame E5E9 0
15 B 1196ms
1195ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:53 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame E5E9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=204924-CdtJdDVi3MpiXHkXJhmcfjCHjugHSTle&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=204924-CdtJdDVi3MpiXHkXJhmcfjCHjugHSTle&uu_m=undefined&google_gid=CAESEDzIe7n0WyPVhmMJnq1g-oY&google_cver=1

0
479 B

1065ms
988ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=204924-CdtJdDVi3MpiXHkXJhmcfjCHjugHSTle&uu_m=undefined&google_gid=CAESEDzIe7n0WyPVhmMJnq1g-oY&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:53 GMT
x-guploader-uploadid: ADPycdsjep0ne7TE1rahsTLC2AUWHS_ZFy-srYAbAjTq8twC5AQloMxxRrXEh5zTH2EXoXQfKuev9zpYp_8AgVLJWgBlMfywV1nK
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Thu, 22 Jun 2023 00:52:53 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=204924-CdtJdDVi3MpiXHkXJhmcfjCHjugHSTle&uu_m=undefined&google_gid=CAESEDzIe7n0WyPVhmMJnq1g-oY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame B152 1 KB
786 B 56ms
56ms Script
text/html 2600:9000:20c3:ae00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13859
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:ae00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fe85409eda36a5f315752defa8018e664272fb359b1aa6461aeaf5627ddbef02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:44:50 GMT
content-encoding: gzip
via: 1.1 7497b6df995aa2d58f27a725f51d6240.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: MUC50-C1
age: 482
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: qQs6s7eQ4UE4ASjeq2C0F4EON380xVAWlf407vLYpj5n6Dx-3sHxyw==

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame F72D 0
217 B 266ms
266ms Image
text/html 18.176.174.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.174.178 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-174-178.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:52 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H3 200 cm
c.holmesmind.com/ Frame F72D 0
15 B 465ms
465ms Image
text/html 35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:53 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 0A59 0
217 B 266ms
266ms Document
text/html 18.176.174.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.174.178 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-174-178.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 23:52:52 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 1B0A 95 B
223 B 120ms
120ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 23:52:52 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2

200

google
m.holmesmind.com/ml/ Frame F72D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=204924-CdtJdDVi3MpiXHkXJhmcfjCHjugHSTle&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=204924-CdtJdDVi3MpiXHkXJhmcfjCHjugHSTle&uu_m=undefined&google_gid=CAESEDzIe7n0WyPVhmMJnq1g-oY&google_cver=1

0
143 B

1065ms
991ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=204924-CdtJdDVi3MpiXHkXJhmcfjCHjugHSTle&uu_m=undefined&google_gid=CAESEDzIe7n0WyPVhmMJnq1g-oY&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:53 GMT
x-guploader-uploadid: ADPycduI9oNY8K_pDAVgaHF2IJFkVy7c70mzR1cw0OfQznT2wj60Ouo0T3V6z4yCz4BUY1EvuPcSPFZdBFXjSCo7bj06pSD7Ps-w
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Thu, 22 Jun 2023 00:52:53 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=204924-CdtJdDVi3MpiXHkXJhmcfjCHjugHSTle&uu_m=undefined&google_gid=CAESEDzIe7n0WyPVhmMJnq1g-oY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame E74D 1 KB
793 B 106ms
106ms Script
text/html 2600:9000:20c3:ae00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13861
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:ae00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a4253ee8fdd7f84329fc4b4e0c28d0fbc12d0019d2c784637ec1d108e9ef3555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:44:49 GMT
content-encoding: gzip
via: 1.1 7497b6df995aa2d58f27a725f51d6240.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: MUC50-C1
age: 482
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: ao7I1ikXhva2vyYOnJk4aqfr_0IaDUrBOKbOGOhB6Xq9jnEsaDtGhA==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame B152 2 KB
1 KB 1133ms
1132ms Script
text/html 52.193.181.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13859&rf=https%3A%2F%2Freurl.cc&n=656&o=1&fc=564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf&d=1&b=2&ts=1&ii=2&FPCK=564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf&fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.181.52 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-181-52.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a9da55d86383d540a6c01ec138c5e2d9ba556dc9377180db7353b6310ec14c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 21 Jun 2023 23:52:53 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame B152 3 KB
3 KB 74ms
73ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 1d7i8aDt24bAAhdQGVHcl4aJbGsdC8qT
date: Wed, 21 Jun 2023 23:52:52 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:45:19 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 24
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: ZThutvcrKQ2DizH2fzZnozENsChG9MKl-3AQ4nv_NR7EHi4WgX4QNQ==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame B152 126 KB
41 KB 52ms
51ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-1f8af"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 22 Jun 2023 23:52:52 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame B152 2 KB
3 KB 52ms
51ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: FwcpNN5Byau4bRXGziLJsTJILumrMvSN
date: Wed, 21 Jun 2023 23:52:52 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:44:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 4
x-amz-server-side-encryption: AES256
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: NSMkTDGvxAmw-YXeecokWi7MSnc7V8JfLv6F40MJpW8laAdRnxD8dA==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame B152 4 KB
5 KB 28ms
27ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5db43dfc18e22f338047eb4393993f313139c7a1a6854f137b07b2b387c97cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: xNhtWKelLdHMMOOg3IJVR4ueQDc1zNB2
date: Wed, 21 Jun 2023 23:52:10 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Sat, 17 Jun 2023 01:23:04 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 47
x-amz-server-side-encryption: AES256
etag: "990b529c50a92c18cd5337f5f2a1d611"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4532
x-amz-cf-id: jOH6uaZ9q-jc4JwTh7uyw3_ujGkZoF1iY6ADQ9kkKeEjtNR7-jVC_g==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame B152 3 KB
3 KB 52ms
52ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: UIL_JxmG0rSPMgDUx2zZ5zqCXxpp08Ga
date: Wed, 21 Jun 2023 23:52:52 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:45:14 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 27
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: Ybj3vMx3ZhJ69P2LIQguQl4Bx_gB5cAgd7hwVc90MNRMSixTfq7ZZg==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame B152 6 KB
7 KB 53ms
52ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 9yDAe8hc8angtezA583McC9CmPtDZOQm
date: Wed, 21 Jun 2023 23:52:52 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:45:02 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 19
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: 9COGxzclq9T_ftnFzRZHkMYeZW8yRvgxzCJw8fjicHb8mtxIyBgp1A==

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame B152 2 KB
2 KB 793ms
258ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.18511524652863498
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Houzhuangzi, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: 09299aaf77b8af3c9c495c7efcd6ccc7856441627fae28ebad578643c2502cab

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://reurl.cc
Date: Wed, 21 Jun 2023 23:52:53 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel
Transfer-Encoding: chunked

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame B152
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=D9KENXFuD2iVjQDTVY2TZA

2 B
169 B

290ms
289ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=D9KENXFuD2iVjQDTVY2TZA
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:54 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Wed, 21 Jun 2023 23:52:53 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=D9KENXFuD2iVjQDTVY2TZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame B152
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=1LL3wZBMCyWWwOSQVY2TZA

2 B
140 B

550ms
549ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=1LL3wZBMCyWWwOSQVY2TZA
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:54 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Wed, 21 Jun 2023 23:52:53 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=1LL3wZBMCyWWwOSQVY2TZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame E74D 2 KB
1 KB 521ms
520ms Script
text/html 52.193.181.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13861&rf=https%3A%2F%2Freurl.cc&n=579&o=1&fc=564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf&d=1&b=2&ts=1&ii=2&FPCK=564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf&fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4&initver=230331P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.181.52 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-181-52.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 48fc6dfed13d9de13eff64788aea6e1a33febd8a74bdf01fdc4738dd19caaddc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 21 Jun 2023 23:52:53 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame E74D 3 KB
3 KB 27ms
25ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 1d7i8aDt24bAAhdQGVHcl4aJbGsdC8qT
date: Wed, 21 Jun 2023 23:52:52 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:45:19 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 24
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: Pf_KkK4GNaIrEEdtz_1H-Lfx9V6c2dtRav1S65NVDY59JF0bXcOiqw==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame E74D 126 KB
41 KB 49ms
47ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-1f8af"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 22 Jun 2023 23:52:52 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame E74D 2 KB
3 KB 27ms
26ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: FwcpNN5Byau4bRXGziLJsTJILumrMvSN
date: Wed, 21 Jun 2023 23:52:52 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:44:41 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 4
x-amz-server-side-encryption: AES256
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: tRmjIbkyY8JQFoN-oiPI7z_7i56zEAfzZnMPbidxeLu_G69K5Rbfsg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame E74D 4 KB
5 KB 29ms
28ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5db43dfc18e22f338047eb4393993f313139c7a1a6854f137b07b2b387c97cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: xNhtWKelLdHMMOOg3IJVR4ueQDc1zNB2
date: Wed, 21 Jun 2023 23:52:10 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Sat, 17 Jun 2023 01:23:04 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 47
x-amz-server-side-encryption: AES256
etag: "990b529c50a92c18cd5337f5f2a1d611"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4532
x-amz-cf-id: Y6iSsLuUKa6L9JfWz3ilEBiqIcxQEURUr767ibUsydbWZ_jtGf5nPA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame E74D 3 KB
3 KB 29ms
28ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: UIL_JxmG0rSPMgDUx2zZ5zqCXxpp08Ga
date: Wed, 21 Jun 2023 23:52:52 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:45:14 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 27
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: pYDo7TMdv5uXefTptMnnlT1DrNbgKrtiWM21KOT48o1GNhVmn5N0SA==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame E74D 6 KB
7 KB 30ms
29ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 9yDAe8hc8angtezA583McC9CmPtDZOQm
date: Wed, 21 Jun 2023 23:52:52 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:45:02 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 19
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: Rs8GRk00kVK-kx3C5bWA9CuLjAhXv1VpmO2S5l6PD8r-T-15zU92KA==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame B152 0
171 B 619ms
198ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 21 Jun 2023 23:52:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame B152 0
186 B 190ms
50ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=137&profileId=184&bundle=n_eAvl9BUE4zdEdGclo1MTk5RHg0ZWNuRkJBdUxzWHlQM0dxVkwxRFVZTE1OSWdYYm9Ec2tqZ2dOdXdmWWg5Z1MlMkJpb29MSm16Smx2M01FWjFNTmw2c1BOJTJGRyUyRkdEOWphNWJpOW1lVWdPJTJGZXQ4RkFFcVBzb0IyTXBGUmdiZm94TU9BZyUyQmd3ZmlvRm5kc292bFpBZSUyQm55Z1l2dXclM0QlM0Q&cb=49757165748

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 21 Jun 2023 23:52:52 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame E74D 0
170 B 600ms
198ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 21 Jun 2023 23:52:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame E74D 2 KB
2 KB 777ms
256ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9814169535610564
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Houzhuangzi, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: e965a89fef019e8f3e71c90d8707eddf24c2038e7d9d55982eaba1f8053f4cab

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://reurl.cc
Date: Wed, 21 Jun 2023 23:52:52 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel
Transfer-Encoding: chunked

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame E74D
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=FkpGNgfKABWoY7fHVY2TZA

2 B
140 B

391ms
390ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=FkpGNgfKABWoY7fHVY2TZA
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:54 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Wed, 21 Jun 2023 23:52:53 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=FkpGNgfKABWoY7fHVY2TZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame E74D
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=MD2NX4uJDUC-jGokVY2TZA

2 B
140 B

290ms
290ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=MD2NX4uJDUC-jGokVY2TZA
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:54 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Wed, 21 Jun 2023 23:52:53 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=MD2NX4uJDUC-jGokVY2TZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E74D 0
187 B 148ms
45ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://reurl.cc
date: Wed, 21 Jun 2023 23:52:52 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame B152 5 KB
3 KB 250ms
250ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:52 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 22 Jun 2023 00:02:52 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame E74D 5 KB
3 KB 251ms
250ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:53 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Thu, 22 Jun 2023 00:02:53 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 40FB 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLqB771lblnL_CRn7lAdFfCAaxdW2yd2OUnqHGZ6zriIyUvZEkRL3DbMBZqCuMLuG59TEgidiMrXq9nAuzPTgKoAKHHyI5lHuk8tPygARDly5tyYkM&sig=Cg0ArKJSzB2eytarfz5VEAE&id=lidar2&mcvt=1000&p=973,935,1223,1235&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230620&bin=7&avms=nio&bs=1600,1200&mc=0.91&vu=1&app=0&itpl=19&adk=3475397127&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687391569509&rpt=2417&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame E74D 0
78 B 33ms
33ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Jun 2023 23:52:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame E74D 43 B
365 B 34ms
33ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 15 Jun 2024 23:52:52 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame E74D 43 B
365 B 34ms
34ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 15 Jun 2024 23:52:52 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame B152 43 B
365 B 34ms
33ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 15 Jun 2024 23:52:52 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame B152 43 B
365 B 34ms
34ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 15 Jun 2024 23:52:52 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame B152 0
78 B 35ms
34ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Jun 2023 23:52:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame E74D 9 KB
9 KB 27ms
26ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13861&rf=https%3A%2F%2Freurl.cc&n=579&o=1&fc=564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf&d=1&b=2&ts=1&ii=2&FPCK=564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf&fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 163861ba1f99a5f399021588724bc0930e9de7f7dea9c4a5d8d06e03f169f30c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: BdlLWqRSJhtoqWyWgdowgeFYPkUrdf8r
date: Wed, 21 Jun 2023 23:52:35 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jun 2023 16:43:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 28
x-amz-server-side-encryption: AES256
etag: "5605cb8cc8a95ce9c39d43b26ce2823b"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8980
x-amz-cf-id: Il49zGfbxc5yojTmg8SKj04VIuS5EJ8UkWXsn4QylmOQWXTJBvO4Mw==

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame E74D 0
187 B 254ms
253ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf&mp=c01bcb74-500b-4f26-8402-f1714ae83cd7

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:53 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
c01bcb74-500b-4f26-8402-f1714ae83cd7.t.ssp.hinet.net/ Frame E74D 0
79 B 251ms
250ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c01bcb74-500b-4f26-8402-f1714ae83cd7.t.ssp.hinet.net/pixel?bd=c01bcb74-500b-4f26-8402-f1714ae83cd7&t=50ef57&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:53 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame B152 9 KB
9 KB 27ms
26ms Script
application/javascript 2600:9000:225b:c600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13859&rf=https%3A%2F%2Freurl.cc&n=656&o=1&fc=564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf&d=1&b=2&ts=1&ii=2&FPCK=564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf&fp_uuid=0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4&initver=230331P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 163861ba1f99a5f399021588724bc0930e9de7f7dea9c4a5d8d06e03f169f30c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: BdlLWqRSJhtoqWyWgdowgeFYPkUrdf8r
date: Wed, 21 Jun 2023 23:52:35 GMT
via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jun 2023 16:43:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 28
x-amz-server-side-encryption: AES256
etag: "5605cb8cc8a95ce9c39d43b26ce2823b"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8980
x-amz-cf-id: Eehp3xl-y7BAQ0Rmpo-fvZE8kvVmBC7g3WYhtPZL8TFzb0twD4uWjg==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A393 0
0 60ms
59ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH9dlgTj0OJO3m4NJpOH8esZSmWQ_4BOR7oP0it_ZHxTT0H1pEV7-xcNG8-T3p9KGAebwHhGUKpSftzQc8VEUQi2oaH5B5ehkQHa613CrCH7L0aGPl15pO4_IzXNi07GJVPXWMExA657xq_UNsrTmVezG1jUMS-aV-WThjQlx9CPROXBueEpdkU9iAVD3eRPasAp7XB0hnJfs9SwTdLuqVWmoLLKXzeUpGHFKuzhdFJsaj39XbOCAx83uyVZIgNu1sllbr2W2ns0NTNxtFie2XnoXsQ2Ne_VdQkKkbFEtVXXtlrn63fgXgmOlZnl7uRsPohYxk8nReV-4jXxRD5X7pvBh4ilVRPou4GnHV&sai=AMfl-YTo_Ys9QJoD8c9ruxvD_jGu_r5VSJT_J9qWhXJuOic18X6W_zUwxqIibwFrM9P_0qU8nfD_t5N7-vfNf0zxItlaYzAudM4TeD13wJ5RoMPb_KAFlIknNYxojbCusZWq9ebEOzDreZCWbidS9Io&sig=Cg0ArKJSzJYAKi-F4DJREAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 23:52:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 34ms
34ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddbab8dc75b6edbc11d871a5d5f215a73efb0a098410a1bd9153a5af037ab65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11243
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BA5E 15 KB
6 KB 39ms
38ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 878828
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E8C6 15 KB
6 KB 42ms
41ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 935358
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 44ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:52:53 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame BA5E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=n_eAvl9BUE4zdEdGclo1MTk5RHg0ZWNuRkJBdUxzWHlQM0dxVkwxRFVZTE1OSWdYYm9Ec2tqZ2dOdXdmWW...
https://mug.criteo.com/sid?cpp=wdHCUHxHSzJKSTVkdnk5YkFqWjh5T1R0b1UzMXVMblFWb3VLVThjNndHbnZueCtvTlBoT3VDc24rZ09YbHlzL2xmM3MxOTVZd0VaeGhhZTdnb1ppc0MzRHBhZGxZZWxNUUp1NHBqTnUwSEszdmxmbXRCK3ViaFNxdzRGQV...

439 B
654 B

28ms
27ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=wdHCUHxHSzJKSTVkdnk5YkFqWjh5T1R0b1UzMXVMblFWb3VLVThjNndHbnZueCtvTlBoT3VDc24rZ09YbHlzL2xmM3MxOTVZd0VaeGhhZTdnb1ppc0MzRHBhZGxZZWxNUUp1NHBqTnUwSEszdmxmbXRCK3ViaFNxdzRGQVVtRTdQZUx0NzFyZ0Ewaks0azJBMUVvanNvUlNDSGE2V1VKZXNkUHk3R3BNUjNYWEtBZjhiQ1FPSDhJaVREeGN1TEM4OFZtNXVBNW0wSldGQm9wb3AzcTBYcCthcWlBUU5YYmFpSi96U3VSZEkybzIyMkVMMUxPYk4rSFFsYnBVeHJPM1E5WTFCVzB5REI3RktKYk44NVVXZUJiSHMxQ1Ztdi9qVllHd2JKeEdDYTFtNXBTdz18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c18de337adb33812de4de326ba0f64698128593cddc004eaedcb9d161f7bff82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 735989
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=wdHCUHxHSzJKSTVkdnk5YkFqWjh5T1R0b1UzMXVMblFWb3VLVThjNndHbnZueCtvTlBoT3VDc24rZ09YbHlzL2xmM3MxOTVZd0VaeGhhZTdnb1ppc0MzRHBhZGxZZWxNUUp1NHBqTnUwSEszdmxmbXRCK3ViaFNxdzRGQVVtRTdQZUx0NzFyZ0Ewaks0azJBMUVvanNvUlNDSGE2V1VKZXNkUHk3R3BNUjNYWEtBZjhiQ1FPSDhJaVREeGN1TEM4OFZtNXVBNW0wSldGQm9wb3AzcTBYcCthcWlBUU5YYmFpSi96U3VSZEkybzIyMkVMMUxPYk4rSFFsYnBVeHJPM1E5WTFCVzB5REI3RktKYk44NVVXZUJiSHMxQ1Ztdi9qVllHd2JKeEdDYTFtNXBTdz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 259114
content-length: 0
expires: 0

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame CD68
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

79ms
27ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6073
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OATEOTwHRPKBYQ9vcvwksd%2BpP16FXj4y%2F8mh3gQErx3b8Ru7AiqyhTN8K%2FCUfTCJ%2BSGjjqujFoEALIb3byCP1ZqKiQ2SE0MUqK%2Bi0f8k%2BtIAdZRLdcUiAuu7YQE7btr4RrUiQRbQ%2FIUBuimh6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7db02afc0d6f3a94-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame E8C6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=n_eAvl9BUE4zdEdGclo1MTk5RHg0ZWNuRkJBdUxzWHlQM0dxVkwxRFVZTE1OSWdYYm9Ec2tqZ2dOdXdmWW...
https://mug.criteo.com/sid?cpp=sVGXH3xNWHN2VVYwQjNDZWlqQTVaRGtzTnVhUHBQYW9HbDNUNWVWbWw4WFpYWHdvS3BYK3FZYWFKL1RiMlFpMmpxT0RldzZ5YzlBVjdrS3JNNXNhak43T0Rya1JmK2tzWWxUbURqQ1lXR2FMb3JTU0tsUzJvMXhxdkdtc0...

431 B
646 B

27ms
26ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sVGXH3xNWHN2VVYwQjNDZWlqQTVaRGtzTnVhUHBQYW9HbDNUNWVWbWw4WFpYWHdvS3BYK3FZYWFKL1RiMlFpMmpxT0RldzZ5YzlBVjdrS3JNNXNhak43T0Rya1JmK2tzWWxUbURqQ1lXR2FMb3JTU0tsUzJvMXhxdkdtc0poRHUzdld2Y3RWbGxMUGoxdlQ4b25CUENFbG9iTUdFM3I4bjRHeUtHcEVLNFlJSHcrenFYVWhhcnorMWZWdlFHdVlRL1ZCVWcxWmppM3RrT1hZRS92VXNkM2xDQVZxK0c5QzR6UGhMYmJmNWw0cEt5czBCVHJCSTZ2SWxTTk1jcUtyMmttczk0bmdOWmYrSTdWeXcveWVLU0U0bkZZQT09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

90c3de5e4f3905fb379b7c84f847a3c0758b1c65af40a5690a1c849bf050b75d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 696819
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=sVGXH3xNWHN2VVYwQjNDZWlqQTVaRGtzTnVhUHBQYW9HbDNUNWVWbWw4WFpYWHdvS3BYK3FZYWFKL1RiMlFpMmpxT0RldzZ5YzlBVjdrS3JNNXNhak43T0Rya1JmK2tzWWxUbURqQ1lXR2FMb3JTU0tsUzJvMXhxdkdtc0poRHUzdld2Y3RWbGxMUGoxdlQ4b25CUENFbG9iTUdFM3I4bjRHeUtHcEVLNFlJSHcrenFYVWhhcnorMWZWdlFHdVlRL1ZCVWcxWmppM3RrT1hZRS92VXNkM2xDQVZxK0c5QzR6UGhMYmJmNWw0cEt5czBCVHJCSTZ2SWxTTk1jcUtyMmttczk0bmdOWmYrSTdWeXcveWVLU0U0bkZZQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 244788
content-length: 0
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3F8F 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 18:49:13 GMT
expires: Thu, 20 Jun 2024 18:49:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6FFE 783 B
536 B 31ms
30ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b71b8f4f87a5e731d1e12323ea93b3dc032132e1eb48f2a3613b267558dea13e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-V25EQJzUh8q4S7sW0yarFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-V25EQJzUh8q4S7sW0yarFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:53 GMT
expires: Wed, 21 Jun 2023 23:52:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F8F 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:43:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:43:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6FFE 0
0 55ms
54ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306200101&jk=901328187611937&rc=05ALyjir8k-4hyTZhPN74hyjgZzD90nswmsjObFsGQkGUeBfcHf8fUrTi-g3cEYn3zKQa7mMy0y-XLRJoJg-XFKYr8cbUSSnEejM7ICz43gWG2i13rWttCS52XrSBSc9YoucKdiicC8Equd_UlZDAXqdjhtUfYGUL9BSRkFNvt4lR4R2SlP6nwgCdE6YM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3F8F 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EK_jCw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 28ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je36e2&_p=625014394&cid=1138288519.1687391569&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1687391569&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=scroll&epn.percent_scrolled=90&_et=14
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 16C1
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

26ms
25ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 682
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lLVeHzlLOmvEtIuRZ4hnVYgwC767ougDVklAz0Bf1LyAXDVZ8qtma2WS2ETACVUUqdLc1wzpqoxXPyP2DbJMBNvksYZAOMQcquuYqDwcq58MmnC50428c6mB3mMR804zkhhR1CLw2hw%2F3LhaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7db02afe6b5d1da2-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame CD68 975 B
631 B 27ms
26ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11999
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8KFei6%2F08c0LogontstgzOi%2FYQU5NfgZeT7dKh0CSTgchFOCqLkSF867fZwz0KwKpCvptYGQk14LF9XXxYr%2BigNSCiGpDFVbJEpRDtuVIeKmLC5ou7Rqo%2F5dXbfmErTSMCtiIgVN5h4OIVFMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7db02afc5dcf3a94-FRA

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame CD68 46 B
486 B 452ms
111ms XHR
text/html 192.96.203.13

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f844ab0f39c9e90cb287a89510f46503bdef3ba338faa4a681759c2d9681708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 23:52:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame CD68 686 B
1 KB 380ms
193ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&adid=ad-BE7A8D43EB8B26491AD93B7AD2AB466&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.4377209311157424&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: cd1cacedcdf1b25f1202abe3da43d2677408f6c46b84c938cdb630bbfd129dac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:54 GMT
x-width: 300
x-height: 250
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 686

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
56ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306200101&jk=901328187611937&bg=!-fql-q7NAAYQ3eRoMN07ADkAdvg8Wt3p-IaxLLIaMa1TePchQIKfdlBWJ2hQEFaWZBV6C4fLVAyKVJrxaF1HUoLa3TYwKhVV34ECAAAASFIAAAADaAEHmQKan6niAJTzrZnd10Ok2wM0jCJzWvpU7n0VG_SFVFnYc0bUbUhwxunBBpRRd6_Zh3qmtjIHvfbZJPGjPRNpJVNeWxqvpIjAGo0VEwo3OZL34ifJZh5mEmFNQ9HD1eV1HOspEQwly-82fMM2O1U1hLdPaXVd3hF6pHjMw9b720AsVfbjCLR_DcD8hT_laGWPJuKxEeOYVv8FihD8lChXmYh4wsWSNEL0030wl9zNHuNhE459viR8Gn1sSosskjH7Wn9bw6DEa5jMaPcA2xz6bnwDaca1TF7qBw8H5do4-_mxdePs40nvg2QbtU6QOHK3iovBAimbqL8ZGpA6EtD-VKWevRqRdVgZkYkyTlPaNh6KluZJ9mMlvRw6Hy-_V-8gt7N_fozOxdzBscemoA4tOFv5e_Q5nBd8EHADKxePugaDJGohIUxidXLOcLuGrGc77W5Kg4uTvncfD9hRj0jom2VQb8kVr8Glv4A8xL9mLcnvJPieizb_LGbOT7m59ELu_5OmRIZEUM5piHsyyWaBsNETRMeUyk_0-hDXZ2u6Ezm8a6IxiqBnEkiDmNXHiaP2PXR87ZskqXK5sIb96vHCtFw6xzeuk4-FAaJnP-hQzV8XgCg6CLnIJPOzRv3Z6gBDbpDVccvCcm6-ZjI5_UlrOjdAlYf4tAl48A6URfvWNaakMOSODHtL2S1KnSmATBEFFyVxVz2D_ysp6rEluFEBIVNrfa-Pnoje3ULd86EWFVVEr9bZchkl4DTUdP7LscaPn-K1BF7u6GaortRRi_4HNXbA8E3DbM82z_TJJ5b0XEfgK0hGxvawqxbMBKwrs5AGh24Yojxatp6S1HfUem7EQ4afgcJjE9bp3S7Eu3VgGvWKh3cpeGrtVxWk6Q0_
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A393 42 B
64 B 55ms
54ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8uyty83zrahkt69m-Lw6IPmKV5em-y9G0u4OSrBhtdYNEqtRfNt6XkUP50iqMXE39thuWo5SWH6nUSv85GooI5JSyuswFmcAG3Z3NiOF1Gicmy_tw&sig=Cg0ArKJSzO0o-pETFWEJEAE&id=lidar2&mcvt=1000&p=973,365,1227,665&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230620&bin=7&avms=nio&bs=1600,1200&mc=0.89&vu=1&app=0&itpl=19&adk=2988576075&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687391569498&rpt=4328&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame FD58 77 KB
26 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80487acd4e4d2c1139684319c373e99fcb743a6f061a3383ed31088ea17458b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26426
x-xss-protection: 0
server: cafe
etag: 328 / 19529 / 31075506 / config-hash: 4269681316764798759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:52:54 GMT

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 16C1 975 B
763 B 25ms
25ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 288
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFryOuIeLq8j5Yng4y0uzmy15nPj06mRbjA2lkPcxAu%2FRHCMfKGe0J%2BNvdMSUJ7OtzGl1S8vENcNl6TaV%2Bn%2BouAGNsKRwew4SFWGLs3RscQF0JBDxFazMjfPi0kfkhc%2B71a%2BG2ypGoivcabLgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7db02afeebb31da2-FRA

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 16C1 46 B
486 B 327ms
111ms XHR
text/html 192.96.203.13

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f844ab0f39c9e90cb287a89510f46503bdef3ba338faa4a681759c2d9681708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 23:52:55 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 16C1 686 B
1 KB 394ms
181ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&adid=ad-E2B64EDA2E2EEE771779EE992A288D72&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.2258855379028557&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3d1258c5f9ec4bc9982e6b207b1b9f8323a65d4e21bb18fb5448e07e396849c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
x-width: 300
x-height: 250
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-sspid: 57aae886-3ad1-3ba2-a57d-a499cebf2ba6
x-adtype: html
connection: close
content-length: 686

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/ Frame FD58 411 KB
127 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075506

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 08:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56472
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129960
x-xss-protection: 0
server: cafe
etag: 10643696450713337328
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 20 Jun 2024 08:11:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame FD58 544 B
296 B 29ms
29ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 271
x-xss-protection: 0
expires: Wed, 21 Jun 2023 23:52:54 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 8832 714 B
757 B 37ms
37ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 11494
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7db02aff4c411da2-FRA
content-encoding: br
content-type: text/html
date: Wed, 21 Jun 2023 23:52:54 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aw2H8210TN%2FN7bY0MsaFGmFbSTYKOTAraM%2F%2Br%2FnMxWIgbq5GVkfVhvqGUZy5uaf99K3ajrU9AGtBbTD2sAY9LWABPwDEGuTtGoxIRwR%2BnefqNq1X0MZr5Dfgd0Pmxcoj2m4JSzqokf0ShQecxw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame DD31
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

113ms
20ms

Document
text/html

23.37.42.132

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Jun 2023 23:52:55 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 21 Jun 2023 23:52:55 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame CD68 35 B
384 B 322ms
109ms Image
image/gif 192.96.203.13

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 23:52:55 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame FD58 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075506

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FD58 149 KB
40 KB 329ms
329ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=328876107595183&correlator=3878097269459453&eid=31072020%2C31075506&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13860-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=4226398572&sfv=1-0-40&sc=1&cookie=ID%3D3002e27cca0769bc%3AT%3D1687391569%3ART%3D1687391569%3AS%3DALNI_MZn-MT97VkJ1mJpO8nT67PcId67nw&gpic=UID%3D00000c3277c2e9be%3AT%3D1687391569%3ART%3D1687391569%3AS%3DALNI_MaOwqCzCJZik1kjTBFBfWGU4EwVcA&abxe=1&dt=1687391575125&lmt=1687391575&dlt=1687391574451&idt=535&adxs=935&adys=1098&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=r5ouh4ywxxnn&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=6&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ref=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&top=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&frm=23&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1138288519.1687391569&ga_sid=1687391575&ga_hid=1327142818&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYzoqAg44xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOGJgIOOMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lTMVo0VFVaaFZYUlRlbGRaZW1kclFYZzRVRFp6ZHowOUluMD0Yto2Ag44xSAASGQoKdWlkYXBpLmNvbRjhiYCDjjFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075506

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7a036df3bad34d7b60df92053567bfadb28f0d79a917aa17f58c28a5eaed07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40538
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FD58 15 KB
11 KB 33ms
33ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075506

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a93fa27432d2c2ef9ed94cc2a7e22436cbfebd4f8a384b46139ba6475cd6979e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11242
x-xss-protection: 0

GET
H2 200 container.html Show response
90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 20C9 6 KB
3 KB 57ms
27ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:55 GMT
expires: Thu, 20 Jun 2024 23:52:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8832 77 KB
26 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a95637652a9d25913ec9d9b768d09b5d12d30f6bfc86d1a7274602303c7732a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26425
x-xss-protection: 0
server: cafe
etag: 578 / 19529 / m202306150101 / config-hash: 4269681316764798759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:52:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FD58 17 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075506

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:52:55 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/ Frame 8832 411 KB
127 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:54:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17914
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129960
x-xss-protection: 0
server: cafe
etag: 10643696450713337328
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 20 Jun 2024 18:54:21 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 2A16 714 B
761 B 31ms
29ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 11495
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7db02b010e331da2-FRA
content-encoding: br
content-type: text/html
date: Wed, 21 Jun 2023 23:52:55 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOYJ7kkiKWW4zJc%2FORViZkZ7qIWPDh1Z1EhRICUI8ivFqQQMik6GjOH4PQP%2BPxWp4DfqISiqXCxWcRKCg3c2nPTXZeqY%2Fu7%2BQQfMf9dl82asTqRRmxELdvFy%2BZxj1TqXIRVkYdRF7s6IlefQeg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 16C1 35 B
384 B 325ms
109ms Image
image/gif 192.96.203.13

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 23:52:55 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1E9A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

61ms
19ms

Document
text/html

23.37.42.132

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Jun 2023 23:52:55 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 21 Jun 2023 23:52:55 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 26BA 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 18:49:13 GMT
expires: Thu, 20 Jun 2024 18:49:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 84A0 783 B
535 B 31ms
31ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8b7ed41eee90bf1deddda438941a80ef11a1d0ce79402cd977230a94f8e2e523

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zNHOSu-o7YXPElIUSnMpPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-zNHOSu-o7YXPElIUSnMpPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:55 GMT
expires: Wed, 21 Jun 2023 23:52:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2A16 77 KB
26 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5d0781fb6e2cc6d83741e20c7cdc6c131fa87ed4c60a8e46943f4236469fbd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26432
x-xss-protection: 0
server: cafe
etag: 358 / 19529 / 31075507 / config-hash: 4269681316764798759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:52:55 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8832 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8832 492 B
265 B 60ms
59ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2808762137455905&correlator=4188457472562454&eid=21065725&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1687391575273&lmt=1644386353&dlt=1687391575138&idt=112&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=9931mk3011d4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=6&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1016121996.1687391575&ga_sid=1687391575&ga_hid=1738950041&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fad522c9314404170655a838fa6c298330aded53a3a5a1f4ccb05d4a98cd1300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f7c3b059f0bdb07684081ee1204115f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C3EF 6 KB
3 KB 61ms
27ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7c3b059f0bdb07684081ee1204115f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:55 GMT
expires: Thu, 20 Jun 2024 23:52:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C5C2 78 KB
26 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1197dfb6bf278d3f7efe99f939c603295a7cd81414056a384c39e9b53bb80aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26701
x-xss-protection: 0
server: cafe
etag: 308 / 19529 / 31075506 / config-hash: 4269681316764798759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:52:55 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DD31 34 KB
10 KB 19ms
19ms Script
text/html 23.37.42.132

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f494ab2c9aad7526c2026f74fdb4e14126aeb288cf9130cbbe296a890323f5ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 23:52:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Jun 2023 17:17:05 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=62589
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 22 Jun 2023 17:16:04 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1E9A 34 KB
10 KB 20ms
20ms Script
text/html 23.37.42.132

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f494ab2c9aad7526c2026f74fdb4e14126aeb288cf9130cbbe296a890323f5ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 23:52:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Jun 2023 17:17:05 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=62589
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 22 Jun 2023 17:16:04 GMT

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame 26BA 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:43:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:43:20 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/ Frame 2A16 393 KB
125 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075507

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

923ac60ae2b51d9cb2025f34d30e8188c5bdfb61e04f7d5c88908b56800c7ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:30:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48161
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127691
x-xss-protection: 0
server: cafe
etag: 13681810057703077335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 20 Jun 2024 10:30:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 84A0 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306150101&jk=328876107595183&rc=05ALyjir8k-4hyTZhPN74hyjgZzD90nswmsjObFsGQkGUeBfcHf8fUrTi-g3cEYn3zKQa7mMy0y-XLRJoJg-XFKYr8cbUSSnEejM7ICz43gWG2i13rWttCS52XrSBSc9YoucKdiicC8Equd_UlZDAXqdjhtUfYGUL9BSRkFNvt4lR4R2SlP6nwgCdE6YM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame DD31 284 B
536 B 129ms
20ms Image
image/jpg 69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1E9A 284 B
536 B 126ms
22ms Image
image/jpg 69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/ Frame C5C2 411 KB
127 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075506

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 08:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56473
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129960
x-xss-protection: 0
server: cafe
etag: 10643696450713337328
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 20 Jun 2024 08:11:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame C5C2 544 B
296 B 29ms
29ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc&ppc_eid=31075027

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 271
x-xss-protection: 0
expires: Wed, 21 Jun 2023 23:52:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8832 15 KB
11 KB 34ms
34ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67b3d68ea3b6938282166865e66312a6fba72da5deb10a6bf6e13c0a51835481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11282
x-xss-protection: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 2A16 64 KB
24 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075507

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

316670143a8e613e747de47e2e126f641e74ac87619b467022d68bf998beb1d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1176
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24459
x-xss-protection: 0
server: cafe
etag: 4416550086102693720
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 22 Jun 2023 00:33:19 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2A16 107 B
122 B 30ms
29ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075507

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2A16 492 B
265 B 57ms
57ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3581039659022826&correlator=908748303336225&eid=31075507%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1687391575425&lmt=1644386353&dlt=1687391575229&idt=177&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=fqh7cfz73ol5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=6&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&rumc=3581039659022826&rume=1&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1015172439.1687391575&ga_sid=1687391575&ga_hid=1261479464&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075507

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3781d82bf13a220ea87b7a04df3592e7607b223f401c1608afaf16f890a344d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
799ab191b5c01877d7208ac2796f9804.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5352 6 KB
3 KB 44ms
26ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://799ab191b5c01877d7208ac2796f9804.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:55 GMT
expires: Thu, 20 Jun 2024 23:52:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8832 17 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:52:55 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame C5C2 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075506

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C5C2 42 KB
14 KB 148ms
147ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3605921774928925&correlator=3966898366801245&eid=31075027%2C31075506&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13858-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3402753430&sfv=1-0-40&sc=1&cookie=ID%3D3002e27cca0769bc%3AT%3D1687391569%3ART%3D1687391569%3AS%3DALNI_MZn-MT97VkJ1mJpO8nT67PcId67nw&gpic=UID%3D00000c3277c2e9be%3AT%3D1687391569%3ART%3D1687391569%3AS%3DALNI_MaOwqCzCJZik1kjTBFBfWGU4EwVcA&abxe=1&dt=1687391575460&lmt=1687391575&dlt=1687391574863&idt=588&adxs=365&adys=1098&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=lbw2mq22a1sm&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=6&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ref=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&top=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&frm=23&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1138288519.1687391569&ga_sid=1687391575&ga_hid=2049883845&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcYzoqAg44xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOGJgIOOMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lTMVo0VFVaaFZYUlRlbGRaZW1kclFYZzRVRFp6ZHowOUluMD0Yto2Ag44xSAASGQoKdWlkYXBpLmNvbRjhiYCDjjFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075506

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

549b5ec631bc0f0bc93bd2092124270a23afd1dd6eaa49c3c3ea695b9812343f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14767
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C5C2 15 KB
11 KB 35ms
34ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075506

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

509fde281ac7707678e71c2d0cfe9fbf325e77ee9c6895572fec28006e786c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11377
x-xss-protection: 0

GET
H2 200 container.html
a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C2D6 6 KB
0 57ms
27ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:55 GMT
expires: Thu, 20 Jun 2024 23:52:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 820C 6 KB
3 KB 26ms
25ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075506

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:55 GMT
expires: Thu, 20 Jun 2024 23:52:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C5C2 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075506

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:52:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E164 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 18:49:13 GMT
expires: Thu, 20 Jun 2024 18:49:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C254 783 B
536 B 45ms
45ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2bea500bbd1bde9f162cbaad1cf118cee3dbbf164777a5959a17f3cabc5cdce8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K9EPBp1WQaaBW1k6M7ynhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-K9EPBp1WQaaBW1k6M7ynhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:55 GMT
expires: Wed, 21 Jun 2023 23:52:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2A16 15 KB
11 KB 42ms
42ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075507

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9942c9cbda1067e96892dd679d1b768be0e05850053a394ee83054a053557bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11385
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 820C 4 KB
1 KB 91ms
29ms Stylesheet
text/css 2a00:1450:4001:830::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
URL: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 23:43:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 23:52:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 820C 2 KB
892 B 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
URL: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:22:22 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 820C 0
0 69ms
68ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cn7l4V42TZIK9CvSB9u8PiKac8A23priVb5ap7uepEWQQASDSzIEaYJXKmYKsB6ABhZ7evQPIAQmpAo1gQwYnbbI-4AIAqAMByAPLBKoE5gFP0N5xlgqMAk7peY8e5iFLGP0uJLVtILvoBQ0p0g56NMUj3HNrcy6pwv8zvWEK0X60Rx7B8ZDWNDSTeUAJoXqtGAa9mTKR8vCAhQH0QkZcozdTGhbsl6ua0z1Fj4H-mTlC2dnN3tjLB27o9wOFmlAUD9nq8x9XUNJa1ExdUJxqN2VWrq4Gt7C_NFX50ANSqyFGaKaihwj5o2h0StJMZNGyDPSMvBy_Y3raKyOVS2k_ypO_Lql3euIVa_0rqJG4fw6VSpYDf553OoQZt8Jc0LOnV7pgirwFr6Agoh1JKLjNyRazA3ozwsAE3qPDlZwE4AQBkgUECAQYAZIFBAgFGASgBi6AB-PhoUKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDl4QLSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBmAyt98-MoQSiDAgqBgoEw7CxArgTgwTYEw7QFQGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=y53j2Ql9YGM&uach_m=[UACH]&cid=CAQSOwBygQiDPwRA6KT2ddZjJVHCc6L9QH1b1eqvSTBEZC_sNWnio4rWTgAhrGX8g9Ypyqq72K_ToYgK3g4pGAE&template_id=515
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 820C 22 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
URL: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 18:49:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 820C 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
URL: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 18:48:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8ABC 1 KB
643 B 20ms
20ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
URL: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 820C 19 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
URL: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:19:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 820C 0
0 44ms
43ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9-zrDA78KbL9AdrjYZEuuTAPLKkCCTrJR0mLut62avWMC061Wsnx-eBEftftxhgwe4t8VYzzoTSRg-U-J_PnAmn16lg
Requested by: Host: 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
URL: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 820C 178 KB
56 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
URL: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:52:55 GMT

GET
H3 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame 820C 33 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
URL: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 10:26:40 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A16 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=cdn.aralego.net&doc=complete&pg_h=0&pg_w=0&pg_hs=0&c=0&aa_c=0&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 17501025398366693693
tpc.googlesyndication.com/simgad/ Frame 820C 3 KB
3 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17501025398366693693?w=100&h=100

Requested by

Host: 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
URL: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c3d28cc00d795d32d5f0ff37a943ed34a585ee1317fd1fa52999fdcfe80df30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 23:43:26 GMT
x-content-type-options: nosniff
age: 518969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2705
x-xss-protection: 0
last-modified: Mon, 23 Dec 2019 13:26:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jun 2024 23:43:26 GMT

GET
H3 200 container.html Show response
a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C23A 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075506

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:55 GMT
expires: Thu, 20 Jun 2024 23:52:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2A16 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js?cb=31075507

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 23:52:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E4FC 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 18:49:13 GMT
expires: Thu, 20 Jun 2024 18:49:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 58C1 783 B
535 B 33ms
32ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

05c80fccab871c1cba96d9bf7ba6ccccc4067750fd2198d41fc989df945e1e38

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yOkfhYG9ekfxMDBZgypbNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-yOkfhYG9ekfxMDBZgypbNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:55 GMT
expires: Wed, 21 Jun 2023 23:52:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 26BA 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8zm2PQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8ABC 35 B
465 B 80ms
24ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA2BiE-6VBRT2NnaZTsRhEk&google_cver=1&google_push=ATf1kGOOhCOCjPkroWPzX34BW6NfjsrmiAiN1obi964cI3oP95sYXVKniDxiYLMBO7yGB_sPiNgcz_pHkC6HYdefdDFfzFe0PIc

Requested by

Host: 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
URL: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8ABC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL_UsDi31DNX3MrWTuh712Q&google_push=ATf1kGMzHoI5c8vKfpCWesDc5kNmhs_7cKzb2y3JEEO3TKBPz6mOivcUv3...

170 B
188 B

30ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL_UsDi31DNX3MrWTuh712Q&google_push=ATf1kGMzHoI5c8vKfpCWesDc5kNmhs_7cKzb2y3JEEO3TKBPz6mOivcUv3ETAHO5M8Ba8qmur2IUvqAVCFzxV2z5rD7XRIgKhw

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230024-FRA
pragma: no-cache
date: Wed, 21 Jun 2023 23:52:55 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1687391576.861281,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL_UsDi31DNX3MrWTuh712Q&google_push=ATf1kGMzHoI5c8vKfpCWesDc5kNmhs_7cKzb2y3JEEO3TKBPz6mOivcUv3ETAHO5M8Ba8qmur2IUvqAVCFzxV2z5rD7XRIgKhw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8ABC
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEESrX7ZGl9UyE0T2kv1o_m8&google_cver=1&google_push=ATf1kGOlR7aJ84zxHPg-Zja8MfQoaXUQEe7Z5EWy8dcADfKYVcKuAEiyXxSoW1AxHT5-ZgzC06BozAbNMpvHCcjC1mDSlVDK8tQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8214D880E4AE426E9A15AEF150EFB89E&google_push=ATf1kGOlR7aJ84zxHPg-Zja8MfQoaXUQEe7Z5EWy8dcADfKYVcKuAEiyXxSoW1AxHT5-ZgzC06BozAbNMpvHCcj...

170 B
188 B

29ms
28ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8214D880E4AE426E9A15AEF150EFB89E&google_push=ATf1kGOlR7aJ84zxHPg-Zja8MfQoaXUQEe7Z5EWy8dcADfKYVcKuAEiyXxSoW1AxHT5-ZgzC06BozAbNMpvHCcjC1mDSlVDK8tQ

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Jun 2023 23:52:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8214D880E4AE426E9A15AEF150EFB89E&google_push=ATf1kGOlR7aJ84zxHPg-Zja8MfQoaXUQEe7Z5EWy8dcADfKYVcKuAEiyXxSoW1AxHT5-ZgzC06BozAbNMpvHCcjC1mDSlVDK8tQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 20 Jun 2023 23:52:55 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 8ABC 70 B
265 B 156ms
45ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDaxFUhQB7Xd8YxvFLtUx5Q&google_cver=1&google_push=ATf1kGPJeXuCXC2yAOrZY_-caCjLffO-kfwjobXvYWx8Rv9a7395Kx4tHkHtpxWihWlMqsWE9L-BqdXl4qGVryFMlu0DLFmDIxU
Requested by: Host: 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
URL: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 23:52:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

report
sync.teads.tv/um/ Frame 8ABC
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELRitn9AwGxBWjtuVUZCJDM&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGNN2QsauDsX6A0eup3B6kbL4jkYxLmKu_Z10x8xvdolc3q-GmnWiHKFTCO8nww1hqMUSKEhW1RrBDAH1kBI5BEXmEoaIp8Y
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

49ms
49ms

Image
image/gif

104.75.89.75

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.75.89.75 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Wed, 21 Jun 2023 23:52:56 GMT
pragma: no-cache
date: Wed, 21 Jun 2023 23:52:56 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8ABC
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGOHvqi44wu0IjEsLPSPJeY&google_cver=1&google_push=ATf1kGNneu27IWk9D...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEGOHvqi44wu0IjEsLPSPJeY%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDAxMjUwODI5MzA0MzE4NjMwMw%3D%3D&google_gid=CAESEGOHvqi44wu0IjEsLPSPJeY&google_cver=1&google_push=ATf1kGNneu27IWk9DqwqrKTUP8Yfcc89gB...

170 B
188 B

29ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDAxMjUwODI5MzA0MzE4NjMwMw%3D%3D&google_gid=CAESEGOHvqi44wu0IjEsLPSPJeY&google_cver=1&google_push=ATf1kGNneu27IWk9DqwqrKTUP8Yfcc89gBbWa-91zZRfGwlu2ZSKuxlE9S4MyvWhNX8TmU_uw2w0yVP7Z_VgGlo-Vvij6C2zSOkA

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 21 Jun 2023 23:52:55 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.27; 217.114.218.27; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6d19be2b-cb07-4f14-935a-566164424a97
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDAxMjUwODI5MzA0MzE4NjMwMw%3D%3D&google_gid=CAESEGOHvqi44wu0IjEsLPSPJeY&google_cver=1&google_push=ATf1kGNneu27IWk9DqwqrKTUP8Yfcc89gBbWa-91zZRfGwlu2ZSKuxlE9S4MyvWhNX8TmU_uw2w0yVP7Z_VgGlo-Vvij6C2zSOkA
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8ABC
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEtZYM88O...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEt...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ed2c029d-a764-47b1-bb30-13fdec35ad26&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

31ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ed2c029d-a764-47b1-bb30-13fdec35ad26&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ed2c029d-a764-47b1-bb30-13fdec35ad26&%%GOOGLE_PUSH_PAIR%%
date: Wed, 21 Jun 2023 23:52:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8ABC 0
50 B 40ms
27ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ls3OmLm3YrEXY9Ue7wTMRRRLEbI7IyfWWTLoBGQIOd_toEdFZw67u80VhrSvzr-W32Et__LQDM

Requested by

Host: 90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
URL: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C1B5 0
0 67ms
67ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7WgNV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoE_gFP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarE6LWv4r-gRJ0aFS_P05ZIZsc1_iKSfOIm0lA9J7Stpc9p44rfD-eAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=sk9m4WpjlgI&uach_m=[UACH]&cid=CAQSOwBygQiDRgiz9SDvckM1m2ihnEf3KsbbM2Co9yAEUV0zrfubE51s1MlxWUGQl2GuJZ4ZjbDS4ow4LVJGGAE
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame C1B5 0
0 96ms
29ms Fetch
image/gif 2600:1901:0:76b9::

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k3srg0k4hsa6s1h94de4z69smr40g6gv51wvfbemyg3rtag8cr51grxzh27gf01xpwna9awfz98vzjc0hz05748pkq8jqq5v84yrkewfmn8a71q1vq3wadbmhkegqxdx8vpgz3vc961jatahvba44gt5vq34m75c3xaa3b5wdh0dmv9g14fsjqn1ctgz985a8wc52tvptst331ptrpnq2wbg1at2y4zymqf3tkmtxe1hz1dg3r28cv6w7d9f3319vw2tr8ja32ksc90439t84egdtbndbgfxq88xn8a86ywrfj057xxjz4rj2yc1tyz9ndqp3r8g0d704z339ez7wz795fk7m2cm6d2ndwfb1cdpvkdakcp702b73p43hyy6v0rkfv3mf6dn0g&b=ZJONVwAHktEH_aAeAAXn0oJVu_6bOm1r8RvMDA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 23:52:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 1CB4 2 KB
3 KB 101ms
42ms Document
text/html 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kmva2eyct1yvwkfv7ypb11mfjsche82rrcprjy98js499eq42bpkf2wvv8z6hczfspce47axka7qfr74pv17x1nb96nq3hzdnmd1h124y0a9sq4vxsmda8w1k6wfzgm1j4b817kng0qn5ys3p4f2xygd0c4nr4nxc3brje9j6kzqcc9gmhns0g6pqeg7dnp7pf1qev51x2vy1jkpy1ac48zdyh4pjn40j3hy4r00swpx3gqv11v8kaaek3mr17bxewpvtz7r74g5w4vqad8rpfa11tq4qn8q5ng8jw28v7es1phgmxc8kf7f3evyqgvft96ssmjfgp8x0091vn7pj75mhrwqj8x637p8kqm35ykjxw0ad43vcsp8zmf1c1nbgd6azsrxzqrma1bwyrn0vz0s8rhcpej4aaf9sgsfresvqvds3a45xhp95jwdh5sn9pr7ejc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%26client%3Dca-pub-4485239425924787%26adurl%3D

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ca50e15d4058efa29c8683898c1c346d1ac6ba100979347f78323ddb39e4e891

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7db02b0519a568fd-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:55 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame C1B5 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 18:48:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 54E9 1 KB
643 B 22ms
20ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame C1B5 19 KB
8 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:19:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C1B5 0
0 31ms
28ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGa56vxDR4nqU8xKnFlD1UC9nzM783kTO3Kjilz5cgmxCYvjLt4QYWFFvj5zSm3_es-4PXSSko07FQ5R3PJbX7fZGXsA
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C1B5 24 KB
6 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jun 2024 12:02:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1B5 178 KB
56 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 23:52:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C254 0
0 59ms
55ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306150101&jk=2808762137455905&rc=05ALyjir8k-4hyTZhPN74hyjgZzD90nswmsjObFsGQkGUeBfcHf8fUrTi-g3cEYn3zKQa7mMy0y-XLRJoJg-XFKYr8cbUSSnEejM7ICz43gWG2i13rWttCS52XrSBSc9YoucKdiicC8Equd_UlZDAXqdjhtUfYGUL9BSRkFNvt4lR4R2SlP6nwgCdE6YM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame E164 37 KB
14 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:43:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:43:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E062 13 KB
5 KB 28ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 18:49:13 GMT
expires: Thu, 20 Jun 2024 18:49:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4A1D 783 B
535 B 39ms
32ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c823e78251d4425d3b48d8667e4007f006dbdf1bf74373161ec83dd28fb6901a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zwL8CDrn1MSNCp6YAqEl4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-zwL8CDrn1MSNCp6YAqEl4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:55 GMT
expires: Wed, 21 Jun 2023 23:52:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 820C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21e3c52a8eb8497f56ca6a849f148a7b8b88505ca13e07be95cb82e29ac3c824

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 58C1 0
0 56ms
56ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306150101&jk=3605921774928925&rc=05ALyjir8k-4hyTZhPN74hyjgZzD90nswmsjObFsGQkGUeBfcHf8fUrTi-g3cEYn3zKQa7mMy0y-XLRJoJg-XFKYr8cbUSSnEejM7ICz43gWG2i13rWttCS52XrSBSc9YoucKdiicC8Equd_UlZDAXqdjhtUfYGUL9BSRkFNvt4lR4R2SlP6nwgCdE6YM
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54E9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKVbMNJsWzalt0Kek75miBg&google_cver=1&google_push=ATf1kGOBZ3M0CoOCIp0thOmWjEAcACjvnwvRtlf-xfaxCqrvPiu_3Xphxl1Hv77Ru-vBlFtVa17FY_rC4r1aaXQ1...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOBZ3M0CoOCIp0thOmWjEAcACjvnwvRtlf-xfaxCqrvPiu_3Xphxl1Hv77Ru-vBlFtVa17FY_rC4r1aaXQ1NDHymC9QhLM

170 B
188 B

30ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOBZ3M0CoOCIp0thOmWjEAcACjvnwvRtlf-xfaxCqrvPiu_3Xphxl1Hv77Ru-vBlFtVa17FY_rC4r1aaXQ1NDHymC9QhLM

Requested by

Host: a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com
URL: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 21 Jun 2023 23:52:55 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x26 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOBZ3M0CoOCIp0thOmWjEAcACjvnwvRtlf-xfaxCqrvPiu_3Xphxl1Hv77Ru-vBlFtVa17FY_rC4r1aaXQ1NDHymC9QhLM
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 21 Jun 2023 23:52:54 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54E9
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEESrX7ZGl9UyE0T2kv1o_m8&google_cver=1&google_push=ATf1kGNLcbL8HEavlkXqxiHs8rjJ2KEo88oL-a5JAqRiahoQagyZShyMSio_Mmzi7iSUAeIVoZAnOmzwL8_NxqPRDdEGjFLsFAI-
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A33D6510709842E5AAE96B11ADD046C8&google_push=ATf1kGNLcbL8HEavlkXqxiHs8rjJ2KEo88oL-a5JAqRiahoQagyZShyMSio_Mmzi7iSUAeIVoZAnOmzwL8_NxqP...

170 B
188 B

46ms
46ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A33D6510709842E5AAE96B11ADD046C8&google_push=ATf1kGNLcbL8HEavlkXqxiHs8rjJ2KEo88oL-a5JAqRiahoQagyZShyMSio_Mmzi7iSUAeIVoZAnOmzwL8_NxqPRDdEGjFLsFAI-

Requested by

Host: a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com
URL: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Jun 2023 23:52:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A33D6510709842E5AAE96B11ADD046C8&google_push=ATf1kGNLcbL8HEavlkXqxiHs8rjJ2KEo88oL-a5JAqRiahoQagyZShyMSio_Mmzi7iSUAeIVoZAnOmzwL8_NxqPRDdEGjFLsFAI-
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 20 Jun 2023 23:52:55 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54E9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJLPfqn0OI8t0mG3VF2_-3k&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJLPfqn0OI8t0mG3VF2_-3k&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJLPfqn0OI8t0mG3VF2_-3k&google_hm=ZJONV0Ow6a_o3aco72DGTAAADFoAAAIB&google_nid=index&google_push=ATf1kGNbjpt27GJGoXk84aOkCiGarrI_zu6WK...

170 B
188 B

29ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJLPfqn0OI8t0mG3VF2_-3k&google_hm=ZJONV0Ow6a_o3aco72DGTAAADFoAAAIB&google_nid=index&google_push=ATf1kGNbjpt27GJGoXk84aOkCiGarrI_zu6WK6AHb7lkY7TCYTky-AuZwQvaTrtRWiR8pR-Z8El-9iozB8HM2aVoT9yZKCgt0x4

Requested by

Host: a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com
URL: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 23:52:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJLPfqn0OI8t0mG3VF2_-3k&google_hm=ZJONV0Ow6a_o3aco72DGTAAADFoAAAIB&google_nid=index&google_push=ATf1kGNbjpt27GJGoXk84aOkCiGarrI_zu6WK6AHb7lkY7TCYTky-AuZwQvaTrtRWiR8pR-Z8El-9iozB8HM2aVoT9yZKCgt0x4
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 54E9 0
75 B 207ms
30ms Image
text/plain 185.86.138.153

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBia0VL8uH_Nfg0iyuqk6pw&google_cver=1&google_push=ATf1kGMDh8J66UTJ566e_QEtnMQPWE9ywIAw4bSGHMgY0mAS5f0Br9wPJeJ9GcrhmjoTRAFmv-haa9CoPhjvuRF7TvoimjQGkUh5
Requested by: Host: a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com
URL: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.153 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 54E9
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPhFyq65bvwPpCuXRBmF1qY&google_cver=1&google_push=ATf1kGM2mRvXw-1VIbQQmvrqK-jeKGgjuMwlS-hsc4rSTdPXYEOrH48o3xGE6pXo_ehGniQ05g5p8HddUMx...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGM2mRvXw-1VIbQQmvrqK-jeKGgjuMwlS-hsc4rSTdPXYEOrH48o3xGE6pXo_ehGniQ05g5p8HddUMxwzZzyv3lbqpC-BJtV
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

21ms
21ms

Image
text/plain

51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com
URL: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 54E9
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELRitn9AwGxBWjtuVUZCJDM&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPZ0L3b4k0QxkGWcE6ISEQcZwMK_7lrQPW-a_tUQtFvMDUWfihsBfZbJ9sJLvWrIrKA2j9PSnwwgn_wPHkBpW6g9ezBgmD4JQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

53ms
52ms

Image
image/gif

104.75.89.75

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com
URL: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Protocol: H2
Server: 104.75.89.75 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Wed, 21 Jun 2023 23:52:56 GMT
pragma: no-cache
date: Wed, 21 Jun 2023 23:52:56 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54E9
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEtZYM88O...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEt...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ed2c029d-a764-47b1-bb30-13fdec35ad26&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

30ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ed2c029d-a764-47b1-bb30-13fdec35ad26&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com
URL: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 23:52:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=ed2c029d-a764-47b1-bb30-13fdec35ad26&%%GOOGLE_PUSH_PAIR%%
date: Wed, 21 Jun 2023 23:52:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 54E9 0
12 B 30ms
29ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOq_qNdArZ8_ETtwBR92ZoEZIp3E0UL7aAljDkJw6YEaoqRr7HlUrHymwYNttjzI1qTb14c8gZ

Requested by

Host: a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com
URL: https://a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 820C 16 KB
16 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 363272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 18:58:23 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 820C 15 KB
15 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 524208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 22:16:07 GMT

GET
DATA 200
OK truncated
/ Frame C1B5 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 856755a53a3f19aa243c99898e80719d8e172627296b680d022da3430643fbcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BCE 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:43:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:43:20 GMT

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame E4FC 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:43:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:43:20 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame 1CB4 106 KB
13 KB 37ms
36ms Stylesheet
text/css 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kmva2eyct1yvwkfv7ypb11mfjsche82rrcprjy98js499eq42bpkf2wvv8z6hczfspce47axka7qfr74pv17x1nb96nq3hzdnmd1h124y0a9sq4vxsmda8w1k6wfzgm1j4b817kng0qn5ys3p4f2xygd0c4nr4nxc3brje9j6kzqcc9gmhns0g6pqeg7dnp7pf1qev51x2vy1jkpy1ac48zdyh4pjn40j3hy4r00swpx3gqv11v8kaaek3mr17bxewpvtz7r74g5w4vqad8rpfa11tq4qn8q5ng8jw28v7es1phgmxc8kf7f3evyqgvft96ssmjfgp8x0091vn7pj75mhrwqj8x637p8kqm35ykjxw0ad43vcsp8zmf1c1nbgd6azsrxzqrma1bwyrn0vz0s8rhcpej4aaf9sgsfresvqvds3a45xhp95jwdh5sn9pr7ejc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kmva2eyct1yvwkfv7ypb11mfjsche82rrcprjy98js499eq42bpkf2wvv8z6hczfspce47axka7qfr74pv17x1nb96nq3hzdnmd1h124y0a9sq4vxsmda8w1k6wfzgm1j4b817kng0qn5ys3p4f2xygd0c4nr4nxc3brje9j6kzqcc9gmhns0g6pqeg7dnp7pf1qev51x2vy1jkpy1ac48zdyh4pjn40j3hy4r00swpx3gqv11v8kaaek3mr17bxewpvtz7r74g5w4vqad8rpfa11tq4qn8q5ng8jw28v7es1phgmxc8kf7f3evyqgvft96ssmjfgp8x0091vn7pj75mhrwqj8x637p8kqm35ykjxw0ad43vcsp8zmf1c1nbgd6azsrxzqrma1bwyrn0vz0s8rhcpej4aaf9sgsfresvqvds3a45xhp95jwdh5sn9pr7ejc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%26client%3Dca-pub-4485239425924787%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1686312358
age: 1078910
cf-polished: origSize=108907
x-guploader-uploadid: ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 09 Jun 2023 12:06:25 GMT
server: cloudflare
etag: W/"913a188acf4937267d989357edafdccf"
vary: Accept-Encoding
x-goog-generation: 1686312385390155
content-type: text/css
x-goog-hash: crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pn6d%2F28H1oOrQHrdK%2B6CjWYj1GvdsHDyAQUkFNn90zUIZulo2MX2zDILCR6ct9NRajp9mlsWQxQ2RHE6zrWdUbI40w2FE6F0t8Ns4Ufaez4eyALvl%2FG5nlYy%2BeNYtvetHz6%2B01RKPGM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 108907
cf-ray: 7db02b0599f368fd-FRA
expires: Thu, 22 Jun 2023 00:52:55 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 1CB4 25 KB
10 KB 49ms
38ms Script
application/javascript 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kmva2eyct1yvwkfv7ypb11mfjsche82rrcprjy98js499eq42bpkf2wvv8z6hczfspce47axka7qfr74pv17x1nb96nq3hzdnmd1h124y0a9sq4vxsmda8w1k6wfzgm1j4b817kng0qn5ys3p4f2xygd0c4nr4nxc3brje9j6kzqcc9gmhns0g6pqeg7dnp7pf1qev51x2vy1jkpy1ac48zdyh4pjn40j3hy4r00swpx3gqv11v8kaaek3mr17bxewpvtz7r74g5w4vqad8rpfa11tq4qn8q5ng8jw28v7es1phgmxc8kf7f3evyqgvft96ssmjfgp8x0091vn7pj75mhrwqj8x637p8kqm35ykjxw0ad43vcsp8zmf1c1nbgd6azsrxzqrma1bwyrn0vz0s8rhcpej4aaf9sgsfresvqvds3a45xhp95jwdh5sn9pr7ejc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 122817
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dl%2BmODogdOGGJWwSZpqmAhHf%2FTU6UbnzErDwYrnhR0OH%2B2TyF3nCFyis0RX3Vh6IuyN%2BsdNKvSm833KlnPaAac73disxtKino649Q3KIFNANynWEoIRMrxpNdTFTNJoJBweb4dU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7db02b05a9f968fd-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Jun 2023 13:46:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4A1D 0
0 56ms
56ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306200101&jk=3581039659022826&rc=05ALyjir8k-4hyTZhPN74hyjgZzD90nswmsjObFsGQkGUeBfcHf8fUrTi-g3cEYn3zKQa7mMy0y-XLRJoJg-XFKYr8cbUSSnEejM7ICz43gWG2i13rWttCS52XrSBSc9YoucKdiicC8Equd_UlZDAXqdjhtUfYGUL9BSRkFNvt4lR4R2SlP6nwgCdE6YM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1CB4 3 KB
4 KB 91ms
31ms Image
image/png 2606:4700:20::681a:61b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2539
x-guploader-uploadid: ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3tp2Fa680HygkOHNiGfEVG%2FCt6EG2psikeSmTTDuPtpEBho2Mbzvff3G5nZ%2BgSjhDG%2FMcNKlbizP150z3ADo2SDZV9%2BTjs7gdzNFd%2BfVDAbQYzEtEWe8e2IZfkTe51yedoZVv7xA2atPvxRYRfG3xLn"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7db02b06fa949bb2-FRA
expires: Wed, 21 Jun 2023 23:36:45 GMT

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame E062 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:43:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:43:20 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 5265 2 KB
1 KB 31ms
31ms Document
text/html 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46024
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7db02b06b81d9b8e-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 23:52:56 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lCnziAS%2F2oBuED5vZv9VD8wYUzZS5K9e4JcB3Ut%2B6uakp%2BCfYZOCLx2VfKsC1ClV0DdfpGLmP9b5tUKft3EQUIjAckOOMl5u%2BtPJXLQ1J6Weg%2BHDEg64%2B2HpIajcLUSdHCqBx4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E164 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cZhUEA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E4FC 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sTaYXw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 1CB4 1 KB
2 KB 44ms
43ms XHR
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ef33c9b94707f1e99a5e8d9935f3b91d2ff2e7a0146a86adf719cf25934e7fa5

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jun 2023 23:52:56 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imEuTzvAS8DzY4E99FHmRKQjq9qu8Bro%2BeVaOawQbXnEJ0jzEV3Ix64mlvjW16o2BQylk4eZAav1FcbSrddZ8UEqU4N2ZfckWsGjPHeENEmLWVFZFXhoCR4sxQt1c5jpR%2F7NULQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7db02b082a4c37fb-FRA
x-backend-server: aa-reachservice-group-europe-west1-hkpl
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 75ms
46ms Preflight
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7db02b07da2537fb-FRA
content-length: 24
content-type: text/plain
date: Wed, 21 Jun 2023 23:52:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sguiX12Iwr%2FU0e8CeRBjl9LJHXIR9WqZkMpGch4EfHusEZjfn8FA%2BJkmTNofErBlSf7BUZwxhahce7bdif0mb%2BzxiTjQ%2F5O0MEgdd2AH3ia1EAzwHHrwikO2IrEUlLL694INFRE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8jrm

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E062 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KtYZUA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FD58 0
0 56ms
56ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306150101&jk=328876107595183&bg=!cnGlcSXNAAYQ3eRoMN07ADkAdvg8WhLJ6Ro3hZmCyq17ldHp83ITXU48tYFUKTOB2Ev-6Os5BIr0x8wHoLmOzdyrIfUurlfKBMoCAAABtVIAAAACaAEHmQMVx-HbST8S2Ujt4Jq2-zVWszgBbrADq4ZA3Rgdlx6K-c4tqCZUioVfEzA92SXJyWoaK-3NZAHixWVMlMVx72-yVkipbpMIrt3tfXZTSXN4-9OCvx91tkl-L9Lmf6e2A1AtcZ9E9D_T-Hv7L1Yr5lS2kcJ_EzjEguzt4d3sBjve0b9pFAZOUtqpzNsF-GJzEwT-GH11uAyijPkFgF4St4RMJ9ZsVf9uq8JfkcwNPKwBdwGZRDiCfecIRe3bJLugIR4CI3ZBS9EX0wdfhRH3PfFq9C_kkCO1amI5dBxD8UT1JFgdv_IQhouc8aIv1GzW8_AX9Gvflv7zQ4mpqzZwVANvxMORHve-C4bxZW8OrFMjdu1l8GGPLyFQN9128Y-6sIcow6eBREmmidxhtRIfcYmLqvSJ8R1mAD7p3G-FBmD9mSFFKxtaedC1DG9tlMi5Nmkjn_aXgkq3vP7bFVvr37Cl1T-mMUeLFpkv_ZcpGBV7KrS0F5chy0IQyeapukoIuaHm_7l93gjmt9MlzxKNSfm3WMOgKJOJPY2kju1CMbIojooLupvbszIRsHoa5DGPYPFTVGHUzjSoTjS6wMPWVw9udAKbVb430eIVE4W3KVI58IT3NaEEFssApX6kYzVk6_r8KtV6eqHJz_VSJiYoT3yqeX4Lbf9JwAxoO4c6vTXaredj6B1u5KiNekWAboAo89frzvuKBp4MO4vZd9UNWSqApr3S2zpKxOGUw3foppcEqww_G4bIavhtjsQ9kAdQeZX8vYDKXq9EltgMSA7J8XaTklDj0Gnaj0HzJnAILynI7Q7s9TPPPm6EBIjjlMwczjS8cgRUWuShXoPeqCY41aFV-6aakEWEc5Mkb6FerFzBvgdX9JgnHyAQelWpvMgCPljUyY4ZpBZceHvfUogSOv50V2uebaxaUwIXzAnnXs4c3ZG14CVI6vReV3BvkXyezQsv1diHiUwjdLeKI6ZfV_xPxO8kkmg39OFzGhigmbB2GYdyGGAjeEVy0cOaxJvLtcGcRoXp5IIPWO_POsReYzyRM1OIP8Mr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 6485 5 KB
3 KB 43ms
43ms Document
text/html 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=e403037f412ae754fd94619aa3f556f8%2F8262950622702159921&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687391576348&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz66qwqpgamjjdn9gb3bz963cb7bxnjra560r8zn1cyz85qfg94gjhmd1gy2eqfn1x8qmngy488v7tp1vr60hxftdacf1az9w6mvmkze5kxbn7a92wd73jy6qnc7y6bnq3x2xtczy9fg5h34y5k420r3wz7ax8gnq0bpnjdg0zyf1xn159zm4hfdmwcmcf8wmxtm4y20m93ezdtbdag85gpvz41tbrssqhm42srcc9mpn6pfj7645wjp9s550zs65hgrakhvpkpmnh6fs3j57rd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

073824a9d3bf1e5265295fdc988257b74d28a8adde51a669e196c0161bbaec89

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kmva2eyct1yvwkfv7ypb11mfjsche82rrcprjy98js499eq42bpkf2wvv8z6hczfspce47axka7qfr74pv17x1nb96nq3hzdnmd1h124y0a9sq4vxsmda8w1k6wfzgm1j4b817kng0qn5ys3p4f2xygd0c4nr4nxc3brje9j6kzqcc9gmhns0g6pqeg7dnp7pf1qev51x2vy1jkpy1ac48zdyh4pjn40j3hy4r00swpx3gqv11v8kaaek3mr17bxewpvtz7r74g5w4vqad8rpfa11tq4qn8q5ng8jw28v7es1phgmxc8kf7f3evyqgvft96ssmjfgp8x0091vn7pj75mhrwqj8x637p8kqm35ykjxw0ad43vcsp8zmf1c1nbgd6azsrxzqrma1bwyrn0vz0s8rhcpej4aaf9sgsfresvqvds3a45xhp95jwdh5sn9pr7ejc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%26client%3Dca-pub-4485239425924787%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7db02b0879319b8e-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 23:52:56 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame 6485 106 KB
13 KB 32ms
31ms Stylesheet
text/css 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=e403037f412ae754fd94619aa3f556f8%2F8262950622702159921&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687391576348&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz66qwqpgamjjdn9gb3bz963cb7bxnjra560r8zn1cyz85qfg94gjhmd1gy2eqfn1x8qmngy488v7tp1vr60hxftdacf1az9w6mvmkze5kxbn7a92wd73jy6qnc7y6bnq3x2xtczy9fg5h34y5k420r3wz7ax8gnq0bpnjdg0zyf1xn159zm4hfdmwcmcf8wmxtm4y20m93ezdtbdag85gpvz41tbrssqhm42srcc9mpn6pfj7645wjp9s550zs65hgrakhvpkpmnh6fs3j57rd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=e403037f412ae754fd94619aa3f556f8%2F8262950622702159921&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687391576348&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz66qwqpgamjjdn9gb3bz963cb7bxnjra560r8zn1cyz85qfg94gjhmd1gy2eqfn1x8qmngy488v7tp1vr60hxftdacf1az9w6mvmkze5kxbn7a92wd73jy6qnc7y6bnq3x2xtczy9fg5h34y5k420r3wz7ax8gnq0bpnjdg0zyf1xn159zm4hfdmwcmcf8wmxtm4y20m93ezdtbdag85gpvz41tbrssqhm42srcc9mpn6pfj7645wjp9s550zs65hgrakhvpkpmnh6fs3j57rd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1686312358
age: 1078911
cf-polished: origSize=108907
x-guploader-uploadid: ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 09 Jun 2023 12:06:25 GMT
server: cloudflare
etag: W/"913a188acf4937267d989357edafdccf"
vary: Accept-Encoding
x-goog-generation: 1686312385390155
content-type: text/css
x-goog-hash: crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNP2AX1I99HzMLqgYgFPul%2FnuTwCxMFCx5QDyyNrpDbgpNSTo4JPUmUFckviZmCfLatokNYSN3%2BjIhfEeOpjEfqI%2BvMGnbVTekKhR4pO33xlCt36ZLqO7TAz5WDnxo%2FD4qiNlGrI%2Fa8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 108907
cf-ray: 7db02b08c9dc9b8e-FRA
expires: Thu, 22 Jun 2023 00:52:56 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 6485 5 KB
5 KB 39ms
30ms Image
image/webp 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=e403037f412ae754fd94619aa3f556f8%2F8262950622702159921&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687391576348&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz66qwqpgamjjdn9gb3bz963cb7bxnjra560r8zn1cyz85qfg94gjhmd1gy2eqfn1x8qmngy488v7tp1vr60hxftdacf1az9w6mvmkze5kxbn7a92wd73jy6qnc7y6bnq3x2xtczy9fg5h34y5k420r3wz7ax8gnq0bpnjdg0zyf1xn159zm4hfdmwcmcf8wmxtm4y20m93ezdtbdag85gpvz41tbrssqhm42srcc9mpn6pfj7645wjp9s550zs65hgrakhvpkpmnh6fs3j57rd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 168276
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmqGOw5sIveGt2pyVvQrbI%2BKBt5NMUt4%2BUBg%2FoV1lHdiEuQFQJxbLHUIvf2IYAXNM%2BtQHHV8QisarKhodhuk9OPegcTbfbKJbAt8FvD%2BCb9R50E30DBF4q98ZQuarLr1Jfgismrzo10Zv9QM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7db02b08cbf468fd-FRA
expires: Thu, 22 Jun 2023 23:52:56 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 6485 91 KB
91 KB 40ms
31ms Image
image/png 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=e403037f412ae754fd94619aa3f556f8%2F8262950622702159921&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687391576348&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz66qwqpgamjjdn9gb3bz963cb7bxnjra560r8zn1cyz85qfg94gjhmd1gy2eqfn1x8qmngy488v7tp1vr60hxftdacf1az9w6mvmkze5kxbn7a92wd73jy6qnc7y6bnq3x2xtczy9fg5h34y5k420r3wz7ax8gnq0bpnjdg0zyf1xn159zm4hfdmwcmcf8wmxtm4y20m93ezdtbdag85gpvz41tbrssqhm42srcc9mpn6pfj7645wjp9s550zs65hgrakhvpkpmnh6fs3j57rd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1918836
cf-polished: origSize=105738, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 92686
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s58KFV8xCaCTDub1B7ouCFL8Z4HnWWhk8NrV71f6XKJLr2CNq80RDzjs5qTBysVDX2HmjckFDBbINVKMd3gnS4pbV8%2BjxSsFq%2FkReSs9AWH20PNUvx1zLQ3D0jkD0PYE%2FgToc%2BKvAcy3gsrA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7db02b08cbf368fd-FRA
expires: Thu, 22 Jun 2023 23:52:56 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 6485 2 KB
2 KB 177ms
86ms Script
text/html 3.11.176.98

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g6a73e7hjq3e93jqnyb20v1tdds01rfndt7pp4j18sy1vme7nan9gd263d78ysjqee4cr9w4r8artxxwrkpddwaqvx9419ydx1g17cemgqkts32z26892mfayxtpp26kjtbmx7fffxszjb4ztac3df99a9hpws38br043qz3dv257nvzg974hy6k8q4j99jffhrrpf6kzs30ea9gqe51kfjmf6pcqxmg6prv777c6qkx23trjjfnkmykq0axtnwqby0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jz66qwqpgamjjdn9gb3bz963cb7bxnjra560r8zn1cyz85qfg94gjhmd1gy2eqfn1x8qmngy488v7tp1vr60hxftdacf1az9w6mvmkze5kxbn7a92wd73jy6qnc7y6bnq3x2xtczy9fg5h34y5k420r3wz7ax8gnq0bpnjdg0zyf1xn159zm4hfdmwcmcf8wmxtm4y20m93ezdtbdag85gpvz41tbrssqhm42srcc9mpn6pfj7645wjp9s550zs65hgrakhvpkpmnh6fs3j57rd%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%252526client%25253Dca-pub-4485239425924787%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=e403037f412ae754fd94619aa3f556f8%2F8262950622702159921&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687391576348&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz66qwqpgamjjdn9gb3bz963cb7bxnjra560r8zn1cyz85qfg94gjhmd1gy2eqfn1x8qmngy488v7tp1vr60hxftdacf1az9w6mvmkze5kxbn7a92wd73jy6qnc7y6bnq3x2xtczy9fg5h34y5k420r3wz7ax8gnq0bpnjdg0zyf1xn159zm4hfdmwcmcf8wmxtm4y20m93ezdtbdag85gpvz41tbrssqhm42srcc9mpn6pfj7645wjp9s550zs65hgrakhvpkpmnh6fs3j57rd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.176.98 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: 35306de44d3eca2dda494f4ea9078d75a707d2f242e63a9581d7923317adc784

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 23:52:56 GMT
last-modified: Wed, 21 Jun 2023 23:52:56 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 21 Jun 2023 23:53:56 GMT

GET pvClk.min.js
analytics.webgains.io/ Frame 6485 0
0

GET 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 6485 0
0

POST csi
csi.gstatic.com/ Frame 2A16 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Domain: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Domain: cdn.track.production.webgains.team
URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1687391876&Signature=o8ePeh22BBFDnqkX3dz5jPMKp5Bj6fU20ex6Pst9VjA6Zkn4uTWetrUpTV49HTnKT8TVqLOGyFaV8jtRilfeCX4nXqYtaIYAza0j9fCvmPHRZ9xNCBNjWCC1xkwcTt-RBeWuUHvuQxn-HwRgEZISnMcgeKSc5WYS1ncx2VF2-opF~lf8xb8B~-mMqyM4p2zIvQjfK5EQ39kWBcjk34CvJUyUGqUru8Tln20ih1nND0QmnbZa5hupSL2pLwMl3K5YkUoonMWSaCH-Rgmso6kwsGJ3b3ttvhqtBAMyoqMDnK4m-6MXf~PI0Ea9g8pzr6O0BDwwoCutAxlDAINiqnwO5Q__&Key-Pair-Id=K28VXAGA7VWE0O

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lj6ddkgx&c=3581039659022826&e=31075507%2C31061691%2C31061693&ctx=1&met.9=1.3e~2.5v~9.0~3_1.6i~7_1.0~4_1.8i~5_1.8j&met.3=74.5z_1~947.60~43.60~947.60~6.60~91.60~95.60_2~77.5z_3~724.64_1~894.66~1132.6c_6~808.6j~808.6j~646.8i_1~800.8j~800.8j~800.8j~800.8j~800.8j~801.8k~801.8k~825.8k~355.8k~825.8k~647.8k~965.8k~112.92_3~94.ax~947.c2~573.c2~598.c2~113.c0_3&met.10=1_1.CAAQABj___________8BIO0BKAA&met.7=CBsQCMABy9_LwQY~CDsQChgBICMoIzBKOCdoI3BIeOzQAYABwM4BiAG66gSwAQG4AQPAAeLN6pYJ~CEMQChgBIHsoezCbATggaH1wkQF49-cHgAHL5QeIAcbFGLABAbgBA8AB-qKrrA4~CCgQChgBINsBKNsBMPEBOBZo3AFw8AF4t8EBgAGLvwGIAZf_A7ABAbgBA8ABm-H6cA~CC8QBxgBIOABKOABMP8BOB9o4AFw_gF4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CA8QDRgBIOoBKOoBMKQCODpo6wFwowJ4lQSAAekBiAHsA7ABAbgBA8ABv96a6wY~CBsQCDiKA8ABy9_LwQY~CBsQBRgBIOwBKOwBMJoCOC5o_QFwmQJ4iReAAd0UiAGSMLABAbgBA8ABz8Lh4Ao~CCcQDRgBIIkDKIkDMLUDOCxoigNwtAN4pVuAAflYiAHydbABAbgBA8AB8_LLrgs~CBwQBhgBILMDKLMDMOsDODloswNw6QN4rAKwAQG4AQPAAZSE4rUO~CCcQChgBIIAEKIAEMKEEOCHAAeLBm9oF~CCcQBRgBIIYFKIYFMJgGOJEBwAGZlZ-gCw~CBsQBRgBIIcFKIcFMJkGOJEBwAHPxtriAQ&met.1=1.lj6ddk7v~6.1~7.1~8.1~9.1~10.1~12.3~13.w~14.x~15.y~16.19~17.19~18.19~19.ax~20.ax~21.ay&qqid.1=CPHezrvH1f8CFY-A3godatIJgQ

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 17:02:23	Name: _GRECAPTCHA Value: 09ALyjir_cJnJNT1LrVRl82nt0JVVVjjSkxQdjWV56u6JOxk-ADkm6ZModTtZ0eAtt6hasQ0F6mq1IDNgOl_BsKzI
reurl.cc/	1970-01-20 21:28:47	Name: clientIdV2 Value: cffba54ebbd5e8cf93ab7eac0b72cb31f233a69d69f82e269d57212d576f0a8d9b49213c827f47e3478d2c63707157b79b53ffef00d0dd2f64fb826ac1c15c26d74dc1c23e677c5880764371
reurl.cc/	1970-01-20 21:28:47	Name: clientId Value: cffba54ebbd5e8cf93ab7eac0b72cb31f233a69d69f82e269d57212d576f0a8d9b49213c827f47e3478d2c63707157b79b53ffef00d0dd2f64fb826ac1c15c26d74dc1c23e677c5880764371
reurl.cc/	1970-01-20 21:28:47	Name: lang Value: tw
.reurl.cc/	1970-01-20 22:19:11	Name: _ga_N394QBRGC0 Value: GS1.1.1687391569.1.0.1687391569.0.0.0
.reurl.cc/	1970-01-20 14:52:47	Name: _fbp Value: fb.1.1687391569203.1501194056
.reurl.cc/	1970-01-20 22:19:11	Name: _ga Value: GA1.2.1138288519.1687391569
.reurl.cc/	1970-01-20 12:44:37	Name: _gid Value: GA1.2.83471657.1687391569
.reurl.cc/	1970-01-20 12:43:11	Name: _gat Value: 1
.openx.net/	1970-01-20 21:28:47	Name: i Value: 295c4c15-a52d-4b35-98ce-0900c7c3fab3\|1687391569
.criteo.com/	1970-01-20 22:04:47	Name: uid Value: 8d3c331c-cfc1-4be3-8265-6a8395826a8e
.doubleclick.net/	1970-01-20 22:04:47	Name: IDE Value: AHWqTUkffmm9l7bzfzgV4RMRVtqOqwURfOBP9Knl3cj5ZW4pZTrIfTGzoswduiI6zJc
.reurl.cc/	1970-01-20 22:04:47	Name: __gads Value: ID=3002e27cca0769bc:T=1687391569:RT=1687391569:S=ALNI_MZn-MT97VkJ1mJpO8nT67PcId67nw
.reurl.cc/	1970-01-20 22:04:47	Name: __gpi Value: UID=00000c3277c2e9be:T=1687391569:RT=1687391569:S=ALNI_MaOwqCzCJZik1kjTBFBfWGU4EwVcA
.prnasia.com/	1970-01-20 12:43:13	Name: __cf_bm Value: NEEm35qpBUWh_RNibHXdPvKXk_ae4eXQ7D6MF2yVfYo-1687391569-0-Ad6Z3oeDA6H0bQ58Lb3BK2HMKrCFdgl2NOlD6AnG4FcQmJBgR47yWTkr/Vk2TGgDUDUTm3CQY63YDcGvfI1mjk4=
.hinet.net/	1970-01-20 22:19:11	Name: uuid Value: c01bcb74-500b-4f26-8402-f1714ae83cd7
.reurl.cc/	1970-01-20 21:28:47	Name: __htid Value: c01bcb74-500b-4f26-8402-f1714ae83cd7
.reurl.cc/	1970-01-20 12:43:15	Name: _ht_em Value: 1
.reurl.cc/	1970-01-20 12:44:37	Name: _ht_a546ca Value: 1
reurl.cc/	1970-01-20 13:26:23	Name: CFFPCKUUID Value: 6128-YmYP7R0CR0rq5zMvVYizIXqytXLouyXt
.reurl.cc/	1970-01-20 13:26:23	Name: CFFPCKUUIDMAIN Value: 564-QQMWndqWhKE0kfWg3JnwEgHfgzfCwqtf
.reurl.cc/	1970-01-20 13:26:23	Name: FPUUID Value: 0564-0042ce969b698ca27a4346bb8673fd5b4973eb9abafe2f593a5a13440c091cd4
.holmesmind.com/	1970-01-20 13:04:18	Name: Vision Value: 20230622-23:59,20230622-10,20230622-10,20230622-23:59
.holmesmind.com/	1970-01-20 13:04:18	Name: C Value: null
.holmesmind.com/	1970-01-20 15:08:09	Name: RK Value: null
.holmesmind.com/	1970-01-20 22:19:11	Name: P Value: 204924-CdtJdDVi3MpiXHkXJhmcfjCHjugHSTle
.reurl.cc/	1970-01-20 12:44:37	Name: _ht_hi Value: 1
rt.ad-score.com/	1970-01-20 22:19:11	Name: token Value: WpgeCTRRtKtLf-kvk2-fRLajFTiVQtwQ
.reurl.cc/	1970-01-20 12:44:37	Name: _ht_50ef57 Value: 1
.holmesmind.com/	1970-01-20 12:44:37	Name: fcm Value: 1
.holmesmind.com/	1970-01-20 13:04:18	Name: R Value: null
.holmesmind.com/	1970-01-20 15:08:09	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-20 22:19:11	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.reurl.cc/	1970-01-20 22:04:47	Name: cto_bundle Value: Vu07p19BUE4zdEdGclo1MTk5RHg0ZWNuRkJMeFV0d1ZRb2ZNY2lUc2FrelNoJTJCOFlJT3FuN1MlMkJtSUFSeUhwdFNiaDZCVG5TS0RreFk4NU15JTJCTSUyQk1VaDRsaEJEYWQwUXpUZWtWV2hsdWtoWjZ6aXVRaEI1SUdNV29tcWNmS21WcnRySkdxZzMxNXlJWVQ1Tnl3QUIwSTlaTzNYZyUzRCUzRA
.c.appier.net/	1970-01-20 21:28:47	Name: _auid Value: 1LL3wZBMCyWWwOSQVY2TZA
.aralego.com/	1970-01-20 21:28:47	Name: sspid Value: 57aae886-3ad1-3ba2-a57d-a499cebf2ba6

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1kmva2eyct1yvwkfv7ypb11mfjsche82rrcprjy98js499eq42bpkf2wvv8z6hczfspce47axka7qfr74pv17x1nb96nq3hzdnmd1h124y0a9sq4vxsmda8w1k6wfzgm1j4b817kng0qn5ys3p4f2xygd0c4nr4nxc3brje9j6kzqcc9gmhns0g6pqeg7dnp7pf1qev51x2vy1jkpy1ac48zdyh4pjn40j3hy4r00swpx3gqv11v8kaaek3mr17bxewpvtz7r74g5w4vqad8rpfa11tq4qn8q5ng8jw28v7es1phgmxc8kf7f3evyqgvft96ssmjfgp8x0091vn7pj75mhrwqj8x637p8kqm35ykjxw0ad43vcsp8zmf1c1nbgd6azsrxzqrma1bwyrn0vz0s8rhcpej4aaf9sgsfresvqvds3a45xhp95jwdh5sn9pr7ejc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%26client%3Dca-pub-4485239425924787%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5&c=300&d=50&e=&g=e403037f412ae754fd94619aa3f556f8%2F8262950622702159921&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1687391576348&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jz66qwqpgamjjdn9gb3bz963cb7bxnjra560r8zn1cyz85qfg94gjhmd1gy2eqfn1x8qmngy488v7tp1vr60hxftdacf1az9w6mvmkze5kxbn7a92wd73jy6qnc7y6bnq3x2xtczy9fg5h34y5k420r3wz7ax8gnq0bpnjdg0zyf1xn159zm4hfdmwcmcf8wmxtm4y20m93ezdtbdag85gpvz41tbrssqhm42srcc9mpn6pfj7645wjp9s550zs65hgrakhvpkpmnh6fs3j57rd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7IPZV42TZNGlHp7A9u8P0s-X4AOQ4YGEXLaoworwAsCNtwEQASAAYJXKmYKsB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIRR-mQ8WayPuACAKgDAaoEgQJP0F2rHEBAxl6aI1dUo42Ii220mW42xjdQjZEVtImNlRXppiLqYiXjsAHpBcF0RPKjV2rN10UskwKteky86DUxRwHOMV8mPbURZ833g3PKs0IlMODTe6yI5HLFEzWlt3YwRLa9O61PXFB6217_SB5AHS6lX6mweb8YT4P_4PYEHq2eZy124UU8zdjc1xXHV7__cge7f8unk6A_Ar3YFegfDYSRxAJF4X_8DsyYACijVj00ziXdlYE-PyPHeortsaoMf_fTWxlSSQl53W-y27wCwO1EZ0LOarF4L0pqeBGWZ44CA2UurADriNl1Ja6xIFQ0VkbbFb93X8KtPiiDMaqNwOAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2c2tHvPj-O4UVYPr5eARrVElzdiA%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3fe4ca1b9b7691af6061552287e5c162.safeframe.googlesyndication.com
799ab191b5c01877d7208ac2796f9804.safeframe.googlesyndication.com
90d5354e7433e3a9f7fc4cbfafc0d670.safeframe.googlesyndication.com
a91889d57d11cef52096c9c14779e8cf.safeframe.googlesyndication.com
ad.holmesmind.com
ad2.apx.appier.net
ad4m.at
adcdn.holmesmind.com
ads.aralego.com
adservice.google.com
analytics.webgains.io
anymind360.com
as.ad4m.at
assets.ad4m.at
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
c01bcb74-500b-4f26-8402-f1714ae83cd7.t.ssp.hinet.net
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.rawgit.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cms.quantserve.com
cnt.trvdp.com
connect.facebook.net
creditcards.com.tw
csi.gstatic.com
eus.rubiconproject.com
f7c3b059f0bdb07684081ee1204115f3.safeframe.googlesyndication.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i0.wp.com
img.gbyhn.com.tw
m.holmesmind.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-asia.creativecdn.com
prebid.scupio.com
prod-rtb.ad4mat.net
re-news.tw
region1.google-analytics.com
reurl.cc
rt.ad-score.com
s.trvdp.com
scontent-fra3-1.xx.fbcdn.net
scontent-fra3-2.xx.fbcdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
storage.reurl.cc
sync-tm.everesttech.net
sync.aralego.com
sync.mathtag.com
sync.teads.tv
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
x.bidswitch.net
analytics.webgains.io
cdn.track.production.webgains.team
csi.gstatic.com
www.facebook.com
103.132.192.30
104.75.89.75
108.138.36.34
142.250.184.194
151.101.129.55
151.101.130.49
162.210.196.208
172.105.235.90
178.250.1.11
18.173.154.44
18.173.154.80
18.176.174.178
185.29.132.241
185.80.39.216
185.86.138.153
185.89.210.153
192.0.77.2
192.0.78.187
192.0.78.25
192.96.203.13
2001:4860:4802:32::36
203.75.214.136
210.59.219.34
23.37.42.132
23.56.202.187
2400:52e0:1e00::1081:1
2600:1901:0:76b9::
2600:9000:2057:a200:1e:5c56:d400:93a1
2600:9000:20c3:ae00:3:1794:2540:93a1
2600:9000:2250:de00:a:e047:753:be1
2600:9000:225b:c600:0:e06c:e940:93a1
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:47fe
2606:4700::6810:fd04
2606:4700::6811:190e
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:801::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:811::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c03::9d
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f13d:83:face:b00c:0:25de
2a04:4e42::485
2a06:98c1:3120::3
3.11.176.98
3.120.51.52
34.102.146.192
34.120.135.53
34.149.98.30
34.160.81.203
34.91.62.186
34.95.67.231
35.185.130.121
35.185.136.122
35.190.36.98
35.201.76.93
35.208.216.174
35.227.249.156
35.244.159.8
35.244.196.223
51.75.86.98
52.193.181.52
52.223.40.198
69.173.144.139
99.84.88.17
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0165c15a2bedf362f02f1dd1835b5c625faa48d7c0807de80cc4dd3ca40de809
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
05c80fccab871c1cba96d9bf7ba6ccccc4067750fd2198d41fc989df945e1e38
0696c5e661e7c6a48cd7c8d06695a1a9080271fa630cee908d8383282e6424cb
073824a9d3bf1e5265295fdc988257b74d28a8adde51a669e196c0161bbaec89
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09299aaf77b8af3c9c495c7efcd6ccc7856441627fae28ebad578643c2502cab
0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f
0b73cde4ad87b027277f12f5cbfe5fdcaf47a670c65c52d3fcda057897a8ac74
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3d28cc00d795d32d5f0ff37a943ed34a585ee1317fd1fa52999fdcfe80df30
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
163861ba1f99a5f399021588724bc0930e9de7f7dea9c4a5d8d06e03f169f30c
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2
1a95637652a9d25913ec9d9b768d09b5d12d30f6bfc86d1a7274602303c7732a
1b66c2d27056ad044abb3b3443ed46f21ef0b6187628b777ba815850c55e2e3d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450
20a78167d8c88d7e1d3917f78d9e664a4693b384f294fbaa496283f7656c7dce
21e3c52a8eb8497f56ca6a849f148a7b8b88505ca13e07be95cb82e29ac3c824
231601870aa05fe4984692f1da731878e254343bab9247496c0bd03104571442
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
29e4e16d3198163f2b0c956fa4eeac49bd6df01a3086a7b2b48883d8e86837b5
2bea500bbd1bde9f162cbaad1cf118cee3dbbf164777a5959a17f3cabc5cdce8
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316670143a8e613e747de47e2e126f641e74ac87619b467022d68bf998beb1d1
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35306de44d3eca2dda494f4ea9078d75a707d2f242e63a9581d7923317adc784
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3781d82bf13a220ea87b7a04df3592e7607b223f401c1608afaf16f890a344d4
3970d64493daf2ddc2860fbaefdf2a9cd83c7ad22ca8c66b01164649deba787d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3aff857eaabb2aefb0444dee3642e34376dc8349403e1f207b19d28a2240822c
3d9a612f852ba9f3564e53516bcd21b0283341c3b3655c3f439f2e84bdc4faa2
3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f844ab0f39c9e90cb287a89510f46503bdef3ba338faa4a681759c2d9681708
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ab8b122eba50158f9724fae8a2bbdae1a22eeedf7984aa5a3bb1e9c5cf7358
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
43ee064b51045fde1325550b5fff1d7f23a45aded7e601bc151d22e38d23e3c2
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44ead2bf273e09f7d836ec46d6ed6a856ecdd1ee544b0be7eab75e1763088144
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48fc6dfed13d9de13eff64788aea6e1a33febd8a74bdf01fdc4738dd19caaddc
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4be6845a718a4c6afc3b35bed4cdb1b777c713a62ebfa78954fc6bd86b68fadc
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
509fde281ac7707678e71c2d0cfe9fbf325e77ee9c6895572fec28006e786c1f
5153f72ad515627ca9811772d1a5965424ae3a3679269fad7de2f368be079ea4
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
5405641a82a2f8ea2c21a47bbe17d3a8cd12cb272974f4ef396ea8075363c109
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54599319e06f10619877473e0d5fa1247333e265ef38776ec8f00560d0dceba5
549b5ec631bc0f0bc93bd2092124270a23afd1dd6eaa49c3c3ea695b9812343f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
58eaf262bb1c0ad4234023a690594b66273f65ba2857341ab5a8547e5b3d191a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5ad88988f5871797f8a6ae266d8cf7449aaaa85007064bf7fcc256abb80b39d7
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5db43dfc18e22f338047eb4393993f313139c7a1a6854f137b07b2b387c97cfa
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60b4c8697c73df4d71743a99e6f78f0d9f62a2c8eea3bc1b59319adf52ba1348
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bf7e57ebc12f7a61aa36a8e4b4b25c8412f2212f91ff6f9b77d393245eecb1
63fc0c8b82e815845086a17bd7c36267a65a7d4ec5bed7fd9a564971242dae6b
6550a91820257882f785df34d823773b0c9ea18159231508b8d346150f41b081
6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5
67b3d68ea3b6938282166865e66312a6fba72da5deb10a6bf6e13c0a51835481
67e0b190ce0f7b6811c629b0b3ec28c8a6458101b5a2e51a859493601b2b32a5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
757df19f9f00e3c358e6f9b89ffdd2d462557810471182a4ae656c5d2aa378cd
7694573a86f303cabb2d2c27064dcaf58e0df866a47ccf73d14a6b682bf7450b
76af87dd66f4d56280df8478271dc2a505d1a7fd9c65c7e2215a22a3f656019d
789a3eaf046d5a2a635b25f95815ab35bdd8cca24c8eb8928c622bc7e948d996
78b0a06030378d763f8c3a76d6fc981f1e00b94adee2ba40ad533482644a574f
7a3a8ee1e9514affafdb69f1d7bf89b4762af1ddd13113ff3ef77113f3de0f8c
7ba3b9e9481b6e7e98d3d13ef40fa3d6daacdbbfebfe2b10ff549afe4a2f110f
7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7
80487acd4e4d2c1139684319c373e99fcb743a6f061a3383ed31088ea17458b3
81a83ad8c65b893ec909609444e653b7e0be9395ccf59016e03284e0d1a13844
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
83ef4b2f0ef3cbfe357017be8e759786eadc92ab0f2d51fd2642b8c5bd135902
84c0b447cee69b0835b94a1aa4c8fed05a2005721d401bc02aa3d70316f59e58
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856755a53a3f19aa243c99898e80719d8e172627296b680d022da3430643fbcd
865f95c6a053b2c70fc3add16e84645e1ba02c45ee62b6382b260c23dc5ac8e7
866fc88eb099deb7389ec3373dac9b521c5c3e03afdde0b1c4bbe607e61ee2ce
86df418d759487f91b379ac929723336e45cf28b31395bb383bc4439b2150125
86e28e0666f518e6ca5a7bae09bde3ae6c88e74f7be7e6b61de7b30f33bbb964
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89e1934c1df1459e564ab6bbdfed91853d10bfb64f93a6266bfa8a007806e9a7
8af274c171647062d29744e679763f07957583da4aa6f9690aaee4c0132480ca
8b7ed41eee90bf1deddda438941a80ef11a1d0ce79402cd977230a94f8e2e523
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7
90c3de5e4f3905fb379b7c84f847a3c0758b1c65af40a5690a1c849bf050b75d
923488cde5c00539e3d3a4eb3cdfd2b29310da7996dc3350da079e3245f3b94d
923ac60ae2b51d9cb2025f34d30e8188c5bdfb61e04f7d5c88908b56800c7ed0
92d3fe1b9192f0e991eb6ed9421b2faf6722740f6a056df9a326574325d85272
9521562582cce8c20dc4e62e619a707d5484ee08f7ae6644888bbe19637afee7
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95ea6dd9b4a1ea51842a2445f692c6667d6a8f039bc8b6b84e2b8e4d47e89225
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9919bdcf392ccc6c02a6b13de955e3b72224855c5e2e755b81cee22bef8058bd
9942c9cbda1067e96892dd679d1b768be0e05850053a394ee83054a053557bb3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4253ee8fdd7f84329fc4b4e0c28d0fbc12d0019d2c784637ec1d108e9ef3555
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5d0781fb6e2cc6d83741e20c7cdc6c131fa87ed4c60a8e46943f4236469fbd9
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
a93fa27432d2c2ef9ed94cc2a7e22436cbfebd4f8a384b46139ba6475cd6979e
a9da55d86383d540a6c01ec138c5e2d9ba556dc9377180db7353b6310ec14c2c
acf2315cf4ec52d9fcf59650288d70f8a1d678d9c961466e844a55cdb3012278
ad0eac93294381182482db743bcffb4fce826ca7972379ec10ad39870251ab26
ad7a036df3bad34d7b60df92053567bfadb28f0d79a917aa17f58c28a5eaed07
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef1df2144123d7e45ca32f656aa3584b6a06259ef3e132881be2e9ee9c71911
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b04074e2c31fc977c4c2a463b3839966b5eb6946a7823eebc795278c7e95c0
b71b8f4f87a5e731d1e12323ea93b3dc032132e1eb48f2a3613b267558dea13e
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
b9d9c248d1c87f59c7f19b198c5ed7310a4bfd0f57759dd87d649b00ec9fdb5b
bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021
c0b077eea50c9e0b054c57ca0b4816e6b0bc28e333089a29ad4158f7de4c9f45
c18de337adb33812de4de326ba0f64698128593cddc004eaedcb9d161f7bff82
c1e9ca56cc6036265b475e203e47598e2ab91cdee075686ebeb30df76e57ede8
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c823e78251d4425d3b48d8667e4007f006dbdf1bf74373161ec83dd28fb6901a
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca50e15d4058efa29c8683898c1c346d1ac6ba100979347f78323ddb39e4e891
cd1cacedcdf1b25f1202abe3da43d2677408f6c46b84c938cdb630bbfd129dac
ce42adf01899c970e7e1791dc9c4665f8307e40bc6dc1dc7fd20041b8f5f44a6
d0c848867b9c9f41b3b680d67b4f6b1bb3b07bc4efda44e4e43a0f48c98b3fb4
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
dbe39df97a2e759d8ce3af4ea4a5f55d3b2cc1833c9a1998e1312dd9f50ad696
ddbab8dc75b6edbc11d871a5d5f215a73efb0a098410a1bd9153a5af037ab65e
dddfaae923516f156c8e87142ff90ec7a842c1731f144a48cd06157781e51938
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0540a96a3275114a67a6ba6685a53883abebf126522b434e024ce00e816e6cd
e1197dfb6bf278d3f7efe99f939c603295a7cd81414056a384c39e9b53bb80aa
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e1abb52bab5d55d71ea92df09578bc06ce4789822451547ee00aec5dda155af0
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d1258c5f9ec4bc9982e6b207b1b9f8323a65d4e21bb18fb5448e07e396849c
e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230
e615adecfab746b03bbc503bd5a48ccb8c5a1c233795efe9a6ec52f49c72342a
e965a89fef019e8f3e71c90d8707eddf24c2038e7d9d55982eaba1f8053f4cab
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ed43f477b638a5b66000d5ac48b187ea28c499c62a233e7bc7aba1fb6b9567e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef33c9b94707f1e99a5e8d9935f3b91d2ff2e7a0146a86adf719cf25934e7fa5
f494ab2c9aad7526c2026f74fdb4e14126aeb288cf9130cbbe296a890323f5ef
f49ee6865adfa19b7a80104eeeea91a42b07dc3f9bcef001ccb142da35f4ede8
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8832a0ab9fbedbc095db1673eb945964f6ea6185f665c210130e38a757a5a8d
fad522c9314404170655a838fa6c298330aded53a3a5a1f4ccb05d4a98cd1300
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fe3c06eeffb10add536e52ac60fb6cccc3ea545d6fa16231830de8c4630d4851
fe85409eda36a5f315752defa8018e664272fb359b1aa6461aeaf5627ddbef02

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

359 Requests

92 %HTTPS

44 %IPv6

58 Domains

94 Subdomains

73 IPs

8 Countries

5664 kBTransfer

13274 kBSize

36 Cookies

24 Outgoing links

Page URL History

Redirected requests

359 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

359
Requests

92 %
HTTPS

44 %
IPv6

58
Domains

94
Subdomains

73
IPs

8
Countries

5664 kB
Transfer

13274 kB
Size

36
Cookies

359 HTTP transactions
6 data transactions