urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/o0kM9q
Submission: On May 10 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 66 IPs in 10 countries across 47 domains to perform 448 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 260085.
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 35.185.130.121 15169 (GOOGLE)
2 2a04:4e42:200... 54113 (FASTLY)
1 151.101.65.55 54113 (FASTLY)
27 203.75.214.136 3462 (HINET Dat...)
1 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
1 35.186.215.140 15169 (GOOGLE)
31 13.32.99.7 16509 (AMAZON-02)
34 2a03:2880:f08... 32934 (FACEBOOK)
7 2a03:2880:f17... 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 203.69.60.97 3462 (HINET Dat...)
12 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 103.132.192.30 138552 (RTBHOUSE-...)
7 43.206.25.0 16509 (AMAZON-02)
5 210.59.219.181 3462 (HINET Dat...)
8 2620:100:a001... 19750 (AS-CRITEO)
2 162.210.196.208 30633 (LEASEWEB-...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 35.185.136.122 15169 (GOOGLE)
1 192.0.78.135 2635 (AUTOMATTIC)
1 192.0.78.236 2635 (AUTOMATTIC)
1 34.149.120.3 396982 (GOOGLE-CL...)
1 34.102.176.152 396982 (GOOGLE-CL...)
1 192.0.77.2 2635 (AUTOMATTIC)
1 65.9.66.43 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 143.204.89.50 16509 (AMAZON-02)
1 143.204.215.89 16509 (AMAZON-02)
1 13.32.99.3 16509 (AMAZON-02)
1 35.208.216.174 19527 (GOOGLE-2)
2 6 203.69.60.96 3462 (HINET Dat...)
24 2a00:1450:400... 15169 (GOOGLE)
7 2a02:2638:3::3 44788 (ASN-CRITE...)
2 8 2a02:2638:d::d 44788 (ASN-CRITE...)
10 2a00:1450:400... 15169 (GOOGLE)
1 26 2a00:1450:400... 15169 (GOOGLE)
43 2600:9000:24d... 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
2 178.250.1.11 44788 (ASN-CRITE...)
5 52.197.3.36 16509 (AMAZON-02)
10 52.196.80.88 16509 (AMAZON-02)
3 10 35.201.76.93 396982 (GOOGLE-CL...)
1 34.95.67.231 396982 (GOOGLE-CL...)
5 12 142.250.185.162 15169 (GOOGLE)
2 2 23.212.211.47 16625 (AKAMAI-AS)
4 23.37.42.132 16625 (AKAMAI-AS)
6 6 192.96.203.13 30633 (LEASEWEB-...)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
4 15.197.193.217 16509 (AMAZON-02)
6 2600:9000:225... 16509 (AMAZON-02)
2 69.173.144.139 26667 (RUBICONPR...)
7 14 35.190.36.98 15169 (GOOGLE)
7 7 172.105.221.240 63949 (AKAMAI-LI...)
1 69.173.158.64 26667 (RUBICONPR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.227.249.156 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 69.173.144.165 26667 (RUBICONPR...)
2 2 18.200.127.67 16509 (AMAZON-02)
3 3 213.19.147.44 26120 (RHYTHMONE)
1 2 51.89.9.254 16276 (OVH)
2 2 185.89.211.12 29990 (ASN-APPNEX)
2 2 35.156.89.16 16509 (AMAZON-02)
448 66
6    35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    151.101.65.55 (United States)

ASN54113 (FASTLY, US)
anymind360.com
27    203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
a917f705-b084-40be-a0db-967899e73ffa.t.ssp.hinet.net
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
34    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
31    13.32.99.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-7.fra60.r.cloudfront.net
img.scupio.com
34    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
scontent.xx.fbcdn.net
7    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    203.69.60.97 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-69-60-97.hinet-ip.hinet.net
bw.scupio.com
12    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
fonts.googleapis.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
02370b8c7026e2b0f1d212b2dd1e5be0.safeframe.googlesyndication.com
3cf1d8dd06247e1188d25ef7bb0a7180.safeframe.googlesyndication.com
908720a3b42788c864e2b8e453bedaf6.safeframe.googlesyndication.com
445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
2a5b4833352ec5d148941f854e189e31.safeframe.googlesyndication.com
8    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
7    43.206.25.0 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-206-25-0.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
5    210.59.219.181 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-181.hinet-ip.hinet.net
prebid.scupio.com
8    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
2    162.210.196.208 (Hagerstown, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
1    2606:4700::6810:fd04 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    35.185.136.122 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 122.136.185.35.bc.googleusercontent.com
re-news.tw
1    192.0.78.135 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    192.0.78.236 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
1    34.149.120.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.120.149.34.bc.googleusercontent.com
www.rayskyinvest.com
1    34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com
static.wixstatic.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
1    65.9.66.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-43.fra56.r.cloudfront.net
cnt.trvdp.com
7    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    143.204.89.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-50.fra50.r.cloudfront.net
go.trvdp.com
1    143.204.215.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-89.fra53.r.cloudfront.net
stg.truvidplayer.com
1    13.32.99.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-3.fra60.r.cloudfront.net
s.trvdp.com
1    35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com
rt.ad-score.com
6    203.69.60.96 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-69-60-96.hinet-ip.hinet.net
rec.scupio.com
24    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
8    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
10    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
26    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
43    2600:9000:24de::e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
12    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    52.197.3.36 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-3-36.ap-northeast-1.compute.amazonaws.com
referer-log.holmesmind.com
10    52.196.80.88 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-80-88.ap-northeast-1.compute.amazonaws.com
cm-dev-poc.holmesmind.com
10    35.201.76.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
1    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
12    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
2    23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    192.96.203.13 (Fort Scott, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
2    2a05:d018:d29:3605:fdf6:466d:232e:738 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
6    2600:9000:2250:b800:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
adcdn.holmesmind.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
14    35.190.36.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com
ad2.apx.appier.net
7    172.105.221.240 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-240.members.linode.com
gocm.c.appier.net
1    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel-apac.rubiconproject.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    18.200.127.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-127-67.eu-west-1.compute.amazonaws.com
match.360yield.com
3    213.19.147.44 (Castricum, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
2    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    35.156.89.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-89-16.eu-central-1.compute.amazonaws.com
x.bidswitch.net
Apex Domain
Subdomains		 Transfer
84 holmesmind.com
ad.holmesmind.com — Cisco Umbrella Rank: 111204
cdn.holmesmind.com — Cisco Umbrella Rank: 147386
referer-log.holmesmind.com — Cisco Umbrella Rank: 161916
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 148529
fcm.holmesmind.com — Cisco Umbrella Rank: 171551 Failed
c.holmesmind.com — Cisco Umbrella Rank: 116196
adcdn.holmesmind.com — Cisco Umbrella Rank: 156309
m.holmesmind.com — Cisco Umbrella Rank: 306709
382 KB
56 googlesyndication.com
02370b8c7026e2b0f1d212b2dd1e5be0.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
3cf1d8dd06247e1188d25ef7bb0a7180.safeframe.googlesyndication.com
908720a3b42788c864e2b8e453bedaf6.safeframe.googlesyndication.com
445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
2a5b4833352ec5d148941f854e189e31.safeframe.googlesyndication.com
321 KB
48 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
856 KB
46 scupio.com
img.scupio.com — Cisco Umbrella Rank: 81990
bw.scupio.com — Cisco Umbrella Rank: 155485
prebid.scupio.com — Cisco Umbrella Rank: 80240
rec.scupio.com — Cisco Umbrella Rank: 107415
536 KB
31 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 744
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 371
559 KB
27 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 74883
a917f705-b084-40be-a0db-967899e73ffa.t.ssp.hinet.net
32 KB
21 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 43446
gocm.c.appier.net — Cisco Umbrella Rank: 2315
3 KB
18 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 733
gum.criteo.com — Cisco Umbrella Rank: 429
mug.criteo.com — Cisco Umbrella Rank: 2429
17 KB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
356 KB
13 google.com
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
4 KB
12 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 385
fonts.googleapis.com — Cisco Umbrella Rank: 50
208 KB
10 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1111
eus.rubiconproject.com — Cisco Umbrella Rank: 589
token.rubiconproject.com — Cisco Umbrella Rank: 600
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 42549
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
23 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 375
218 KB
8 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 31343
sync.aralego.com — Cisco Umbrella Rank: 2738
2 KB
7 criteo.net
static.criteo.net — Cisco Umbrella Rank: 664
230 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
367 KB
7 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
29 KB
6 google.de
adservice.google.de — Cisco Umbrella Rank: 7680
www.google.de — Cisco Umbrella Rank: 5171
1 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 260085
6 KB
5 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 19178
863 B
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
region1.google-analytics.com — Cisco Umbrella Rank: 2495
21 KB
3 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 40227
go.trvdp.com — Cisco Umbrella Rank: 31976
s.trvdp.com — Cisco Umbrella Rank: 32777
146 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
70 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 324
1 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 440
2 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 798
487 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2410
813 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
19 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448
1 KB
2 re-news.tw
storage.re-news.tw
re-news.tw
31 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
58 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1173
574 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 60165
612 B
1 ad-score.com
rt.ad-score.com — Cisco Umbrella Rank: 20527
717 B
1 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 28994
2 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3706
488 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5465
331 KB
1 rayskyinvest.com
www.rayskyinvest.com
31 KB
1 alphaloan.co
blog.alphaloan.co
181 KB
1 creditcards.com.tw
creditcards.com.tw
64 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
98 KB
1 prnasia.com
mma.prnasia.com
37 KB
1 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 106230
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
81 KB
1 anymind360.com
anymind360.com — Cisco Umbrella Rank: 20490
31 KB
448 47
Domain Requested by
43 cdn.holmesmind.com securepubads.g.doubleclick.net
cdn.holmesmind.com
ad.holmesmind.com
reurl.cc
34 securepubads.g.doubleclick.net reurl.cc
securepubads.g.doubleclick.net
www.googletagservices.com
31 img.scupio.com reurl.cc
img.scupio.com
rec.scupio.com
ajax.googleapis.com
29 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
26 tpc.googlesyndication.com 1 redirects reurl.cc
cdn.ampproject.org
securepubads.g.doubleclick.net
tpc.googlesyndication.com
445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
24 pagead2.googlesyndication.com www.googletagservices.com
reurl.cc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
24 t.ssp.hinet.net reurl.cc
t.ssp.hinet.net
cdn.holmesmind.com
14 ad2.apx.appier.net 7 redirects reurl.cc
12 cm.g.doubleclick.net 5 redirects 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
reurl.cc
12 fonts.gstatic.com fonts.googleapis.com
10 c.holmesmind.com 3 redirects cdn.holmesmind.com
img.scupio.com
10 cm-dev-poc.holmesmind.com cdn.holmesmind.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
8 fonts.googleapis.com securepubads.g.doubleclick.net
reurl.cc
445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
8 gum.criteo.com 2 redirects static.criteo.net
img.scupio.com
8 bidder.criteo.com img.scupio.com
static.criteo.net
8 www.google.com 1 redirects reurl.cc
tpc.googlesyndication.com
445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
7 gocm.c.appier.net 7 redirects
7 static.criteo.net img.scupio.com
static.criteo.net
cdn.holmesmind.com
7 www.googletagservices.com securepubads.g.doubleclick.net
445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
7 ad.holmesmind.com img.scupio.com
cdn.holmesmind.com
7 www.facebook.com reurl.cc
static.xx.fbcdn.net
img.scupio.com
6 adcdn.holmesmind.com cdn.holmesmind.com
6 sync.aralego.com 6 redirects
6 rec.scupio.com 2 redirects img.scupio.com
ajax.googleapis.com
6 reurl.cc reurl.cc
5 referer-log.holmesmind.com cdn.holmesmind.com
5 prebid.scupio.com img.scupio.com
cdn.holmesmind.com
5 prebid-asia.creativecdn.com img.scupio.com
cdn.holmesmind.com
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.de securepubads.g.doubleclick.net
4 match.adsrvr.org img.scupio.com
reurl.cc
4 eus.rubiconproject.com reurl.cc
eus.rubiconproject.com
4 ajax.googleapis.com img.scupio.com
rec.scupio.com
4 bw.scupio.com img.scupio.com
ajax.googleapis.com
3 a917f705-b084-40be-a0db-967899e73ffa.t.ssp.hinet.net reurl.cc
cdn.holmesmind.com
3 www.google-analytics.com reurl.cc
www.google-analytics.com
3 connect.facebook.net reurl.cc
connect.facebook.net
2 x.bidswitch.net 2 redirects
2 secure.adnxs.com 2 redirects
2 onetag-sys.com 1 redirects 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
2 sync.1rx.io 2 redirects
2 match.360yield.com 2 redirects
2 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 m.holmesmind.com cdn.holmesmind.com
2 cdnjs.cloudflare.com ajax.googleapis.com
2 token.rubiconproject.com eus.rubiconproject.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 mug.criteo.com reurl.cc
2 hb.aralego.com img.scupio.com
2 scontent.xx.fbcdn.net www.facebook.com
2 cdn.jsdelivr.net reurl.cc
1 2a5b4833352ec5d148941f854e189e31.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 sync.targeting.unrulymedia.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 www.gstatic.com 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
1 googleads.g.doubleclick.net reurl.cc
1 908720a3b42788c864e2b8e453bedaf6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 3cf1d8dd06247e1188d25ef7bb0a7180.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel-apac.rubiconproject.com eus.rubiconproject.com
1 fcm.holmesmind.com cdn.holmesmind.com
1 rt.ad-score.com s.trvdp.com
1 s.trvdp.com go.trvdp.com
1 stg.truvidplayer.com go.trvdp.com
1 go.trvdp.com cnt.trvdp.com
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 i0.wp.com reurl.cc
1 static.wixstatic.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 blog.alphaloan.co reurl.cc
1 creditcards.com.tw reurl.cc
1 re-news.tw reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 www.google.de reurl.cc
1 02370b8c7026e2b0f1d212b2dd1e5be0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 storage.re-news.tw reurl.cc
1 ad.sitemaji.com reurl.cc
1 www.googletagmanager.com reurl.cc
1 anymind360.com reurl.cc
448 84

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2023-03-23 -
2023-06-21		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
anymind360.com
R3		 2023-04-28 -
2023-07-27		 3 months crt.sh
*.t.ssp.hinet.net
 2023-04-06 -
2024-04-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
feebee.com.tw
R3		 2023-05-02 -
2023-07-31		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-16 -
2023-05-17		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2023-04-13 -
2023-07-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.prnasia.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-08 -
2023-12-08		 a year crt.sh
*.gbyhn.com.tw
GTS CA 1P5		 2023-03-29 -
2023-06-27		 3 months crt.sh
re-news.tw
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
tls.automattic.com
R3		 2023-03-24 -
2023-06-22		 3 months crt.sh
*.rayskyinvest.com
R3		 2023-05-08 -
2023-08-06		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-05 -
2023-09-01		 6 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.trvdp.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-09-23		 7 months crt.sh
*.truvidplayer.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-20		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2022-09-02 -
2023-10-04		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh

This page contains 66 frames:

Primary Page: https://reurl.cc/o0kM9q
Frame ID: 62A7E043FD05C9D9109DBA8E9B15BD42
Requests: 52 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 1C1D5A1825F3DDCAA4F30EC391DABC29
Requests: 37 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.67
Frame ID: A0DD22A9DB7D676B4478AD9BF804F478
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.67
Frame ID: 6A3C623F18F3C38177C2228850610760
Requests: 16 HTTP requests in this frame

Frame: https://02370b8c7026e2b0f1d212b2dd1e5be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B7F4E2075DB182D09E391BCB4E060965
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvLKREuNAXIxFjxfe9ESVinHAjoDzjwJgPiS85aYOutlaL8F2z-sflp3hqln3Iph9ssWuUexvLC9rolj3S0OauPXDxSSrkR3PSLaryVq_umXqWDJSSBzYPp2IIHsDLsDemZ6aYLGF_0f7wy5kGOYNThKswBO-KOy34I06YRadnq8YlMvACu7Y_r6L37_oH_pnwVQQeNjdCm6jyHnz8ysFzTwgFrZ1jJEFoTnWyk7C3DzcgHC90fDPgLlPwFM_dten5wWuIpAGdLuUz0MY2JBUTEbFDjQK5bOG_rfQyBFRon4QDtMtYSRs9fwynDNsJlUAZxva7WcQ5sIwAUvw50zP3rdo&sai=AMfl-YQ73ePqXQRowvqImIDTg6qAeILkWgjckEpYe5qL9eKxOa-3t9BGRdncEbN0lCloLT7WfSn1v19oUHjdGip6RxJCgqxIy6r3Cn7im34XawmHLF31sxtSBXDvQ2P7j3JsjJQvqNHEqnbJW_7abVfo&sig=Cg0ArKJSzO1l5R99f01HEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B3D6285F7EFADDC00EFD69267BF57A98
Requests: 6 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: 6EC27DBA1D88EE2CA62C75392644DBB2
Requests: 22 HTTP requests in this frame

Frame: https://img.scupio.com/js/rec.js
Frame ID: 239BDCD4021188408E6287135701096C
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 0043F8352CD5083A724C0FCD6E4133CC
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 0725ECB6A9434DCA78B3469B8A3B0723
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: 53BB6307EBB6909665552D18C6ED6AA7
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkTLHVGYSXo5_te3-L_7quhgtj0KHOxt7v4yrskgVFicQX1CMlDAa-2pHTvnJEk7HtKV7k5Z7tu2RmAo5fNoXlgH5eVOFxMVyX9RxUsf0dOC0m-Uhf4sd88OZdJi2EyOGOdofour6-_W6qoeVEPLL2f5ocV41dzGXJSzg8QTMlfPstzadyOAjL-gK2Cvjl_KURjKcM0aylG0llyxmRhuwg7wIlhVriObTtQ2KZ4VN3AdXH8hIbWsa9drP3MWCaUM5Ck9Ph828SUMqq-w7gz9WU6m4Jdhdcjk2yALleHfHjskLF-oK__CBlCCh8srFlUCkGGuqNGWabiYxof-cSTU4dVAc9TXh6&sai=AMfl-YS1qZ0GHKe_xCIlCYaPjIUrnh2P_fwJlpTdnvntReN7fQMcXCDimob6g7fE8dHxF2k7V_Xm-e-w_yaTtD1TO9FVlxV6ByHLuDYJJBtNWkJKvrlAmEzEahnZLGkAbINKnPkU9D3ZDXMxUcKd-U0&sig=Cg0ArKJSzH4VScnM6HnKEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C3F7A38A7C88282B8032C7EA0319DA39
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_RLdWOnw_r09rRIuWLzoWFCpkqM_H9NugtcuaGaYjzHT4QV2eZmXUMu78OphXpESGXYfZWk6g0NJ84fF40phEZLehvD6WJRz7nHoONJQQdZLRknZtOOBWLW8iz2PcRkn6vuujUDwKCOcOjaoRjdi7dIw4riV4rUNsC896PtotSy_pL0PN755Kvfu08FWqEETJJtPAbsToP8vJkI4K2hozq5U6k45jAdntRvGYnvQJ6viDPfOL5vgHK4lryWCmvEPISNVEf9ZdXerBo3SCjKOOEFDNVxUgwNgiiySXyTGm2Wj8q0kF5fQyfMhSD6O2Mhms0ToxIYRjf43zdkO9XuuxE86hFmq8&sai=AMfl-YT42JWbVG08OYDkdEmi8QHr8oJujHQpIxTd4jC5bJQ22OXibeIoPJ6WDxHxZXx5wJ3xdIQjHITX8ViEg7eYkuuPicMD5umnOhB3eOc_Izf2bLIDKZ3QMKjurLBdEgEWecjGopdrx5OLLf1nm00&sig=Cg0ArKJSzExvYXhsL4CwEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4D14B4FA6919E6438FEB7350EB9587C7
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZSLHM8k0FQBFhtY3qVC9f3K717A3eL5ZL0Av2XMxwPBMi5ku5vjTtOvrN1SLQAeXXzbTIXS6DFQg5iq_djwGtFiOAOC9ld1FSt-V1ampIqYnRZHWeT18xWFJX3oVJfl793Ljk1F10Mk_o7ri4SiPz_gkHivYG5jNUmj9-m67qnrDp1OQzshgK25cfLkc_YGWf3hHTcYReMFjjJD1cyRVjqq78U9qZAu4ibwYaOHff_21SIYyufq1oGSGEfP5QYBQzax8j_C0yYnnJVZeJmV1nKO_ddyHXjLlbDdfbmqbYtEI7EH7MQLArHjYkpq3TND5SDbfMCZ46YoswXoq9ZR_ncBqggT2q&sai=AMfl-YTVGt0AxOx04DJ_ezgK-h-T_d1rsLi836y-quc_OSnpPX1NT0LhVOGoDs5IHRNWrKeEVwOsJUVywYxwZc56QtsI62md1VR0R8yPcpht1kYNwNF7bXmC-Rw5RJID9aBBj2DJ41uOxC0K7GbMaA4&sig=Cg0ArKJSzHI-Lfp1AexMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 537F91DE48773C69DA9F2B914CF26E6B
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: D8A087FE7A7813BD047200D7CEBE7DB2
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 044A3EC4CCF45BB98FC08BDB9BF9D7A1
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 82516C0C4B58171AD4637CE307716D18
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 61DC0F245F01910DC242211C1A389806
Requests: 17 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: B4D2EDFCF29D50D80C2A5364F3EACDE5
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 9159EAF684E04ABEDE396548ED9EAC2A
Requests: 7 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: A985BA2C921C60AACF97A6EA09C22C6F
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 5A1AF3B0106AE4DE97A4AE6CEA94CEA3
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 3A8502D0BFF380D9AF686D7CF8DF201E
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 71009D9172798B2CD8C5355A195AFDB6
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: EC694FC6FD543B15929C550DFB963372
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: DE9CD5E3CF3BDB4F5388B1277B9CDEEC
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: B9FA2FD2DF4F69E6DF7036893917514B
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOIXdvPM28MBJw-K_FRpaNo&google_cver=1&google_ula=3918219,0
Frame ID: EB86531C280148097453539BE2BAB993
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 2FDD28DEED504C8E497F5BF0CD22C3E6
Requests: 3 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 1A69E33E09558699FAFD01AB2FDF05CB
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOIXdvPM28MBJw-K_FRpaNo&google_cver=1&google_ula=3918219,0
Frame ID: C3108A0B3504D3FC5607831DCC5B66A5
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 22894238C4F63F3233584ECD223EEDDD
Requests: 4 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=52
Frame ID: F76351D796D7E189547B334D4F7CD761
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: D0518DCCB182B0528ADA81059107D4A5
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Frame ID: 0D48D4570DF785B7CDCC8B8BD7675733
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 069C8A0EFB84610B47F37A5E9770FED8
Requests: 17 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: 6E1647706C92DC6329AE95456598C427
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: FBD6350B3FC66551D3AFDB9C33181630
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 59515B67AD80DAF54AFAA5D6FFE4E2A7
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: F9E07F5AF3319C24D66364C94B2B7644
Requests: 9 HTTP requests in this frame

Frame: https://3cf1d8dd06247e1188d25ef7bb0a7180.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 15EDCCD094613A10246FFC645CA2E771
Requests: 1 HTTP requests in this frame

Frame: https://908720a3b42788c864e2b8e453bedaf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: D84915F856AF1E1ADD5D033F3D5D9132
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF5F2B47E9555CE3F1103370EE1CC4FB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4A55EDC0F26BBF9A0FD568214C31A2DD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 12C5DE36DF64D196C63F22EE6AA45794
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A486D906A8449145F227E480EB19E38C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: D94B9AE5AD973426863C4584035652D4
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukVBk4AlbSvd0RiTEGus1-cGazhbWggBAOXqBegQIUxb67Ozm6Ir0xmv1OnbeqZ8CLtgZZzhgtgEAbn4WJ7L0wYAKTxwyry4ev-bjxc9Wcbfj60Ju2ZHbM3enDz3iLh49221hINYh5uOGpIp2thc6A2Lm2s5vVRWh3AbQrPY-9u-0qylY5p4hbVxw2DKIGt-CxFUYio_C3nex1rgsI7kEprFgygseUReye-RnaGmTnNekNsEZuBLotMVj4hjQYJW0JwP0xn0R9rCTTllQbMG-fwhjvzxK7nyxT7XVeKM7xy51cYTpBzEQblDWOQ-IhH7RphUwoD2tzsbjFSmCZS5RUDkCWVY57&sai=AMfl-YTJazrdxe8wIaiPn2-BUT-KYSrxduJrpkcy6WA6kz7WvpEYMOytMfZbRBmfDStn-S4OGScC7XxrBaNEjNeFgZ9IBt2WQtu10GKDT8pUAeK1N_619HekprBVhjUfEQ&sig=Cg0ArKJSzPbxDzBnXYduEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CD10A3C0EFA73DFE25B26BCBBFB8B638
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 7820D7984B47846D8EC24623D548C819
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Frame ID: C0534E4C2971FEAA889631B0E4F1FCDB
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 8ECE32298E99064719056049EFDB63E7
Requests: 17 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Frame ID: 3573EF20FF995A05B60784A31BC1F294
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: C8BECCD95742E79FA6D3EC6E73011096
Requests: 1 HTTP requests in this frame

Frame: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Frame ID: 8D321B0C7097FBC92014C3FDDE71E765
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B3A6CC0E798CBB50D4E5B7BC3A8A1C86
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 86365398DA302C185283D7F71C9B9A63
Requests: 2 HTTP requests in this frame

Frame: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Frame ID: 8BA2C657CE88B133B1A4F5E7E07D4A4C
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7BBDEDDCD33841488E622A318BF0D82B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
Frame ID: 4D769E5D952DC0F725BBCEC46CCB252A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C41D2F29E47E02B407B21F5141022CFE
Requests: 9 HTTP requests in this frame

Frame: https://2a5b4833352ec5d148941f854e189e31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: 186B36B25AF20050372A6A74B0FC2868
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C272F2B974854B9F51F7322FC5109C80
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 75B5629072F4259C058085B2E2E023E9
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvu4pZXpFnqz41UD87-R5h9rI121ddN7NrEdXorc3MHDEDEEb4DV6vOog2SI-lIZ1iUxicujkhc6_aSuviTgFlcSXBRC3wK-qbQIuV-h4YQp2eYO-K89rAYJHRKcm5M7ePUdCLuo6MxfGHEOAVDtBx9iEADkVtw57DaQ130dzXY5YiucKff5Q3-bO1FNMtGIidTktPL2b-nUnSOCewjQhIdCbF0gotBsRHaIh24NpHUPWCKAmOnpKzK7wpunWVsRNS8SNC32q2iwfDPDfA7JIJzxTq8LP2qDm1uFIlaz8zrqFWmoF0Iif8efRtm7Ffws9SF_gw4UYyI4yz-QUdh4K-M9Df55iEZ&sai=AMfl-YQ1MadnCvJRdQv1dE3pYC2U4M4PHzNzE6eodGliprNIkLjAtBUr-dntT3l24-XXMDvUA4bk5au_3uGHkJgayI6thyfgHOZ8MMYrYcj7CHWWgTsd1N0amhBHtKUPtQ&sig=Cg0ArKJSzNpH81pdhkyhEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A2796029AB4B0ACA5C5008704FBF57E1
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Frame ID: 043623171BDAF3E74601B53E9FADE45F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 0D4B8BD598747291B940513586B5450C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SécuriPass | Ma Banque

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

448
Requests

89 %
HTTPS

40 %
IPv6

47
Domains

84
Subdomains

66
IPs

10
Countries

5843 kB
Transfer

13503 kB
Size

45
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://rec.scupio.com/recweb/js/rec.js HTTP 301
  • https://img.scupio.com/js/rec.js
Request Chain 112
  • https://rec.scupio.com/recweb/js/rec.js HTTP 301
  • https://img.scupio.com/js/rec.js
Request Chain 151
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=l9K__HxxZ1Z6dW5tOWRLRFRnUXJCZ0tJTlBURnhaV1hLVlJaRkhqSXpYVDBxeWlWaGJuNHJ6SGdjTTRmeDJucFB6R2lvdVZOTmxpYW15NG54RkRjYk1vT2NGSUIxb3RnM05IRDZ3RjdUczBIZFhyeFlyb1IvUXV2RThTOWNVUExURDBodGpHcVNmNU51b2hYalo2YzhxemVheXdFMndwQTIyRFBtTEZRWDhCY2ZpR1lodVByQ0VGMTlPUmNpSGFuZWhJTmdESkhBV2pvblQzZHRoTFhyc05VbW05ejBiazU4VkpnTlZPQy9Id2hDODdoKytBSXg3K05KM0lVaTZMVzVKYVNwVk04Yi8xOU9YR3NNTjVkZkJqZDZFUFQzb3dtS3NNZHZnU3lUUG9sMzg5RT18&cppv=2
Request Chain 152
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=grPvMXxCK2lUMnBVd1g4YXdSMldVcG9Ld1E3Z2JKN2hpdEVIZHF1YlVrOE1iN1l2cXlvUTI5Mm5LbjJ2bHlFNHhmRkxLRW9WZS9ReTdQODRTNjc4QkJJZTh1SFpac1U3Z3F2YUhhNndOY2lDMHpvcFEzYnpIT1JwOG84OGZzSXBJUFdBN0xEd1dmQUQ0Q2RXcDRRTWVybVYvNVQzSXVubmdzU1hvRmpqMEszVThRLzBrVnVMT3hZRzd2UjE0VHBraFhxLzFCMDRvMVMxTlpnZTJVRWU5VTdmbUl1MFlYeWxJRWIzMngvNkpIWTVHTDhsRUM4ZXhtQTJZWGZLeTBuUGZ2cnFCbXlOeDB4N0d5RGhVQUl1c3lFZVRUS010dTJsTy9YS3BEN3pEZUswRW0ybz18&cppv=2
Request Chain 173
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 175
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 180
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1JBMjAyMzA1MTAxNjUwMjA5NjA5MTI%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOIXdvPM28MBJw-K_FRpaNo&google_cver=1&google_ula=3918219,0
Request Chain 187
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 189
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CRA20230510165020960912 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/4c7d0136-7929-37c4-be3e-ec2f37f0e7d9?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-mxRSMOdE2oXlIvU7R9yQLw5vkNGbYXRG8XHuwZY-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 205
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
Request Chain 206
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=rdEaroHwASeSSOdDzlpbZA
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0dBMjAyMzA1MTAxNjUwMjA5MDcxNTU%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOIXdvPM28MBJw-K_FRpaNo&google_cver=1&google_ula=3918219,0
Request Chain 210
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 212
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CGA20230510165020907155 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/4c7d0136-7929-37c4-be3e-ec2f37f0e7d9?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-mxRSMOdE2oXlIvU7R9yQLw5vkNGbYXRG8XHuwZY-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 216
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=vuVLBjcmAAK-kbSGzlpbZA
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV&uu_m=undefined&google_gid=CAESEDV_xpGGEv0SZ9iIMW-kazg&google_cver=1
Request Chain 294
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
Request Chain 295
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
Request Chain 322
  • https://sync.aralego.com/idSync HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 333
  • https://sync.aralego.com/idSync HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 354
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV&uu_m=undefined&google_gid=CAESEDV_xpGGEv0SZ9iIMW-kazg&google_cver=1
Request Chain 383
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
Request Chain 384
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
Request Chain 409
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
  • https://tpc.googlesyndication.com/simgad/4091503581208051288
Request Chain 412
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBOECMzfj-tajEp3yMORgI4&google_cver=1&google_push=ATf1kGN7VvVzu-5SQGzA8PPEUP2PqYLE5W1KqjUASgNCEFxRUNfkF3fuaBv8PzF6SqTSkBfAhTjHQk5ujZ5ORsSEdblOxw1hNWAp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGN7VvVzu-5SQGzA8PPEUP2PqYLE5W1KqjUASgNCEFxRUNfkF3fuaBv8PzF6SqTSkBfAhTjHQk5ujZ5ORsSEdblOxw1hNWAp&google_hm=II1KdWjITBmB7huvzsQxjoU
Request Chain 413
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF0wwuSamXiuvujgBR6FBn8&google_cver=1&google_push=ATf1kGOI8Sy2RxjIxdkMeUttGUyrkI-p7NdCzSGNirigQgVJUj_Aia_tS43bxNVF049PXbYVn0jrAqPFOqSPXbzhd45IobfyjHDF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhIR041N1ktMU0tNEpPNw==&google_push=ATf1kGOI8Sy2RxjIxdkMeUttGUyrkI-p7NdCzSGNirigQgVJUj_Aia_tS43bxNVF049PXbYVn0jrAqPFOqSPXbzhd45IobfyjHDF
Request Chain 414
  • https://match.360yield.com/match/ebda?google_gid=CAESEA-dtjQQz9-2PseYDR_OBvQ&google_cver=1&google_push=ATf1kGPDV94GwzPysCDRy8fIy_d_bTt9LXGl88Ch7rmcqhxyUDI5BoMR-BxwLh2ASU1GUpDrKlPHC_gn0fqP1doypVvKXQH05LcN HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEA-dtjQQz9-2PseYDR_OBvQ&google_cver=1&google_push=ATf1kGPDV94GwzPysCDRy8fIy_d_bTt9LXGl88Ch7rmcqhxyUDI5BoMR-BxwLh2ASU1GUpDrKlPHC_gn0fqP1doypVvKXQH05LcN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ChryI5lUTmymdsm7MiQ_7w&google_push=ATf1kGPDV94GwzPysCDRy8fIy_d_bTt9LXGl88Ch7rmcqhxyUDI5BoMR-BxwLh2ASU1GUpDrKlPHC_gn0fqP1doypVvKXQH05LcN
Request Chain 415
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBD3hZGsQgzQejt64YtbnqA&google_cver=1&google_push=ATf1kGNkD29n3eDcrMm_DacRAROmltbglImth7is6uuYjYiv0WdKyGIGTZwclfYoKE4BTjHtUgVZA5DAJaYYgqALVMXcdIXBcO8v HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGNkD29n3eDcrMm_DacRAROmltbglImth7is6uuYjYiv0WdKyGIGTZwclfYoKE4BTjHtUgVZA5DAJaYYgqALVMXcdIXBcO8v&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1683708624442 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-40459809-b679-4d96-8f44-df4030acc15a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGNkD29n3eDcrMm_DacRAROmltbglImth7is6uuYjYiv0WdKyGIGTZwclfYoKE4BTjHtUgVZA5DAJaYYgqALVMXcdIXBcO8v%26google_hm%3DA0BFmAm2eU2Wj0TfQDCswVo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGNkD29n3eDcrMm_DacRAROmltbglImth7is6uuYjYiv0WdKyGIGTZwclfYoKE4BTjHtUgVZA5DAJaYYgqALVMXcdIXBcO8v&google_hm=A0BFmAm2eU2Wj0TfQDCswVo
Request Chain 416
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAfC1Z4D-50wRGHcghb642k&google_cver=1&google_push=ATf1kGPVj3sXSy5jDBZwmdjqLP26z3WpurQDL8Y7IZuEQ9pbLdy1KEb-nd_rtXjebKnZzdclRjfTAl1J7Tc1Vo4PF-bAOi672mug HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPVj3sXSy5jDBZwmdjqLP26z3WpurQDL8Y7IZuEQ9pbLdy1KEb-nd_rtXjebKnZzdclRjfTAl1J7Tc1Vo4PF-bAOi672mug HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 417
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENSyokv3fTDGeDJ1RlymvK4&google_cver=1&google_push=ATf1kGN3UV7uSD1V3O3DY2SZVj3qObcp2RWtrOuIBdrN0Ost-NtIDU8Vj-NOGStUrwSN14NEuG1p9jTEg694Vgt2SVWJ7933hzuPTw HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENSyokv3fTDGeDJ1RlymvK4%26google_cver%3D1%26google_push%3DATf1kGN3UV7uSD1V3O3DY2SZVj3qObcp2RWtrOuIBdrN0Ost-NtIDU8Vj-NOGStUrwSN14NEuG1p9jTEg694Vgt2SVWJ7933hzuPTw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU5ODkzNTY5NDcwMjA4OTcwOQ%3D%3D&google_gid=CAESENSyokv3fTDGeDJ1RlymvK4&google_cver=1&google_push=ATf1kGN3UV7uSD1V3O3DY2SZVj3qObcp2RWtrOuIBdrN0Ost-NtIDU8Vj-NOGStUrwSN14NEuG1p9jTEg694Vgt2SVWJ7933hzuPTw
Request Chain 418
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECgJlqMgN33Ei0NcXNlKaMc&google_cver=1&google_push=ATf1kGNVgqxmybE8E2VLznpGk4bVdF8JB-QRIiztc6SBbnuO4RVhMbQU-EhuOADUMZp-0K-v0Mnfu8_oiLhT7kwfRs1ixqXYzmkPAQ HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECgJlqMgN33Ei0NcXNlKaMc&google_cver=1&google_push=ATf1kGNVgqxmybE8E2VLznpGk4bVdF8JB-QRIiztc6SBbnuO4RVhMbQU-EhuOADUMZp-0K-v0Mnfu8_oiLhT7kwfRs1ixqXYzmkPAQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d6cc06c1-0005-49a6-9704-838c78779f94&%%GOOGLE_PUSH_PAIR%%

448 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request o0kM9q
reurl.cc/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f8ebe2eaaafd97f1bf18fab713d8d53e890c9fd0b09348c0a8d19c4d518b8390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 10 May 2023 08:50:17 GMT
server
nginx/1.18.0 (Ubuntu)
target
https://www.suaritmacihazim.com/wp-content/themes/work-pro/agrgrgr/index.php
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 May 2023 08:50:17 GMT
x-content-type-options
nosniff
content-encoding
br
age
3034609
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25648
x-served-by
cache-fra-eddf8230028-FRA, cache-gig2250053-GIG
x-jsd-version-type
version
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/o0kM9q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:17 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-9f6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Thu, 09 May 2024 08:50:17 GMT
ats.js
anymind360.com/js/9479/ 		124 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/9479/ats.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3d9a612f852ba9f3564e53516bcd21b0283341c3b3655c3f439f2e84bdc4faa2
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

expires
Tue, 09 May 2023 09:06:26 GMT
date
Wed, 10 May 2023 08:50:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
85432
x-guploader-uploadid
ADPycdslfe_8FVz3qATzgpPfGH9yZpZAfsQHbU0vLkVY30Lgkt_VKqNjM_QdbMB8jdEA50XJDv6VJjlcPxpqdD9vD2as
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
31540
x-served-by
cache-tyo11954-TYO, cache-gig2250063-GIG
last-modified
Thu, 20 Apr 2023 06:30:15 GMT
server
UploadServer
x-timer
S1683708618.948126,VS0,VE0
etag
"952e4c8d56156d3e3cc5e40a9b199ed2"
vary
Accept-Encoding
x-goog-generation
1681972215759031
x-goog-hash
crc32c=h0V3+Q==, md5=lS5MjVYVbT48xeQKmxme0g==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
31540
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
94, 2
pixel.js
reurl.cc/javascripts/ 		429 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/o0kM9q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:17 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-1ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Thu, 09 May 2024 08:50:17 GMT
utag.js
t.ssp.hinet.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:19 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 10 May 2023 09:00:19 GMT
js
www.googletagmanager.com/gtag/ 		236 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db98a415b9c81140352c3d5cfdf0522c47b199a4fb206651bc1cce677f95a51b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82967
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 May 2023 08:50:18 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c311a11312e199b80645e0faf674b901a1b055da7deda8975871a9c903dc5db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24954
x-xss-protection
0
server
cafe
etag
172 / 19487 / 31074454 / config-hash: 10283026373551537385
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 May 2023 08:50:18 GMT
ysm_reurl.js
ad.sitemaji.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_reurl.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 17:43:18 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 20 Jun 2019 08:55:05 GMT
server
nginx/1.12.1 (Ubuntu)
age
54420
etag
W/"5d0b49e9-4488"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5880
expires
Wed, 10 May 2023 17:43:18 GMT
ad.js
img.scupio.com/js/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
cfb9efc885f20a99b4de4a37da33b3d25262b880f14df6b13aadd0c3e3754944
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
date
Wed, 10 May 2023 08:47:31 GMT
last-modified
Wed, 22 Mar 2023 01:19:47 GMT
server
nginx/1.15.2
x-amz-cf-pop
FRA60-P3
age
177
etag
W/"641a57b3-12f95"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=900
x-amz-cf-id
ONEaA8RxD3T8EIEAzz1qiNKB0oqr3_oxn9wfO0rj2gDPg0VFi_K3QQ==
expires
Wed, 10 May 2023 09:02:20 GMT
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 May 2023 08:50:17 GMT
x-content-type-options
nosniff
content-encoding
br
age
2283336
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33184
x-served-by
cache-fra-eddf8230020-FRA, cache-gig2250053-GIG
x-jsd-version-type
version
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
reurl.cc/javascripts/ 		412 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/o0kM9q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:17 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-19c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Thu, 09 May 2024 08:50:17 GMT
loading.js
reurl.cc/javascripts/ 		134 B
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/o0kM9q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:17 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-86"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Thu, 09 May 2024 08:50:17 GMT
ga2.js
reurl.cc/javascripts/ 		536 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/o0kM9q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:17 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-218"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Thu, 09 May 2024 08:50:17 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 10 May 2023 08:50:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
xas7t462UttaZ4KQq2zReFgDRO9yWBHo20f0CUUsx+LASrGgJN3d2MatTnNAirS4PPZJDu1vvAtEmNudtoyFsg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
page.php
www.facebook.com/plugins/ Frame 1C1D 		99 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cf52685901e43d4ef0f97c590cad9066e283d53968f835add3f9521528c61e8c
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 08:50:18 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Af0fFSvHDFMKt5xbFWVyIvAtMoDJmSgWARLhTlqBomDVLi+nreEDnI2CtHJZWRVdYs5v/V8mdT2g5gTCbDeikw==
x-fb-rlafr
0
x-xss-protection
0
feeds
storage.re-news.tw/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
ec2542dbd2c36f584f663ecb375d31c4395d93154ab994c3cca3f6b5330a90be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1c33-zPPFccNF2Z8PclPhiCmOmc7GXUI"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7219
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 May 2023 07:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6318
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 10 May 2023 09:05:00 GMT
1675200226052423
connect.facebook.net/signals/config/ 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3f69630ede703f500c5dee83d1cf15469265993951d2397c134da8f60af3cfdf
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 10 May 2023 08:50:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21388
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Y6Cg+JSuvLVcsdtz0H643qc5cYnHtmBh38EDheq+L6zwIyVfOqA0QCJfitWiTQYzUy9GknBXpnQOoUd3EOJ/cw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
17229.json
img.scupio.com/js/config/ 		461 B
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
2f40eec74eadfe630474d2e05285e9c8a8aa47eb1ebef18c176422f11709f3ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:46:50 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
208
x-cache
Hit from cloudfront
content-length
461
last-modified
Wed, 10 May 2023 02:20:46 GMT
server
nginx/1.15.2
etag
"645aff7e-1cd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
e_WZb36K91pyWOEGA24s89Q7n_WtSmV2jt-pQWI7Nl50135JkBVR5A==
expires
Wed, 10 May 2023 11:46:50 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.9919288848855705
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-97.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 10 May 2023 08:50:19 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json
Access-Control-Allow-Origin
https://reurl.cc
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
0
ad.html
img.scupio.com/html/ Frame A0DD 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.67
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1815
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 10 May 2023 08:20:03 GMT
etag
W/"641a5637-14dfe"
expires
Fri, 09 Jun 2023 08:20:03 GMT
last-modified
Wed, 22 Mar 2023 01:13:27 GMT
server
nginx/1.15.2
strict-transport-security
max-age=31536000
vary
Origin
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-id
Sf-5YsuuSWHT7AMAjII9ajLa70I4DjGpWh4fV5E6QU9AonStEvdi5g==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
17253.json
img.scupio.com/js/config/ 		461 B
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
4598aacc92f06a61ae939c7190912dc237228d726c0651932b3f2a06ed4faf00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:46:50 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
208
x-cache
Hit from cloudfront
content-length
461
last-modified
Wed, 10 May 2023 02:20:46 GMT
server
nginx/1.15.2
etag
"645aff7e-1cd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
FLkcV5tvQJYhxxu6-bhSnS3kEIpx4hvCKoR410WhlCRemLQSUmmkCw==
expires
Wed, 10 May 2023 11:46:50 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.08392552390543129
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-97.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 10 May 2023 08:50:18 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json
Access-Control-Allow-Origin
https://reurl.cc
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
0
ad.html
img.scupio.com/html/ Frame 6A3C 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.67
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1815
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 10 May 2023 08:20:03 GMT
etag
W/"641a5637-14dfe"
expires
Fri, 09 Jun 2023 08:20:03 GMT
last-modified
Wed, 22 Mar 2023 01:13:27 GMT
server
nginx/1.15.2
strict-transport-security
max-age=31536000
vary
Origin
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-id
BE7mf4xbypLVF-wLfy8iwm7l2ku26bGE3eOSqxy6i7PaoZUwPAY6TQ==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame A0DD 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 05:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 May 2024 05:00:52 GMT
prebid.js
img.scupio.com/js/ Frame A0DD 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
date
Wed, 10 May 2023 08:45:21 GMT
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.15.2
x-amz-cf-pop
FRA60-P3
age
297
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
sMGW07qOn_T1vkx8W31jVrZR5_p3SI2urXc92xM8hJA680u94Uxfew==
expires
Fri, 09 Jun 2023 08:45:21 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 6A3C 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 05:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 May 2024 05:00:52 GMT
prebid.js
img.scupio.com/js/ Frame 6A3C 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
date
Wed, 10 May 2023 08:45:21 GMT
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.15.2
x-amz-cf-pop
FRA60-P3
age
297
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
djkpMo6A2LkDiuE1yQsqwjML5P_P3DCTrZdlHXEb8gTW1TtBeXtjpg==
expires
Fri, 09 Jun 2023 08:45:21 GMT
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3580&_p=1607042825&cid=1234105094.1683708618&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683708618&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fo0kM9q&dt=S%C3%A9curiPass%20%7C%20Ma%20Banque&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredevents.js
connect.facebook.net/signals/plugins/ 		71 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.104
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 10 May 2023 08:50:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21675
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Uy+LN+1rBSzajRoZzQEPtpn9y3e1tNa5gprqz492iG+lNpC9FECqb3RvwRptioJqciVv8erU2jUUF6Y0H0U31w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1607042825&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fo0kM9q&ul=en-us&de=UTF-8&dt=S%C3%A9curiPass%20%7C%20Ma%20Banque&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=944284571&gjid=2126665840&cid=1234105094.1683708618&tid=UA-102456694-1&_gid=2059435902.1683708618&_r=1&_slc=1&z=332298515
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1607042825&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fo0kM9q&ul=en-us&de=UTF-8&dt=S%C3%A9curiPass%20%7C%20Ma%20Banque&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MTM4LjE5OS4zOC4xMzM&ev=1&_u=IADAAEABAAAAACAAI~&jid=&gjid=&cid=1234105094.1683708618&tid=UA-102456694-1&_gid=2059435902.1683708618&z=30951089
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 00:16:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30841
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/ 		403 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77384310d4ffb3b35481ce813a3ef4f3cbcf694e8a7a58f6698c692bdf27de5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 04:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
14660
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127480
x-xss-protection
0
server
cafe
etag
445900462459606666
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 09 May 2024 04:45:58 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		550 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d286a87737ce10b4d9d59c7559319f7e941aa6578c497c3f09b54308079f0d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
279
x-xss-protection
0
expires
Wed, 10 May 2023 08:50:18 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-102456694-1&cid=1234105094.1683708618&jid=944284571&gjid=2126665840&_gid=2059435902.1683708618&_u=IADAAEAAAAAAACAAI~&z=1295180823
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 10 May 2023 08:50:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fo0kM9q&rl=&if=false&ts=1683708618568&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=28&fbp=fb.1.1683708618567.323625289&it=1683708618397&coo=false&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 10 May 2023 08:50:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
B30YN55-3KR.css
static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/ Frame 1C1D 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/B30YN55-3KR.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f7bd306a36a6bd71f0e45a65367f0e48082255d89a849874c440bdf201a2551
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
omNgP7RWlWzODTv1QG2/IA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4906
x-fb-rlafr
0
x-fb-debug
gAC5pLaoDB6OyH2dIOdyPuMEH2uGmn8nmcZD4mJWQLa46N3PsomrLWFaFfmMg1jusccHs+XOmJEiEJJs8w2kmw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 04 May 2024 16:26:11 GMT
k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 1C1D 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q6bCky1+00PrRbx3auADnQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
833
x-fb-rlafr
0
x-fb-debug
yR41YqWUOjGl7RV6dXtyx0EOEojyT/oii9EJubOMxpb0ouBDAnJaT6S/aTXlG/3VHIpEXOdHLLfrIUU+rwU/lw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 25 Apr 2024 20:38:00 GMT
5Efu-Dd9ERG.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame 1C1D 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fl5R7gBdn+7q3joF/eO71w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6398
x-fb-rlafr
0
x-fb-debug
HNtEJv7VtsZbiSrijmRBJ46O0RfYUTVjPncF3VmAEwbAB4x25iQ7qk0x0Hm5SzC5nCUp4uUrUd32LlC2cWLXBw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 25 Apr 2024 20:23:10 GMT
0htKf_M-dP2.css
static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/ Frame 1C1D 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/0htKf_M-dP2.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
469a27a5bd460e05dfee49f42dbc0272fba339852731395328573b311dc173c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6r3FH+u29YB8eggsTK+c0w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4886
x-fb-rlafr
0
x-fb-debug
CPK/4c0AnwgdR6Q2yGpbqacUjm4SgK173gQ+UCG+qOSv4nrDr15/bH+czn6LMcANmRr0M0LjNwNGXkDlSrk3DQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Wed, 08 May 2024 17:00:54 GMT
0QRa9Kk4Ubi.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 1C1D 		305 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/0QRa9Kk4Ubi.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3464ee934f5f50d54db9567cd54320aa259dc2f8089c8dc6c5c9ca0442fa89b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
h1SP2AkFOOYwjLhX1aQGzw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
81777
x-fb-rlafr
0
x-fb-debug
Y1GMqAxqQycL2kSskEu6Cec1gMPPTxrTKSP+v+XiBATd4zmQ9BaIDW2LeGgjjAK21RdJ1SRmrQE0zqofllpcgg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Tue, 07 May 2024 23:40:38 GMT
sJvTQLcAhd1.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame 1C1D 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/sJvTQLcAhd1.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
51921cc9790138c4c5bdebded2b985851dcadde426dafff65fb90da1a43fa97a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
bxsoq7orTEwR5T0iLbqHrg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17837
x-fb-rlafr
0
x-fb-debug
trXlfj3LgMeM5zOWspJqPv99vkTDeZYZ0h9wXhE/klbOsRqz9LyfSrPq2EBowGrFasTJBHSlFNVR4RXpbx0yZw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Wed, 08 May 2024 07:48:58 GMT
ZTqEpQsIUo5.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 1C1D 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/ZTqEpQsIUo5.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fc33c22d4e5683886ae5bd007a5d7dc4550fc52149efa7dfb6eaab141f0022c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
It2aXAeZoSeS/g+6is4uXQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17491
x-fb-rlafr
0
x-fb-debug
RzYCt9nExyKfayzhmPrPA+oE9+nvowptTxbo45kOSl5YdsJGgh9daocu8Qx4Yj2mgSLmSb0MgUfaoYfWSIF+hA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 04 May 2024 04:56:38 GMT
W5ySmsJTMrO.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 1C1D 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/W5ySmsJTMrO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7b366c506ee88c74e2c8b5605c596afe360f054f737099053888afbaf342ad80
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hEDTHfoF5Nrl9247v5Hzmw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11620
x-fb-rlafr
0
x-fb-debug
sCVLEoxDuxoqXox+vmPRG1NxjvWcHNyzZIz+pc6HJQMJwmCl6t4nn2F80F2dQyX50t6xstCeWJ741FTtIKkl3Q==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 04 May 2024 16:25:07 GMT
-gWZYO1U58H.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 1C1D 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/-gWZYO1U58H.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8b20dfc629819cbd50f6e1875a263c09747b871b1bdd01e6be4fb97b43267fca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
KX61GIz8tb1ShO7pgj9+qg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5035
x-fb-rlafr
0
x-fb-debug
CibXy8fCLXs+xZHXqDJTzckKRGq2Fib/8759Z0f4QWm68VyUxvjpy+6hNLp66xbkWJBYIwYXskZC44XR7N8U2w==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 03 May 2024 19:09:37 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 1C1D 		507 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-rlafr
0
x-fb-debug
qCgnTEF6ZLk5W+kxP+e9WUsp/wRk8scarJXAO+5CMgqNRvdCm/8T3t6QLr8t7Pg0GvxsSqolURSZABqJVBix1A==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 May 2024 20:41:19 GMT
lBvUHGCuWXN.js
static.xx.fbcdn.net/rsrc.php/v3iLNf4/y8/l/de_DE/ Frame 1C1D 		212 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLNf4/y8/l/de_DE/lBvUHGCuWXN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
20afd36026d6215327cb696bc82bf62f8a9275c2bf5929fae4d65f0c20f3f1fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
2iF4X6SLDCC/0+O108+H/Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
61603
x-fb-rlafr
0
x-fb-debug
LT0pIkW958L8F7Krstcg4w0qQIvkTWGuqGx2VMdaldcmK0COL38GaoYjYmFK/DAjDXWyn5IF+IXTy3BmoWhklA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Sun, 05 May 2024 03:02:54 GMT
g22CuEwm-7d.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 1C1D 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/g22CuEwm-7d.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
36f09ceb25af8bbf8606d7a202c581652ef4e3fa750ac38214c17ec2fcaa99e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yjyCanw2SgGw0FSjblzDJQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1887
x-fb-rlafr
0
x-fb-debug
YFnuafy8TsVqu4e6jYMHoChqnQQziVxGkzOLvHzSD+nh3AcUJzW9zXUK0c0Kj8HxCV3ZHQhW1lXtxqSKixZK3w==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 03 May 2024 19:05:02 GMT
uj3zh_ISVZm.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yU/l/de_DE/ Frame 1C1D 		75 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yU/l/de_DE/uj3zh_ISVZm.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2aeef005480752a3d08a34baf081380b8a21fa73a19f3836bc54f37a9fbefc7e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
MT9dFxRp+eu8UzzXdwd5rw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22258
x-fb-rlafr
0
x-fb-debug
/bhQ7OhJ+UhdSE8JGNTKuC5JUmpFKEwqd6KzwbUNiIUbLNAwfxIPf/QpDmQox8HSx4H+HUPc2KNvlr2edDEm3Q==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Tue, 07 May 2024 15:26:20 GMT
FiobF5X06D4.js
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame 1C1D 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/FiobF5X06D4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ed4e5d75a55369e7f69611af38ade2e22affa5844aab9c759a19c6d69e03733
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8AJGcizK4TnTdmTa0BEeeA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3655
x-fb-rlafr
0
x-fb-debug
oaRPUCfMZz5Cy/UQCpM4Me71x9VebeZi2WXzJ5xpvmFkCJKm+gHbVXPZPYph6cyikBs+5PwmtP1NO9nlViyLbA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Wed, 08 May 2024 16:59:31 GMT
P37SNqRrrCx.js
static.xx.fbcdn.net/rsrc.php/v3i2dl4/yt/l/de_DE/ Frame 1C1D 		329 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i2dl4/yt/l/de_DE/P37SNqRrrCx.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d86efc47e5f72d50883431b08ebc559e9ff4b7ab366c3bb10a402fcbe154f4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
INe3MrkhGFPtSJcmUCPU+g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
79245
x-fb-rlafr
0
x-fb-debug
fTm4uaNA65OlSQ7RsICgQwIz/lJwelVqaoGyxAD2s2nKBgdqn0JE/4UrAxpZ2DjUDRGSWswyCwro3CIvZvH2mw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Sat, 04 May 2024 00:26:09 GMT
WhpYpE1Bgto.js
static.xx.fbcdn.net/rsrc.php/v3i6WS4/yn/l/de_DE/ Frame 1C1D 		410 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i6WS4/yn/l/de_DE/WhpYpE1Bgto.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6331282d1fbd0c91fd08bbf05c8849a1d5d0857599385931fe8cef4d586d9e3a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iUkKwzc7g/Ktpfi2+d9knw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
98414
x-fb-rlafr
0
x-fb-debug
UvALCkJRZwfnatx2fWXv8XD6nt3OzCnAI69Gb/VD/iCYvUfXhHMnyibVJQdgGgFaq0DojJuh2vfGLste4XPYNg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Wed, 08 May 2024 07:53:39 GMT
lYejkzyV906.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 1C1D 		723 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/lYejkzyV906.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ff7752702f4c4c362f1eaec396e6aac8a0aadf3def7dc0817e558c60ce20f0c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
naOE1m8tmTZ0fVAYNsTRiA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
387
x-fb-rlafr
0
x-fb-debug
/4egI1vGMY4kyovh1d48VTLZuNOYVEEmPSy9W9u2roP+CIE50YQS1q8ikhL/d7+jjLOXCk5Jk4c2xe2M5MAkHg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Wed, 08 May 2024 03:48:55 GMT
gScKQn1e_kv.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame 1C1D 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/gScKQn1e_kv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d464da3ea767548eba585d8f21deb98208c72bf6b70dc9e9317c2b610dad2d30
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qby/kZgmOZ9ZlV8WTFWZeg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5138
x-fb-rlafr
0
x-fb-debug
ZerZwyjZAUpdDy1yz9B7wXN7/erPYrT4BRb8jjDvw9kpnzrrV5MKBzGBj5JvD1lcMT9RCwD6tCBCNBjNKUeC0Q==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 03 May 2024 04:12:17 GMT
QBDRiVjOWmp.js
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ Frame 1C1D 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/QBDRiVjOWmp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef75043c121e8e3babf5d1eb1e1e740db401f7b0f698c5ab1c5b04ab0195a32a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
SDhRiwehtd7IpHlY575y9g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7342
x-fb-rlafr
0
x-fb-debug
JaLTQOlNMec3WjqTg1SnWpYyQWNyPgMv6/jCKN4H8y/wH/MKAUvlj6BnEzHqj82udYs9hR9BBw3PAmmm208O1Q==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 04 May 2024 04:56:39 GMT
8uEiKEOzDF-.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 1C1D 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/8uEiKEOzDF-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ea305a5fd53962458bc3120e697f3fd174f35c7286ddbc7e63a34f4186390315
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mebeQlMkPFkk44C8B6A/sg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8600
x-fb-rlafr
0
x-fb-debug
rMEA+F2ezOYw+GDhAi8y+ONVncCoIUg+/ZXWzC7JCALfvalBC0+xfZHHBr8RADbk22dBRa5dqR8Um+e7Cd5q+g==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Tue, 07 May 2024 13:36:47 GMT
7TQpq0fzfu4.js
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 1C1D 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
TLChQoDhUYzpJFadDZTs1A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
782
x-fb-rlafr
0
x-fb-debug
Hw052M5xjDJEO9B2tQjKvtRV3q0X8zJVdYiS30U9gBGpR1dm2sygcgHz4Yxdc4Kevw7etOiJUiH+B/3RFugoBw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 25 Apr 2024 20:18:04 GMT
h8ulkmpky8f.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 1C1D 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lbhbphR1BNPxW6RqDJiiow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15174
x-fb-rlafr
0
x-fb-debug
lk633JCbSkzzd1n3R/r+TQppz7RsTJU7PebkEADCiD7gmheaSa4VO/2Rj+LTo1Wu34DheCesBNx5R3W1LNRlSQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Wed, 08 May 2024 03:49:02 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 1C1D 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=dd9801&_nc_ohc=JbhOFtBKvfoAX9gTHwH&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfAcLQ0NuWh4femJqLNL9jsQVYb-s_SEoTNecs4YM_gqYA&oe=6460B605
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-haystack-needlechecksum
1290236993
date
Wed, 10 May 2023 08:50:18 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Fri, 13 Jan 2023 04:15:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1433450679
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2910780274
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
16853
305964663_450890893727816_1742559653774706626_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 1C1D 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=1T8OJP6TncwAX9pyENV&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfC0H6zmxeNsruDFnVHEcr73-kIhw6k4TRSZT4GF5LvnLw&oe=645F7595
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-haystack-needlechecksum
760809244
date
Wed, 10 May 2023 08:50:18 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2540016234
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1345
currency.json
img.scupio.com/js/config/ Frame A0DD 		108 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
50f1e9fb7e043b6cea564efa5f71a24218e8c3ffce1a33587007eafa8613661a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.67
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:45:48 GMT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
270
x-cache
Hit from cloudfront
content-length
108
last-modified
Tue, 09 May 2023 19:15:04 GMT
server
nginx/1.15.2
etag
"645a9bb8-6c"
vary
Accept-Encoding, Origin
content-type
application/json
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
WZdud7y_6cG5EDIkuC8txS6-p4YLlVFKnjWnx8SZwAVvK7nDfhtKhg==
expires
Wed, 10 May 2023 11:45:48 GMT
currency.json
img.scupio.com/js/config/ Frame 6A3C 		108 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
50f1e9fb7e043b6cea564efa5f71a24218e8c3ffce1a33587007eafa8613661a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.67
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:45:48 GMT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
270
x-cache
Hit from cloudfront
content-length
108
last-modified
Tue, 09 May 2023 19:15:04 GMT
server
nginx/1.15.2
etag
"645a9bb8-6c"
vary
Accept-Encoding, Origin
content-type
application/json
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
-XdWfi_tAkTU2pV1UCq_v4bYpMT2ySphxWe_F9-z7evnKRzskp4rXg==
expires
Wed, 10 May 2023 11:45:48 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		127 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2986772069633825&correlator=4262775849009940&eid=31072878%2C31074454%2C44782498&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13856%2C14210%2C14209&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C1x1%7C320x50%7C300x100%7C320x100&ifi=1&adks=81851380%2C827794272%2C3242553145%2C3271617715&sfv=1-0-40&cust_params=url%3D%252Fo0kM9q%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1683708618760&lmt=1683708618&dlt=1683708617393&idt=1327&adxs=245%2C245%2C625%2C245&adys=511%2C108%2C108%2C364&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Freurl.cc%2Fo0kM9q&frm=20&vis=1&psz=1140x90%7C380x256%7C380x256%7C1140x50&msz=1110x90%7C350x250%7C350x250%7C1110x50&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=1234105094.1683708618&ga_sid=1683708619&ga_hid=1607042825&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3c61752fc7f71168a77f9e8b07724d982bbd5db22a9fe0857138b7a490f4aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26942
x-xss-protection
0
google-lineitem-id
-1,6297987529,6297900949,6297899953
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138432380646,138432357881,138432362607
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2986772069633825&correlator=4262775849009940&eid=31072878%2C31074454%2C44782498&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=5&adks=3261691140&sfv=1-0-40&cust_params=url%3D%252Fo0kM9q%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1683708618774&lmt=1683708618&dlt=1683708617393&idt=1327&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Freurl.cc%2Fo0kM9q&frm=20&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=1234105094.1683708618&ga_sid=1683708619&ga_hid=1607042825&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3686dd034b95dee98b08d0dc82b0250a8c852142a11f5b21bb67599aac220c72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10573
x-xss-protection
0
google-lineitem-id
6263003938
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138428653768
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
02370b8c7026e2b0f1d212b2dd1e5be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B7F4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://02370b8c7026e2b0f1d212b2dd1e5be0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 08:50:18 GMT
expires
Thu, 09 May 2024 08:50:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-102456694-1&cid=1234105094.1683708618&jid=944284571&_u=IADAAEAAAAAAACAAI~&z=49519458
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-102456694-1&cid=1234105094.1683708618&jid=944284571&_u=IADAAEAAAAAAACAAI~&z=49519458
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame A0DD 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 10 May 2023 08:50:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.json
ad.holmesmind.com/adserver/ Frame A0DD 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1683708618602&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.206.25.0 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-206-25-0.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 10 May 2023 08:50:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
prebid.aspx
prebid.scupio.com/recweb/ Frame A0DD 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.2903993997924461
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-181.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
032ac2738c9a3466cfeafb0692fbc1f83aab781d04602588c270f0d8a5a4f49b

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://img.scupio.com
Date
Wed, 10 May 2023 08:50:18 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
cdb
bidder.criteo.com/ Frame A0DD 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=39811803736
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
header
hb.aralego.com/ Frame A0DD 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=f885f6a6-f353-427e-bf1f-826b40f413d8&u=https%3A%2F%2Freurl.cc%2Fo0kM9q&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=0c73e779-8498-4002-b3f2-bd8391e60e7d&w=300&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Hagerstown, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 10 May 2023 08:50:18 GMT
access-control-allow-credentials
true
connection
close
prebid.json
ad.holmesmind.com/adserver/ Frame 6A3C 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1683708618616&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.206.25.0 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-206-25-0.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 10 May 2023 08:50:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 6A3C 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 10 May 2023 08:50:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 6A3C 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=54536558852
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
header
hb.aralego.com/ Frame 6A3C 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=f885f6a6-f353-427e-bf1f-826b40f413d8&u=https%3A%2F%2Freurl.cc%2Fo0kM9q&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=52230688-8b28-48c5-9e69-45a390182914&w=970&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Hagerstown, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 10 May 2023 08:50:19 GMT
access-control-allow-credentials
true
connection
close
prebid.aspx
prebid.scupio.com/recweb/ Frame 6A3C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7517659934677858
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-181.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
2f14a0de8294143517f64c5df008140880202baed6e5fee89f7e50b528f92b68

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://img.scupio.com
Date
Wed, 10 May 2023 08:50:18 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 1C1D 		573 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/B30YN55-3KR.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/B30YN55-3KR.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
zZMJrl97IK93nu2XkSwBBU8SPXZa+Qa5covv/N29ZvhfDmJgSCoSq4u2E1YtJkcZMhB9AZBYAaz4MkYDazwa8A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 02 May 2024 03:19:54 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 1C1D 		0
0
/
www.facebook.com/platform/plugin/page/logging/ Frame 1C1D 		907 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yU/l/de_DE/uj3zh_ISVZm.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
51646fc33f9da007610a2064f0668034b80e3b7c25dbdd74f1d5c5da5ee55a96
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
ZFJvwWXVSFPMxRIa1AjKSN
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
198387
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 10 May 2023 08:50:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
cB3tcnHIKyqLQP8KODlNY2V+XWfW9s5x5/cx0kvsKsk/4lZlMOXQl8SUoZyu1M0C4d/o96teK8eL5059r/nPfA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 1C1D 		907 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yU/l/de_DE/uj3zh_ISVZm.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e0f15e25c33e40deccdfea8bcb423ba48b4bee5825ce90f463f35800f2200101
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
ZFJvwWXVSFPMxRIa1AjKSN
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
198387
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 10 May 2023 08:50:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
pgsUB+xB3oNQLDzNv4C7paadv7PPDzET6vIY+mEuaF6KtYIQgc7mkuFqovay7CAAdOJcnKnq5pqb031SYAK+5Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 1C1D 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
x-fb-rlafr
0
x-fb-debug
McXdAga4K1FUU140D3w8/ULw8pLEHvHzRfM0N5BgRkxHcEgt2xSFteXBKTNmrdYKVdCub9Ez1vDhJLf4mXN5+w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 07 May 2024 23:49:58 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 1C1D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/B30YN55-3KR.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/B30YN55-3KR.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
x-fb-rlafr
0
x-fb-debug
hH7L7KdpVe59z6N4UqturRSj25kbSj3JxZ4XYOvxJsZGwPyvkfJl9i4YAUQWGdV4REtw8OVjjEsrCZT8gI4i1Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 02 May 2024 01:15:55 GMT
VXqFzYiAEfe.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame 1C1D 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/VXqFzYiAEfe.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/0QRa9Kk4Ubi.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
48d6839e3e3304dff530f2cb7e70764108aa6db49f20c5c7cec01e8fda7dd6c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
JjbNLAUXW5+Pd2hidsozng==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3843
x-fb-rlafr
0
x-fb-debug
ili5vNOT9DTDMrDzq1GBheSmnvWFhUr91X2KJqG/thm8a5W9qV5kL/kx0N2NUwKKFFQYK3xCDItG2qdjvHWHWQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Mon, 06 May 2024 16:26:37 GMT
kfum9CaiBLN.js
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ Frame 1C1D 		335 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/kfum9CaiBLN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/0QRa9Kk4Ubi.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c363d8d02bbcf937db6da67eb083cb6bbbd416255901f974b2c5d59c0e6e1eeb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kIyFR0uw2Apmc64G7ccJ1Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74074
x-fb-rlafr
0
x-fb-debug
IXLlEWtgahmEskqnQJ/VgR+O31f6mLHyMlON2A25JsbhTnD4BNuiiwrYDOWeQpGj6BSUtbu+ubKFdxDzk1JJSg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 04 May 2024 04:56:39 GMT
BqEjD1dj1pL.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 1C1D 		840 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/0QRa9Kk4Ubi.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uknKQ5sJ+8vBWLiIBWWBIg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
356
x-fb-rlafr
0
x-fb-debug
Yq0DjuhdQRM9X4ZkQfxJoFQqunM/k8c4Ro3PRCGmtOhFmQ61sc01ih4XMvqecEJdy0oCsI1LBCw5f7Ej9uTdUg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Wed, 08 May 2024 18:59:49 GMT
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 1C1D 		198 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/0QRa9Kk4Ubi.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:19 GMT
x-content-type-options
nosniff
content-md5
gixzAcHA/hBBjzjO9Ez8tQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
198
x-fb-rlafr
0
x-fb-debug
jEJG8p6t6w6HbXD6O3EvFuu80r3HIPovUwJ7TdPNZL/GQ++WRbzyMMa+EWPC3cqPLOyhwuWpg1X5ZycPHB43gg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Tue, 07 May 2024 15:51:50 GMT
/
www.facebook.com/login/ Frame 1C1D 		0
0
/
www.facebook.com/login/ Frame 1C1D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/0QRa9Kk4Ubi.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 May 2023 08:50:19 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
4mrABfM67LRIVOAaojLnwHB5/aCfWgSinf8+vSA7Htjqj+FSRCp7SJAZCV3l5njxV/j2IX9MOX/St1gJnTEHxg==
x-frame-options
DENY
x-xss-protection
0
111.jpg
mma.prnasia.com/media2/2073701/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/2073701/111.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:fd04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e959f828018ed0f6df736ef5c5147b20c58ecf9bf998d92eec52db498604a03a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:19 GMT
cf-cache-status
MISS
x-powered-by
ASP.NET
server-timing
intid;desc=2629250990fa115d
content-length
37285
last-modified
Wed, 10 May 2023 08:47:51 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
7c50ef153f6518b7-FRA
access-control-allow-headers
Content-Type
expires
Wed, 10 May 2023 08:47:52 GMT
1683355371-86a0c015a6694004620b20a4fc4835cc-840x525.jpg
img.gbyhn.com.tw/2022/05/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2022/05/1683355371-86a0c015a6694004620b20a4fc4835cc-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b390cf9c148f7e972f84f636f87848422051b694d25b4fa0f3c5c09e09b95a4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14249
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
99503
last-modified
Sat, 06 May 2023 06:42:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCiyAdhVKM5ffO1R6EenIKUCKllYk8MGeI7%2FZhfCsJmWQkRqF6C78ul8zRlp%2BZjSjdx04p2coHN3j0jSEKYvUTt9CpKjm%2F1O089%2FnmPQAhu5%2By%2FohfyBHipJobb0EHOlAznwsJVVQYTrBap0nobT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7c50ef152c472c3d-FRA
expires
Sat, 13 May 2023 06:43:53 GMT
renews-title1.png
re-news.tw/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.136.122 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
122.136.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:19 GMT
last-modified
Sun, 28 Nov 2021 04:19:19 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"61a30347-5fad"
content-length
24493
content-type
image/png
%E5%AF%8C%E9%82%A6-Costco-%E8%81%AF%E5%90%8D%E5%8D%A1%E4%BB%8B%E7%B4%B9-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/02/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2023/02/%E5%AF%8C%E9%82%A6-Costco-%E8%81%AF%E5%90%8D%E5%8D%A1%E4%BB%8B%E7%B4%B9-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.135 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c6b59ebd31ff100d883cffbd16b2ee8a0ab2263c3e2372f2a5a8dcbc824f9a44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
2.hhn _atomic_ams BYPASS
content-length
65406
x-nc
HIT bur 7
last-modified
Mon, 06 Feb 2023 06:48:21 GMT
server
nginx
etag
"7bf5a762fad6e99c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Wed, 05 Feb 2025 18:48:21 GMT
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:19 GMT
strict-transport-security
max-age=31536000
x-ac
2.hhn _atomic_ams BYPASS
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
184823
expires
Wed, 17 May 2023 08:50:19 GMT
ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94...
www.rayskyinvest.com/wp-content/uploads/2023/03/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/2023/03/ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94%A2%E5%93%81-750x375.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.149.120.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.120.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Wed, 10 May 2023 08:50:19 GMT
expires
Wed, 08 May 2024 09:24:25 GMT
last-modified
Thu, 30 Mar 2023 16:44:53 GMT
server
nginx
etag
"6425bc85-7a08"
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
31240
x-cdn-c
all
x-sg-cdn
1
file.png
static.wixstatic.com/media/08c74d_ba3a5eb8e092499c974acd5b3e418350~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		331 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_ba3a5eb8e092499c974acd5b3e418350~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
fe3c06eeffb10add536e52ac60fb6cccc3ea545d6fa16231830de8c4630d4851

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 00:52:36 GMT
via
1.1 google
server
openresty/1.21.4.1
age
1756663
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
338711
wix-tracer
2OfW8QkBMnUPk3IAs0V2krc3XQG
x-seen-by
image-manipulator-54fd5c7947-mnr6n
1672766450-7-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/01/ 		487 KB
488 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg?fit=2560%2C1920&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
81a83ad8c65b893ec909609444e653b7e0be9395ccf59016e03284e0d1a13844
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 10 May 2023 08:50:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Jan 2023 09:08:26 GMT
server
nginx
etag
"42053212710e4c28"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2023/01/1672766450-7-scaled.jpg>; rel="canonical"
content-length
498450
expires
Wed, 08 Jan 2025 21:08:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B3D6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvLKREuNAXIxFjxfe9ESVinHAjoDzjwJgPiS85aYOutlaL8F2z-sflp3hqln3Iph9ssWuUexvLC9rolj3S0OauPXDxSSrkR3PSLaryVq_umXqWDJSSBzYPp2IIHsDLsDemZ6aYLGF_0f7wy5kGOYNThKswBO-KOy34I06YRadnq8YlMvACu7Y_r6L37_oH_pnwVQQeNjdCm6jyHnz8ysFzTwgFrZ1jJEFoTnWyk7C3DzcgHC90fDPgLlPwFM_dten5wWuIpAGdLuUz0MY2JBUTEbFDjQK5bOG_rfQyBFRon4QDtMtYSRs9fwynDNsJlUAZxva7WcQ5sIwAUvw50zP3rdo&sai=AMfl-YQ73ePqXQRowvqImIDTg6qAeILkWgjckEpYe5qL9eKxOa-3t9BGRdncEbN0lCloLT7WfSn1v19oUHjdGip6RxJCgqxIy6r3Cn7im34XawmHLF31sxtSBXDvQ2P7j3JsjJQvqNHEqnbJW_7abVfo&sig=Cg0ArKJSzO1l5R99f01HEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 May 2023 08:50:19 GMT
7942.js
cnt.trvdp.com/js/1250/ Frame B3D6 		535 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/1250/7942.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 06:34:50 GMT
via
1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 15:54:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1736130
etag
"f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
535
x-amz-cf-id
NwDIN1x_a_HUsTFZJl9pXbauA3ww1fIdMlMLHZygU6dJ73TGC3FE5Q==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B3D6 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 08:50:19 GMT
7942.js
go.trvdp.com/init/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/7942.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-50.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 06:34:50 GMT
via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 08:02:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1736130
etag
"cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5845
x-amz-cf-id
5UwbEgEdomFd06Cpw1pFQaOKc2ui5GrP-CpRI7lyQJQ5AG2V9slAyQ==
truncated
/ Frame B3D6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3414ea2767bf065a677b13f162601b28219f5c99040d26bb12a5717af67bdf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B3D6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucB9F48QwFOpk2Ll6dbPTB0eEDgLB16v6Xv5HYC4TsJ91KCdF8pnnG-fyPFuctx_2mP8PlLL-f3EZK4pVjR9XhufUkoYfNt6WiQ_qJx2mhbCAESNu_y2SNR6eQ-giUq7kWlDowR7c-a_LzViFshCgKNsIqXjN-CtUNhxwG4CPblb80pDauV1uldXNDgUZyaqO4WC3y4FgUCWEbUDoQDiW7T76x4ufoCp4OwmAHqJiTWETbZ9cpRq6c7TAyte7hAuCrrFffkNfobZAnvagqLV6gHYZQQ_Uzg7xxeYZi6ocynkzKtRmb6wX4cK_5jhmd2RHcpXf2S4AxaiqqAajhLVhNW820pQ&sai=AMfl-YRCRPdgrqZ1vNX3D1RGgEechP-W_DrXsHFzqSci0ZY8idnJp5apdKVSJdOQnodKGUdd7HalK6e-yOEBWBWRPb9I-29kppaCqmw9IZvZshv-Xt35Ye4mwgXATNEq-3cptmxWXPkmLGiDM5CcjjGb&sig=Cg0ArKJSzEeDtBCoSYKsEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 May 2023 08:50:19 GMT
p.php
stg.truvidplayer.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=5217.210122976854&pid=5434&url=https%3A%2F%2Freurl.cc%2Fo0kM9q
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-89.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
19b5717520dca15d78eab5b157ebc21a9c4fa01fcaf81de1fc47368691be4743

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:19 GMT
content-encoding
gzip
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
dyBLRsvEkYQCYpvmSkZSwUvPzwxrlgNTs8di0jRGmEF5nV911O35Gw==
float.js
s.trvdp.com/scripts/v5.802/ 		466 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.802/float.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86df418d759487f91b379ac929723336e45cf28b31395bb383bc4439b2150125

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 16:43:27 GMT
content-encoding
gzip
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 13:09:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
1699613
etag
W/"bc1129a1d65d16ce761ff5637cdc8f53"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
gQW-SdgGSh79zKSG7EagFLQaynzRmq_Rw9c2jRr5c9jddPUrQG25lQ==
cors
rt.ad-score.com/score/ 		52 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=DE&l4=desktop&l5=5.802&cb=0.9471296740746551
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/float.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
174.216.208.35.bc.googleusercontent.com
Software
/
Resource Hash
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 May 2023 08:50:19 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://reurl.cc
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
52
/
t.ssp.hinet.net/ 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
ce8384b626fbf122bbea4c0a4b10efac44a5dc37747bfa1dabb1902b3421d377
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
rec.js
img.scupio.com/js/ Frame 6EC2
Redirect Chain
  • https://rec.scupio.com/recweb/js/rec.js
  • https://img.scupio.com/js/rec.js
21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/rec.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H2
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
date
Wed, 10 May 2023 08:47:14 GMT
last-modified
Tue, 27 Dec 2022 03:54:11 GMT
server
nginx/1.15.2
x-amz-cf-pop
FRA60-P3
age
186
etag
W/"63aa6c63-54dc"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=10800
x-amz-cf-id
pFk5WgI2OsUQCaYN4IKgFe9A_Dk2RbEshlYnTu2jXuM7UCSIjld5UQ==
expires
Wed, 10 May 2023 11:47:14 GMT

Redirect headers

Location
https://img.scupio.com/js/rec.js
Date
Wed, 10 May 2023 08:50:20 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
155
Content-Type
text/html; charset=UTF-8
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 6A3C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.6820377467559564
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-97.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
fa3dbcafc6697c7220329a5fbf7769030b593bb42f70edc4ef844cc0edfa688d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 10 May 2023 08:50:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1474
truncated
/ Frame 6A3C 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
rec.js
img.scupio.com/js/ Frame 239B
Redirect Chain
  • https://rec.scupio.com/recweb/js/rec.js
  • https://img.scupio.com/js/rec.js
21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/rec.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H2
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
date
Wed, 10 May 2023 08:47:14 GMT
last-modified
Tue, 27 Dec 2022 03:54:11 GMT
server
nginx/1.15.2
x-amz-cf-pop
FRA60-P3
age
186
etag
W/"63aa6c63-54dc"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=10800
x-amz-cf-id
B8qqxFsMRqxxdXgV8BEnradjbgvOg5sUnL2Iu4mioHZy6b5q05j3tg==
expires
Wed, 10 May 2023 11:47:14 GMT

Redirect headers

Location
https://img.scupio.com/js/rec.js
Date
Wed, 10 May 2023 08:50:20 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
155
Content-Type
text/html; charset=UTF-8
bidinfo.aspx
bw.scupio.com/adpinline/ Frame A0DD 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.7124535486107411
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
203.69.60.97 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-97.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
da4dbce9f2433beef02f55a779004ac1f1bc8ed34d2557707fe77c7f6f6f64f7

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 10 May 2023 08:50:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1476
truncated
/ Frame A0DD 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
emome2
t.ssp.hinet.net/ 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=a917f705-b084-40be-a0db-967899e73ffa
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
activeview
pagead2.googlesyndication.com/pcs/ Frame B3D6 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3UyomV_hi7POHGe9BYHaM2Lii4gyaMer0aIlfL58YCGkvx6-v89tr96QMeLlLX4aIILn8ulG9xmCG-PvRJ3kIEaCUiGLrY5DXJ2v2bkD02kwwDTpI&sig=Cg0ArKJSzCtv0qLLj8Z8EAE&id=lidar2&mcvt=1000&p=1181,1599,1182,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230508&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683708619056&rpt=201&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame A0DD 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 May 2023 08:50:20 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 6A3C 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 May 2023 08:50:20 GMT
cm
t.ssp.hinet.net/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=a917f705-b084-40be-a0db-967899e73ffa
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
a917f705-b084-40be-a0db-967899e73ffa.t.ssp.hinet.net/ 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a917f705-b084-40be-a0db-967899e73ffa.t.ssp.hinet.net/pixel?bd=a917f705-b084-40be-a0db-967899e73ffa&t=a546ca&referrer=%25%25%20referrer%20%25%25
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
syncframe
gum.criteo.com/ Frame 0043 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 08:50:19 GMT
server
Kestrel
server-processing-duration-in-ticks
427112
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame A0DD 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 May 2023 08:50:20 GMT
syncframe
gum.criteo.com/ Frame 0725 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 08:50:19 GMT
server
Kestrel
server-processing-duration-in-ticks
489723
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 6A3C 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 May 2023 08:50:20 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304262219000/ Frame 53BB 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
135594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"ccf36922213b3ec5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 53BB 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
135594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"4fd619331b8f64df"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 53BB 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
135594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"6451d33588c99856"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 53BB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
135594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"83933b769a9f5701"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 53BB 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
135594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12938
x-xss-protection
0
server
sffe
etag
"3f9bab308b30f46e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
css
fonts.googleapis.com/ Frame 53BB 		4 KB
908 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 08:31:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 08:50:20 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 53BB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 08:58:43 GMT
x-content-type-options
nosniff
server
cafe
age
85897
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Wed, 10 May 2023 08:58:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 53BB 		344 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
69310
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 10 May 2023 13:35:10 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 53BB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-VZGylpbZOKgMtOX7_UPpoeNqALhxfjObvzPnuuqC-_V8I7pIBABINLMgRpglfqXgqwHoAHIsanNA8gBCeACAKgDAcgDCqoE7AFP0CCjPxgMF0PGM0-qgXI3jacVeOqOp4eyTTrlqqR6PuliJSL5BMJNaqihkKGlQMI1itqtC_73lOnYtoS4tE4bPowUqnmnKRoxBHmmFTU_1Kt8fv4iiA7r4xNagUtHYeuXleOsSEh8dVPQuSxQDxnPKQsiT3vjT3cqfgt1DTb3tIMvlOZ2pz7VLFM9W6gPBcnI-UH212KXrBeWELc24KJY3WfGpLodCUT5HByUCjsiv-YfQWzviZzzb2o2Y-TOfHsHTcjUHUS0npM9uZQpS3_W0izKtFK9gq8NNpXMSY-xbgqsLMgNGxI5VNWn4MAEnt3huOoB4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-Tq4jWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDmtQ3SCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBuBPkA9gTDIgUDdAVAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=Y_YITmWxZsg&uach_m=[UACH]&cid=CAQSSwBygQiD2ehiYFCCwZYR_ZI7JhbQOP_R7rMjePljIF4DyS_CTRGFtPOywSc7gqRQdw-9EjUOjGtaVahQrSe33zEne-eMoc32PaEaahgB&template_id=484
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame C3F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkTLHVGYSXo5_te3-L_7quhgtj0KHOxt7v4yrskgVFicQX1CMlDAa-2pHTvnJEk7HtKV7k5Z7tu2RmAo5fNoXlgH5eVOFxMVyX9RxUsf0dOC0m-Uhf4sd88OZdJi2EyOGOdofour6-_W6qoeVEPLL2f5ocV41dzGXJSzg8QTMlfPstzadyOAjL-gK2Cvjl_KURjKcM0aylG0llyxmRhuwg7wIlhVriObTtQ2KZ4VN3AdXH8hIbWsa9drP3MWCaUM5Ck9Ph828SUMqq-w7gz9WU6m4Jdhdcjk2yALleHfHjskLF-oK__CBlCCh8srFlUCkGGuqNGWabiYxof-cSTU4dVAc9TXh6&sai=AMfl-YS1qZ0GHKe_xCIlCYaPjIUrnh2P_fwJlpTdnvntReN7fQMcXCDimob6g7fE8dHxF2k7V_Xm-e-w_yaTtD1TO9FVlxV6ByHLuDYJJBtNWkJKvrlAmEzEahnZLGkAbINKnPkU9D3ZDXMxUcKd-U0&sig=Cg0ArKJSzH4VScnM6HnKEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame C3F7 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
Z6JK.Gb8ir05GRaM1kobvmatThcknVQQ
date
Wed, 10 May 2023 08:49:25 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:56 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
56
x-amz-server-side-encryption
AES256
etag
"6c37b2eb5706a6225b62a75a80493f4a"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17750
x-amz-cf-id
KagTVFs_RKLU7uJFNw-k-3azNupQ9W-fJ1SpVz6pWGdgha_Rni1SqQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C3F7 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 08:50:20 GMT
truncated
/ Frame C3F7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1ab6b09ba601f19aa8b8a7902e4252158e7c938c3f09163079e026600c87128

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4D14 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_RLdWOnw_r09rRIuWLzoWFCpkqM_H9NugtcuaGaYjzHT4QV2eZmXUMu78OphXpESGXYfZWk6g0NJ84fF40phEZLehvD6WJRz7nHoONJQQdZLRknZtOOBWLW8iz2PcRkn6vuujUDwKCOcOjaoRjdi7dIw4riV4rUNsC896PtotSy_pL0PN755Kvfu08FWqEETJJtPAbsToP8vJkI4K2hozq5U6k45jAdntRvGYnvQJ6viDPfOL5vgHK4lryWCmvEPISNVEf9ZdXerBo3SCjKOOEFDNVxUgwNgiiySXyTGm2Wj8q0kF5fQyfMhSD6O2Mhms0ToxIYRjf43zdkO9XuuxE86hFmq8&sai=AMfl-YT42JWbVG08OYDkdEmi8QHr8oJujHQpIxTd4jC5bJQ22OXibeIoPJ6WDxHxZXx5wJ3xdIQjHITX8ViEg7eYkuuPicMD5umnOhB3eOc_Izf2bLIDKZ3QMKjurLBdEgEWecjGopdrx5OLLf1nm00&sig=Cg0ArKJSzExvYXhsL4CwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 4D14 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
Z6JK.Gb8ir05GRaM1kobvmatThcknVQQ
date
Wed, 10 May 2023 08:49:25 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:56 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
56
x-amz-server-side-encryption
AES256
etag
"6c37b2eb5706a6225b62a75a80493f4a"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17750
x-amz-cf-id
LMpMahZ3gKsm_FCWBPQpoB3U63OnWbhQ-jv1WjUZ_Vd3q5moJ0wEoA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4D14 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 08:50:20 GMT
truncated
/ Frame 4D14 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa205af677ac592a53862b9c2326e6d4c9710039f646487dd54c354e2f98952c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 537F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZSLHM8k0FQBFhtY3qVC9f3K717A3eL5ZL0Av2XMxwPBMi5ku5vjTtOvrN1SLQAeXXzbTIXS6DFQg5iq_djwGtFiOAOC9ld1FSt-V1ampIqYnRZHWeT18xWFJX3oVJfl793Ljk1F10Mk_o7ri4SiPz_gkHivYG5jNUmj9-m67qnrDp1OQzshgK25cfLkc_YGWf3hHTcYReMFjjJD1cyRVjqq78U9qZAu4ibwYaOHff_21SIYyufq1oGSGEfP5QYBQzax8j_C0yYnnJVZeJmV1nKO_ddyHXjLlbDdfbmqbYtEI7EH7MQLArHjYkpq3TND5SDbfMCZ46YoswXoq9ZR_ncBqggT2q&sai=AMfl-YTVGt0AxOx04DJ_ezgK-h-T_d1rsLi836y-quc_OSnpPX1NT0LhVOGoDs5IHRNWrKeEVwOsJUVywYxwZc56QtsI62md1VR0R8yPcpht1kYNwNF7bXmC-Rw5RJID9aBBj2DJ41uOxC0K7GbMaA4&sig=Cg0ArKJSzHI-Lfp1AexMEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 537F 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
Z6JK.Gb8ir05GRaM1kobvmatThcknVQQ
date
Wed, 10 May 2023 08:49:25 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:56 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
56
x-amz-server-side-encryption
AES256
etag
"6c37b2eb5706a6225b62a75a80493f4a"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17750
x-amz-cf-id
KfODTFvhbXehK4JiaeaC_s4ciV4XAifHQm1C_RJxn1lZ7_IsUPv8wA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 537F 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js?cb=31074454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 08:50:20 GMT
truncated
/ Frame 537F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4970577cf117b038931112e0e6b702395dc14b5bec9d93729fde89d17667e97d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/png
14763004658117789537
tpc.googlesyndication.com/simgad/6528039975527766319/ Frame 53BB 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6528039975527766319/14763004658117789537?w=195&h=102
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
626ca6a5c8ffad1c09b52f1e27959674cbe23c9cf526e180e5115558c9b5e2b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Mon, 08 May 2023 07:07:38 GMT
x-content-type-options
nosniff
age
178962
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3951
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 15:56:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 07 May 2024 07:07:38 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/14300888837360146752/ Frame 53BB 		1000 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14300888837360146752/14763004658117789537?w=100&h=100
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0c3b85d2174280ee750bcd7e490a38b68338a14daad6bedada0d42e03461c87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Mon, 08 May 2023 07:00:19 GMT
x-content-type-options
nosniff
age
179401
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1000
x-xss-protection
0
last-modified
Sun, 26 Jun 2022 15:36:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 07 May 2024 07:00:19 GMT
truncated
/ Frame 53BB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c52f9af250bad11669abb45bbceb8087afd5d74b900f141ab275d0e2a68b4f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 53BB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Sat, 06 May 2023 17:04:15 GMT
x-content-type-options
nosniff
age
315965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 17:04:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 53BB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Fri, 05 May 2023 02:06:17 GMT
x-content-type-options
nosniff
age
456243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 May 2024 02:06:17 GMT
sid
mug.criteo.com/ Frame 0043
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=l9K__HxxZ1Z6dW5tOWRLRFRnUXJCZ0tJTlBURnhaV1hLVlJaRkhqSXpYVDBxeWlWaGJuNHJ6SGdjTTRmeDJucFB6R2lvdVZOTmxpYW15NG54RkRjYk1vT2NGSUIxb3RnM05IRDZ3RjdUczBIZFhyeFlyb1IvUXV2RThTOW...
422 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=l9K__HxxZ1Z6dW5tOWRLRFRnUXJCZ0tJTlBURnhaV1hLVlJaRkhqSXpYVDBxeWlWaGJuNHJ6SGdjTTRmeDJucFB6R2lvdVZOTmxpYW15NG54RkRjYk1vT2NGSUIxb3RnM05IRDZ3RjdUczBIZFhyeFlyb1IvUXV2RThTOWNVUExURDBodGpHcVNmNU51b2hYalo2YzhxemVheXdFMndwQTIyRFBtTEZRWDhCY2ZpR1lodVByQ0VGMTlPUmNpSGFuZWhJTmdESkhBV2pvblQzZHRoTFhyc05VbW05ejBiazU4VkpnTlZPQy9Id2hDODdoKytBSXg3K05KM0lVaTZMVzVKYVNwVk04Yi8xOU9YR3NNTjVkZkJqZDZFUFQzb3dtS3NNZHZnU3lUUG9sMzg5RT18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1ae126c4d0b642d6408e2fe2987ae44530739be7afd592de717330826359dd05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1167977
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=l9K__HxxZ1Z6dW5tOWRLRFRnUXJCZ0tJTlBURnhaV1hLVlJaRkhqSXpYVDBxeWlWaGJuNHJ6SGdjTTRmeDJucFB6R2lvdVZOTmxpYW15NG54RkRjYk1vT2NGSUIxb3RnM05IRDZ3RjdUczBIZFhyeFlyb1IvUXV2RThTOWNVUExURDBodGpHcVNmNU51b2hYalo2YzhxemVheXdFMndwQTIyRFBtTEZRWDhCY2ZpR1lodVByQ0VGMTlPUmNpSGFuZWhJTmdESkhBV2pvblQzZHRoTFhyc05VbW05ejBiazU4VkpnTlZPQy9Id2hDODdoKytBSXg3K05KM0lVaTZMVzVKYVNwVk04Yi8xOU9YR3NNTjVkZkJqZDZFUFQzb3dtS3NNZHZnU3lUUG9sMzg5RT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
353525
content-length
0
expires
0
sid
mug.criteo.com/ Frame 0725
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=grPvMXxCK2lUMnBVd1g4YXdSMldVcG9Ld1E3Z2JKN2hpdEVIZHF1YlVrOE1iN1l2cXlvUTI5Mm5LbjJ2bHlFNHhmRkxLRW9WZS9ReTdQODRTNjc4QkJJZTh1SFpac1U3Z3F2YUhhNndOY2lDMHpvcFEzYnpIT1JwOG84OG...
447 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=grPvMXxCK2lUMnBVd1g4YXdSMldVcG9Ld1E3Z2JKN2hpdEVIZHF1YlVrOE1iN1l2cXlvUTI5Mm5LbjJ2bHlFNHhmRkxLRW9WZS9ReTdQODRTNjc4QkJJZTh1SFpac1U3Z3F2YUhhNndOY2lDMHpvcFEzYnpIT1JwOG84OGZzSXBJUFdBN0xEd1dmQUQ0Q2RXcDRRTWVybVYvNVQzSXVubmdzU1hvRmpqMEszVThRLzBrVnVMT3hZRzd2UjE0VHBraFhxLzFCMDRvMVMxTlpnZTJVRWU5VTdmbUl1MFlYeWxJRWIzMngvNkpIWTVHTDhsRUM4ZXhtQTJZWGZLeTBuUGZ2cnFCbXlOeDB4N0d5RGhVQUl1c3lFZVRUS010dTJsTy9YS3BEN3pEZUswRW0ybz18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
25d4af745432f8e083a866ab91fdea004f4fa647c62720c5a9ccad702d5b297c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1113249
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=grPvMXxCK2lUMnBVd1g4YXdSMldVcG9Ld1E3Z2JKN2hpdEVIZHF1YlVrOE1iN1l2cXlvUTI5Mm5LbjJ2bHlFNHhmRkxLRW9WZS9ReTdQODRTNjc4QkJJZTh1SFpac1U3Z3F2YUhhNndOY2lDMHpvcFEzYnpIT1JwOG84OGZzSXBJUFdBN0xEd1dmQUQ0Q2RXcDRRTWVybVYvNVQzSXVubmdzU1hvRmpqMEszVThRLzBrVnVMT3hZRzd2UjE0VHBraFhxLzFCMDRvMVMxTlpnZTJVRWU5VTdmbUl1MFlYeWxJRWIzMngvNkpIWTVHTDhsRUM4ZXhtQTJZWGZLeTBuUGZ2cnFCbXlOeDB4N0d5RGhVQUl1c3lFZVRUS010dTJsTy9YS3BEN3pEZUswRW0ybz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
336831
content-length
0
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4D14 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFBWnVSCEGYY0Pw0vWtEhvSC6Z3yi5i4eEVRILgSu7UetUMUEhAVp9spXkt0AUWpafdiJgGXGN8U2x63LI-MKVQBmMBzPlV42C4bVUeEuaP1BsKfbUwzxiOTu2BIoJlMBMr3f7Lm0_0aFAWS9r6lp98TM-g_51Xxp2sWf_DGVLy8wWaMsEdNLv9Gu_3fCtQe2EEshUEM1LiZx32hk19l-C7LhfhD7vz--40_KhgcTevxGNc6qkyFitiX3apAGz9XiL9cna-A-x1w-Mc2BdW24E32iNg6lR3tX5GEVc_YLE1lllfVUqN7fl0F_AFXXK59gbm5C57Wq1JhtmWXQbT30rgYdPoRvdbtM&sai=AMfl-YQnBe-hEQeJXjJcsNt379wwycCXehTNtyinDzwALVuszScK-TKgOK7vBGk4-lmReNCFeHzToKuRfq9StfxdfX80e1CrYCaoYNlAaauBGJtTQ0zyvLubMpFBoWzai755hr8BHb0JoSBGb4TwJgo&sig=Cg0ArKJSzCK4TBlKtkY5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 May 2023 08:50:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C3F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSCPWv0j95jNZroD-XVJpScNuAubTYhaYzIMF4XAgGgy-kf3CswOsOBuLYPeGuht686dLQpzGrOtaj1-utIywBMADWBXM7zEv8kOyU_ElQ_oMseM8q7e0Wd3ZSCAKOwRV-6CtLzf_9yF3N2pmRt9V5PB2zVLVJUPhd2rRDZzupi4-_1EaGP-eKFjb8WOaJ-DpRpqawepzztdEav6mfutRHg3tIokKq3jO2m771eal6P3WRLx9INCDpUW-zL0KbjiUfWT4Z25eJ-UGizf7Ekxn_SSxvq-FErgdXbtMkllVs26k3gDxEoFBWyHhjYKUOoI4cz6R1aD6HLxBixDsI0j77DX_FfKVI9rQ&sai=AMfl-YRI0rncu7muN74qXRGCpNAr1HOpFPaQgfXlwesCh-SPYVN8CEWj5D5_ENo9iyHEYdwd5gwqpQt0MNeVR2k-K7-2HYAVf0a4QFonx_bZGdz8JaZUWHwIh4yYSaZYSc_5nbS_x2dCb362YSGSJGk&sig=Cg0ArKJSzIWxBtHyF1veEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 May 2023 08:50:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 537F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqMPbrnyxEzhrO6YUyhKQbyb1-FcF_waRFL98lOTjaVYpqTbdRDJbgpl_yCLjgdBdxvhnJyds6Ic1Gp_vjG2fjHJrFOPUh5ngYgNOvLn4_Kxe2z82DNADMQzatAh3KOp_vobAGYrsh8q8vnXlXWmGIPWzYSCgltva2Ge8kkeKVW7zKMspivpNPIIz19Z4NPu5_wfFHHo7bjVdiGihdzgvtPnqZH0n4xk8sxyerlx-ChlK_kPXDUBrRdrW4HeJsnROUc1xYYgD3RUR_QoidiDzYpq2JOonmxwUQ7ZfbHjk1JNsTfDg-Pe0c4INXHJpCr3L9slrnH-w6kDuubA7TTAkUwNcjb20osmk&sai=AMfl-YR4X_be3L3-WNQd1_6JCNNFeWWxsuaxQyqVJjlEIyEZjFtqc7yQRElX-76v9Yiry5xJ_jKpWcKmwnWDiGzp5FC0Qfcz8Zmgdb6NSaPgYx7edJubb7a8MRfZ7CApk8fu-RzfRoHRHfxfjW3Cdbc&sig=Cg0ArKJSzKmgNUTfJV5BEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 May 2023 08:50:20 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 53BB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 08:58:43 GMT
x-content-type-options
nosniff
server
cafe
age
85897
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Wed, 10 May 2023 08:58:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 53BB 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
69310
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 10 May 2023 13:35:10 GMT
create
referer-log.holmesmind.com/api/v1/kinesis/ Frame C3F7 		51 B
260 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=13856&domain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.3.36 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-3-36.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1bfc2e2068ee2ce434a9273fee1accffeeacdad69ce3c220d9daa5fbed639a62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
capmapping.htm
cdn.holmesmind.com/js/ Frame D8A0 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
55
content-length
7381
content-type
text/html
date
Wed, 10 May 2023 08:49:26 GMT
etag
"7043648f76be8783efb738bc06c56fa0"
last-modified
Wed, 10 May 2023 07:01:07 GMT
server
AmazonS3
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
x-amz-cf-id
4u9zqgzpNOkLACqkYtHEVCgu_k_wy-6HrdY7tToZcW8ewDegW8A7bA==
x-amz-cf-pop
MAD56-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
HXPbK6ZTC0ohJrHB2mH8ElwnG9w_HBxK
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame C3F7 		662 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
SMVwftsa.JeDPSic4.4eIPk08t9H3JlQ
date
Wed, 10 May 2023 08:49:26 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:43 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
55
x-amz-server-side-encryption
AES256
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
5p4gPIDhv2wqaRhEeSNtMMXrhOeHdpGcAQrCktJcnxekA5NGp4xPUA==
presetfn.js
cdn.holmesmind.com/js/ Frame 044A 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
M75PhCgr4v11XCDgTBz2oJre7BG6fUhW
date
Wed, 10 May 2023 08:50:20 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:54 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
8
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
1rIMKthPIJJ1L6Do6a6brH7nJQbxI_x2vQCkDc1lg9fCTk_SBaPJrg==
create
referer-log.holmesmind.com/api/v1/kinesis/ Frame 4D14 		51 B
260 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=14210&domain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.3.36 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-3-36.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9e1de442462626bb4aca6238038502b12d2a55b007d35fa49cef6eaa5698e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
capmapping.htm
cdn.holmesmind.com/js/ Frame 8251 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
55
content-length
7381
content-type
text/html
date
Wed, 10 May 2023 08:49:26 GMT
etag
"7043648f76be8783efb738bc06c56fa0"
last-modified
Wed, 10 May 2023 07:01:07 GMT
server
AmazonS3
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
x-amz-cf-id
t2OcUehPC5urf1nrHNk3zYJ59VRn_nvk0DFQcEFyFHfSTr2HVf911w==
x-amz-cf-pop
MAD56-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
HXPbK6ZTC0ohJrHB2mH8ElwnG9w_HBxK
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 4D14 		662 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
SMVwftsa.JeDPSic4.4eIPk08t9H3JlQ
date
Wed, 10 May 2023 08:49:26 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:43 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
55
x-amz-server-side-encryption
AES256
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
iGoY4ak9pG7RKmhIWmkut-u7EH_IefrFOi3XkLjpXzOVUq7o7QouPA==
presetfn.js
cdn.holmesmind.com/js/ Frame 61DC 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
M75PhCgr4v11XCDgTBz2oJre7BG6fUhW
date
Wed, 10 May 2023 08:50:20 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:54 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
8
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
qOb2f5sanNG3-1Qgs_PoRn-1U0O1t6a8_fgPGTukKeiWmhj6aYQQXw==
create
referer-log.holmesmind.com/api/v1/kinesis/ Frame 537F 		51 B
261 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=14209&domain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.3.36 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-3-36.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ce6009784549f23bc40aad1f3d36249eaea5ec40bda20b7d6fde9d991ec5d3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
capmapping.htm
cdn.holmesmind.com/js/ Frame B4D2 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
55
content-length
7381
content-type
text/html
date
Wed, 10 May 2023 08:49:26 GMT
etag
"7043648f76be8783efb738bc06c56fa0"
last-modified
Wed, 10 May 2023 07:01:07 GMT
server
AmazonS3
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
x-amz-cf-id
CkMSdklnUNF4wyyOD3JiY99c_xt8tW-vKiL2t6CukcJj7dKeydvb1A==
x-amz-cf-pop
MAD56-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
HXPbK6ZTC0ohJrHB2mH8ElwnG9w_HBxK
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 537F 		662 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
SMVwftsa.JeDPSic4.4eIPk08t9H3JlQ
date
Wed, 10 May 2023 08:49:26 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:43 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
55
x-amz-server-side-encryption
AES256
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
38GxnKgDBwBYAWBPf_WmNdVh4Guk1hISZ_vm5eEdfmjKeJvZUb74vw==
presetfn.js
cdn.holmesmind.com/js/ Frame 9159 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
M75PhCgr4v11XCDgTBz2oJre7BG6fUhW
date
Wed, 10 May 2023 08:50:20 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:54 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
8
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
Y5Vi5MB9bivtCss4EzQ_9_f3g0SP0CCH7M38GpdCkG-z5r-FmmOvzA==
fp
cm-dev-poc.holmesmind.com/ Frame A985 		0
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.80.88 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-80-88.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 10 May 2023 08:50:21 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 5A1A 		0
0
utag.js
t.ssp.hinet.net/ Frame D8A0 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 10 May 2023 09:00:21 GMT
cm
c.holmesmind.com/ Frame D8A0
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame D8A0 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.80.88 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-80-88.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 8251
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame 8251 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.80.88 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-80-88.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame 3A85 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.80.88 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-80-88.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 10 May 2023 08:50:21 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 7100 		39 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Wed, 10 May 2023 08:50:21 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 8251 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 10 May 2023 09:00:21 GMT
cm
c.holmesmind.com/ Frame B4D2
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame B4D2 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.80.88 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-80-88.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame EC69 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.80.88 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-80-88.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 10 May 2023 08:50:21 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame DE9C 		0
0
utag.js
t.ssp.hinet.net/ Frame B4D2 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 10 May 2023 09:00:21 GMT
ls.html
img.scupio.com/html/ Frame B9FA 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
519
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 10 May 2023 08:41:40 GMT
etag
W/"583295c9-4dc"
expires
Wed, 17 May 2023 08:41:40 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.15.2
strict-transport-security
max-age=31536000
vary
Origin
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-id
cB84EIn2MYbT5uPb_smluUlQzzUKDUvFd-OplNBif8ZM0tg6qbLJAA==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame EB86
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1JBMjAyMzA1MTAxNjUwMjA5NjA5MTI%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOIXdvPM28MBJw-K_FRpaNo&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOIXdvPM28MBJw-K_FRpaNo&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
HTTP/1.1
Server
203.69.60.96 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-96.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Date
Wed, 10 May 2023 08:50:20 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOIXdvPM28MBJw-K_FRpaNo&google_cver=1&google_ula=3918219,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 2FDD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 May 2023 08:50:21 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 10 May 2023 08:50:21 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame EB86 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&if=true&ts=1683708620982&cd[SBST]=17&cd[PuID]=reurl
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 10 May 2023 08:50:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
generic
match.adsrvr.org/track/cmf/ Frame EB86
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CRA20230510165020960912
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/4c7d0136-7929-37c4-be3e-ec2f37f0e7d9?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-mxRSMOdE2oXlIvU7R9yQLw5vkNGbYXRG8XHuwZY-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 10 May 2023 08:50:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Wed, 10 May 2023 08:50:21 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame 044A 		634 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:b800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9521562582cce8c20dc4e62e619a707d5484ee08f7ae6644888bbe19637afee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:46:51 GMT
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P2
age
210
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
29M9dxWBcLyVv1vxCR2_66yIiZMLdiy4sWW8kCqEbKaYWyUrXwU_XQ==
Preset.js
adcdn.holmesmind.com/adserver/ Frame 61DC 		1 KB
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:b800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d2fcc495189430b96578537046dc018a8f35ce50167af818560d1b032c4b201

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:46:51 GMT
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P2
age
210
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
mfg60HsG5tj2dLU8ikdhRfCPF_hZRDCUh-W7xQlntWcueWmgilvFqw==
Preset.js
adcdn.holmesmind.com/adserver/ Frame 9159 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14209
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:b800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
67988687e1abdb7513a40ec60f8ed45c834949e86c1c9fa76983d00590ce0da4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:46:51 GMT
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P2
age
210
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
PFFvkZp0dJ-q_HcMiKX8OxpBv5gPmlNaAiowcn4h0OhsJKQbO9_3QA==
ads.js
ad.holmesmind.com/adserver/ Frame 044A 		2 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2Fo0kM9q&n=446&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.206.25.0 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-206-25-0.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
29bcdf32386c24501a2c009a965eb49b179eb5b3d3271d00d110bdf326e68c39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 10 May 2023 08:50:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
ads.js
ad.holmesmind.com/adserver/ Frame 9159 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2Fo0kM9q&n=499&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.206.25.0 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-206-25-0.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f5878af3044dd9236fc495c79b3e6b363d09c569bf128d5ed851bcffba1336fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 10 May 2023 08:50:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 9159 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
Q4iAtty.78dI5lavIxW3NeoATIy.Z4Gr
date
Wed, 10 May 2023 08:49:57 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:49 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
34
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
4bvSoV3AzdBoqH0YUa-UcIKENBgFusgcZjxN6sow4N1oETUShQ4f9A==
ads.js
ad.holmesmind.com/adserver/ Frame 61DC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2Fo0kM9q&n=478&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.206.25.0 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-206-25-0.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a0b22701a98fe4d430b23700f66c6f11a7f2b6befb7d44b6b3fd0f34ebbc3251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 10 May 2023 08:50:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 61DC 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
nsID8w9LNvYQ3ezqQphaLDJ_3WDD30aU
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:01:08 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
53
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
-mSCmADSPBbR_RGZuEnHqtdHBOUTdvXb4Gq02jh2BTLM0QBhDqTvCw==
publishertag.js
static.criteo.net/js/ld/ Frame 61DC 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-1e357"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 May 2023 08:50:21 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 61DC 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
OQ2kIhAZeXWLYx9SXeEEYEdcIwFfZafG
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:22 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
34
x-amz-server-side-encryption
AES256
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
_jhVvHi3lZ2AUk6g9rJz9q0MvUF-7GqRCIHRWEWyNrknwCN2k13Erw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 61DC 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
mIeWQI3nqLjG_i5OvvyTj9c7ts54AdBo
date
Wed, 10 May 2023 08:49:59 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:01:05 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
23
x-amz-server-side-encryption
AES256
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
kZBgyakeaCM0fnnCjj2lAb2sp_SXyNK849uBfguMyUPAr0eOZ5TdhQ==
appierV2.js
cdn.holmesmind.com/js/ Frame 61DC 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
564pM1dRIqUZ665lbUhICkATNACWic6z
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:01:02 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
34
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
TbVIknnQo6DWuk7wlytsWm2WL-fSMZY9fhfPalh8j7A1pc2qYkTv-g==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 61DC 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
Q4iAtty.78dI5lavIxW3NeoATIy.Z4Gr
date
Wed, 10 May 2023 08:49:57 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:49 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
34
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
p10epIMfdtffyflaaQxWNTyd62wJyY7Ad_w1CZzHbXhh2KcH5nWm4A==
usync.js
eus.rubiconproject.com/ Frame 2FDD 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
527562c5eafdba582d710aa4a87b5214e7a32a224ed12055c345e06ad4029567

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Date
Wed, 10 May 2023 08:50:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 May 2023 02:37:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64032
Connection
keep-alive
Content-Length
10020
Expires
Thu, 11 May 2023 02:37:33 GMT
khaos.jpg
token.rubiconproject.com/ Frame 2FDD 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
bid
ad2.apx.appier.net/v1/prebid/ Frame 9159
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 10 May 2023 08:50:22 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 61DC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=rdEaroHwASeSSOdDzlpbZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=rdEaroHwASeSSOdDzlpbZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 10 May 2023 08:50:22 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=rdEaroHwASeSSOdDzlpbZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame 61DC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9542603113518853
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-181.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
86930ec4b1bb739f8d41a0c0e9c923999f9a00eea544b20c9bd1ec3b1314045d

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Wed, 10 May 2023 08:50:20 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
ls.html
img.scupio.com/html/ Frame 1A69 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
520
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 10 May 2023 08:41:40 GMT
etag
W/"583295c9-4dc"
expires
Wed, 17 May 2023 08:41:40 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.15.2
strict-transport-security
max-age=31536000
vary
Origin
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-id
VEunvWeuD7fv3UXbccjh-Av1EZTswKLGa4UD9_Kn1kBHGBT1-8dGfQ==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame C310
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0dBMjAyMzA1MTAxNjUwMjA5MDcxNTU%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOIXdvPM28MBJw-K_FRpaNo&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOIXdvPM28MBJw-K_FRpaNo&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
HTTP/1.1
Server
203.69.60.96 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-96.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Date
Wed, 10 May 2023 08:50:20 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEOIXdvPM28MBJw-K_FRpaNo&google_cver=1&google_ula=3918219,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 2289
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 May 2023 08:50:21 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 10 May 2023 08:50:21 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame C310 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.67&if=true&ts=1683708621133&cd[SBST]=17&cd[PuID]=reurl
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 10 May 2023 08:50:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
generic
match.adsrvr.org/track/cmf/ Frame C310
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CGA20230510165020907155
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/4c7d0136-7929-37c4-be3e-ec2f37f0e7d9?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-mxRSMOdE2oXlIvU7R9yQLw5vkNGbYXRG8XHuwZY-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.67
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 10 May 2023 08:50:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Wed, 10 May 2023 08:50:21 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ Frame 6EC2 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Mon, 08 May 2023 14:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 May 2024 14:17:24 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 61DC 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 10 May 2023 08:50:21 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 61DC 		2 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=79884403093
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 10 May 2023 08:50:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28
bid
ad2.apx.appier.net/v1/prebid/ Frame 61DC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=vuVLBjcmAAK-kbSGzlpbZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=vuVLBjcmAAK-kbSGzlpbZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 10 May 2023 08:50:22 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=vuVLBjcmAAK-kbSGzlpbZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 2289 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
527562c5eafdba582d710aa4a87b5214e7a32a224ed12055c345e06ad4029567

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Date
Wed, 10 May 2023 08:50:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 May 2023 02:37:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64032
Connection
keep-alive
Content-Length
10020
Expires
Thu, 11 May 2023 02:37:33 GMT
ls.html
img.scupio.com/html/ Frame F763 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html?mid=52
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.67
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2080
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 10 May 2023 08:15:40 GMT
etag
W/"583295c9-4dc"
expires
Wed, 17 May 2023 08:15:40 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.15.2
strict-transport-security
max-age=31536000
vary
Origin
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-id
1cI0rIbb2MN8gDZgvnQpkEJRDCy4In6hJovbuEmYNWOShu4Arh8DXg==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
rec.aspx
rec.scupio.com/recweb/ Frame 6EC2 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/rec.aspx?cb=0.43625690493404035
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
203.69.60.96 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-96.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e7502670d6ba7bc9801375a17c95e9a01b68828e8f4eb6dba1bea47e78d8967e

Request headers

Accept
*/*
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 10 May 2023 08:50:21 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
text/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
3337
khaos.jpg
token.rubiconproject.com/ Frame 2289 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
t.ssp.hinet.net/ Frame D8A0 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
582c4235552c12c2645cfac538de11dbadb3276b9d133be514c4ed76956ed34f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 8251 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
582c4235552c12c2645cfac538de11dbadb3276b9d133be514c4ed76956ed34f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame B4D2 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
582c4235552c12c2645cfac538de11dbadb3276b9d133be514c4ed76956ed34f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ Frame 239B 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Mon, 08 May 2023 14:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 May 2024 14:17:24 GMT
rec.aspx
rec.scupio.com/recweb/ Frame 239B 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/rec.aspx?cb=0.024017234449795977
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
203.69.60.96 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-69-60-96.hinet-ip.hinet.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
475842a40aa11c2148de039432cc4addf6c8c1f28b76af91f44d66e64c1f33c1

Request headers

Accept
*/*
Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 10 May 2023 08:50:21 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
text/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
3966
sync.php
pixel-apac.rubiconproject.com/exchange/ Frame 2289 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
utag.js
t.ssp.hinet.net/ Frame 044A 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 10 May 2023 09:00:21 GMT
events
bidder.criteo.com/csm/ Frame 61DC 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
utag.js
t.ssp.hinet.net/ Frame 9159 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 10 May 2023 09:00:21 GMT
utag.js
t.ssp.hinet.net/ Frame 61DC 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 10 May 2023 09:00:21 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame 044A 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2Fo0kM9q&n=446&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
CX6TrPcO3Dr87b87a51mjccHxU7U6Ozi
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:30 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
5
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
fww7C1NIH1LezqPZQPf98o1Od9PD8HnoQohCIXGjMePOREQs0Hu78w==
emome2
t.ssp.hinet.net/ Frame D8A0 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=a917f705-b084-40be-a0db-967899e73ffa
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame B4D2 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=a917f705-b084-40be-a0db-967899e73ffa
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
ad490.js
img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/ Frame 6EC2 		28 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/ad490.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
2c01d866f121ed8a84a1a9fd0ace431a7adb59898544940b406df1909dc60427
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 07:34:38 GMT
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
last-modified
Tue, 09 May 2023 07:26:44 GMT
server
nginx/1.15.2
x-amz-cf-pop
FRA60-P3
age
90943
etag
W/"6459f5b4-7059"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
BZXU84DMjYRN4OFK6pGTNEAdCCG4ODVnXKG4vnyPU-LX6RB-GbqIUg==
expires
Wed, 08 May 2024 07:34:38 GMT
CoverImage.js
img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/ Frame 6EC2 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/CoverImage.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
4f2550e7b2d196012cba43a5342aa57a7a577c7b212f0f168be54b0ba7ba90b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 07:30:07 GMT
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
last-modified
Tue, 09 May 2023 07:26:44 GMT
server
nginx/1.15.2
x-amz-cf-pop
FRA60-P3
age
91214
etag
W/"6459f5b4-514"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
RpNZvg5VkgDRztPkNNI1rfGcPSRfYQj8BKvE8QIGmFa2IbGjNeCufg==
expires
Wed, 08 May 2024 07:30:07 GMT
/
t.ssp.hinet.net/ Frame 044A 		36 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
582c4235552c12c2645cfac538de11dbadb3276b9d133be514c4ed76956ed34f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
css2
fonts.googleapis.com/ Frame 6EC2 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;900
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1d44689547b20fc05e5a1c9918b1f9fff3081e6bd6228fafcdbe5bdd3f7b2ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 08:50:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 08:50:21 GMT
css2
fonts.googleapis.com/ Frame 6EC2 		234 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@400;700&display=swap
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4324875926c2de99a93c8da643403b868d0a7779a9a4a74ddd7c0844617f834
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 08:50:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 08:50:21 GMT
css2
fonts.googleapis.com/ Frame 6EC2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;900
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 08:43:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 08:50:21 GMT
ad462.js
img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/ Frame 239B 		25 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/ad462.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
549a9c73a97392bd323fe69ccda4015bc15820b9e377cc99a2566da236a0b727
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 07:30:08 GMT
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
last-modified
Tue, 09 May 2023 07:26:44 GMT
server
nginx/1.15.2
x-amz-cf-pop
FRA60-P3
age
91213
etag
W/"6459f5b4-6287"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
_amVPz-DKVJ8Ew9z5Qmoxuo9Jp8e3yIFMWIjbQ6T5l6U1_m18VgafQ==
expires
Wed, 08 May 2024 07:30:08 GMT
CoverImage.js
img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/ Frame 239B 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/staticfiles/175b223df376dff2272b3592ae72fe464a610be1/scripts/adbanner/build/CoverImage.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
4f2550e7b2d196012cba43a5342aa57a7a577c7b212f0f168be54b0ba7ba90b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 07:30:07 GMT
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
last-modified
Tue, 09 May 2023 07:26:44 GMT
server
nginx/1.15.2
x-amz-cf-pop
FRA60-P3
age
91214
etag
W/"6459f5b4-514"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
b1-G9NmNqXfE0Ka52GqsdwC76b07lts4RvvUAJFE0dAPET9VIVl-yQ==
expires
Wed, 08 May 2024 07:30:07 GMT
jquery.touchSwipe.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.touchswipe/1.6.19/ Frame 6EC2 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.touchswipe/1.6.19/jquery.touchSwipe.min.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ecd4e7843f749e744f5385eaa6bb8e38238e2c8a46e9d4ef9b17fe81354532d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
488702
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4510
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-4f97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzaRuvwwZYX33RjBuxq5%2FnLtUUP79O1Ly6hC9gSdVKoyLSw%2FQUAsldidXChnB5762HCvlhIETN6FZVcMABD1Lsc6zpS1%2BBfnxxkFaTXaNRCwSLExXujk6fEOIri6qq1VyYsTh7CUxHplq4%2BMRQk5dIAN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c50ef24f9262c1e-FRA
expires
Mon, 29 Apr 2024 08:50:21 GMT
mobile-detect.min.js
cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.4.4/ Frame 6EC2 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.4.4/mobile-detect.min.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1953481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13867
last-modified
Mon, 04 May 2020 16:13:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f25-981e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRq43IGFXcmqQfISj0BrddX6tGBKjWdjogUOON5rFwfiJv6%2Bve7IZZMQNAwT5eR6pdjGTGcTTZHzzr8Xj2msFP35nxN1GbHpKSCH%2BYWp8f4J1cUXzJIukbtQH4UHXHBSMQyXBPX86TTtySQQmn6L%2F34Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c50ef24f9292c1e-FRA
expires
Mon, 29 Apr 2024 08:50:21 GMT
css2
fonts.googleapis.com/ Frame 239B 		2 KB
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@900
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5700bfcb505c60e0f1a05212cb1f4d394dee20e56920da711271b926938f4d6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 08:50:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 08:50:21 GMT
css2
fonts.googleapis.com/ Frame 239B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@900
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 08:50:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 08:50:21 GMT
2203004.jpg
img.scupio.com/ec/original/1197/250/004/ Frame 6EC2 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/original/1197/250/004/2203004.jpg?h=8d689afcb6874dea6143b65adc1321c9&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
d393ee22f55ce463605c8bd1f2180d1eae34e042463797945e7c30518542183d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:08:32 GMT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2509
x-cache
Hit from cloudfront
content-length
8808
last-modified
Wed, 10 May 2023 06:32:27 GMT
server
nginx/1.15.2
etag
"645b3a7b-2268"
vary
Origin
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
0UnGVLUj0KBH7eyE6mS0QJt8y189aqBHBQ2VmK1tZHBLVJvArOdxSA==
expires
Wed, 10 May 2023 14:08:32 GMT
2206087.jpg
img.scupio.com/ec/original/1197/250/087/ Frame 6EC2 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/original/1197/250/087/2206087.jpg?h=a62f15d9a695dc19332203f4bdb7ac08&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
374e9d8518a7b50116f49afa5080d72fee48d9d82dba1948932d15134a341c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:08:32 GMT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2509
x-cache
Hit from cloudfront
content-length
9891
last-modified
Wed, 10 May 2023 06:11:03 GMT
server
nginx/1.15.2
etag
"645b3577-26a3"
vary
Origin
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
9_YSw6ciZqe86o7JpuFx0MgMBLV4vhaFBMzTdz64UKoHvpy7pUOj5w==
expires
Wed, 10 May 2023 14:08:32 GMT
2212240.jpg
img.scupio.com/ec/original/1197/250/240/ Frame 6EC2 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/original/1197/250/240/2212240.jpg?h=480194e6096c0581a1d48ec84d10db74&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
db1596ab27328bf00f34bf03ba07f4f34431a273b4544186f6177d8e776dda53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:41:56 GMT
strict-transport-security
max-age=31536000
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
504
x-cache
Hit from cloudfront
content-length
18480
last-modified
Wed, 10 May 2023 07:58:55 GMT
server
nginx/1.15.2
etag
"645b4ebf-4830"
vary
Origin
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
2SlcafDLl5KSHThSfjQ6P8WRVf44_DAo5hVHnDa_Qnv-ZqDd7BsW0w==
expires
Wed, 10 May 2023 14:41:56 GMT
2206069.jpg
img.scupio.com/ec/original/1197/250/069/ Frame 6EC2 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/original/1197/250/069/2206069.jpg?h=2d60e5060172b9c79cffbf65545127bc&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
191909daedb34baf022f6e858758a9eb6a954f4205db65f1f8e79bb8a1747ab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:12:54 GMT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2247
x-cache
Hit from cloudfront
content-length
14368
last-modified
Wed, 10 May 2023 06:08:05 GMT
server
nginx/1.15.2
etag
"645b34c5-3820"
vary
Origin
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
hyoodqvAT-915h4Gsoz3i_O5_X5rcuS9HJ6mLX6Z61xHlt5zyZL47A==
expires
Wed, 10 May 2023 14:12:54 GMT
2203257.jpg
img.scupio.com/ec/original/1197/250/257/ Frame 6EC2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/original/1197/250/257/2203257.jpg?h=9accdb1f75a2e21db4605f360fe90263&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
baebbf8e46dbb8a4b694b287086d07bc4787261da8bc8c32920dc052ce00fe8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
539
x-cache
Hit from cloudfront
content-length
16393
last-modified
Wed, 10 May 2023 07:05:54 GMT
server
nginx/1.15.2
etag
"645b4252-4009"
vary
Origin
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
BFm2Dcgeqz8Cb-vQXTm7cRhGh1zca3D-73ZJRWDwC_wMgU9pPbg6JQ==
expires
Wed, 10 May 2023 14:41:22 GMT
862cc313-e46d-400f-96f3-e32f14869219.jpg
img.scupio.com/dsp/ad-image/1197/8/ Frame 6EC2 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/dsp/ad-image/1197/8/862cc313-e46d-400f-96f3-e32f14869219.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
ee75ccd4f8f03b1183192e9b79898a7344958039be8a88d7864422dd8d2e1918
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:12:54 GMT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2247
x-cache
Hit from cloudfront
content-length
13585
last-modified
Fri, 13 May 2022 09:19:39 GMT
server
nginx/1.15.2
etag
"627e22ab-3511"
vary
Origin
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
oFGliGdun9mWvSGgXtijQFC-xo7QvWPodwFjY-iHHTk5m9YaZlsoLQ==
expires
Wed, 10 May 2023 14:12:54 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.115.woff2
fonts.gstatic.com/s/notosanstc/v26/ Frame 6EC2 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v26/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12bf153fa82e96952391d98784dcf74e4ce28353a02d0f9cddc88bee0a98b6f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Sat, 06 May 2023 05:18:09 GMT
x-content-type-options
nosniff
age
358332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53876
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:06:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 05:18:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6EC2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Fri, 05 May 2023 02:06:17 GMT
x-content-type-options
nosniff
age
456244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 May 2024 02:06:17 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2
fonts.gstatic.com/s/notosanstc/v26/ Frame 6EC2 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v26/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25416120818605e620362a60ac860c8ac3642d1dbed1d4e8a68fc33facc9afee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Sat, 06 May 2023 19:14:02 GMT
x-content-type-options
nosniff
age
308179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25192
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:06:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 19:14:02 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2
fonts.gstatic.com/s/notosanstc/v26/ Frame 6EC2 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v26/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55453f9b9b55f7f30512bc52abd6e7194b1d7bde47f7ce8ed40c8faeddb9973b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Sat, 06 May 2023 16:11:30 GMT
x-content-type-options
nosniff
age
319131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44296
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:06:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 16:11:30 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2
fonts.gstatic.com/s/notosanstc/v26/ Frame 6EC2 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v26/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a30d49710e9c49ef9651512529fb7422c1666e353a9e31ac508a69e8fe87550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Sat, 06 May 2023 10:40:50 GMT
x-content-type-options
nosniff
age
338971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48836
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:06:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 10:40:50 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.116.woff2
fonts.gstatic.com/s/notosanstc/v26/ Frame 6EC2 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v26/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39a868cc138b7cc9574193f69e769e04edc922134b24d0535ea909432dff0ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Sat, 06 May 2023 00:35:00 GMT
x-content-type-options
nosniff
age
375321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53072
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:06:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 00:35:00 GMT
c7d12c02-343b-4b13-a7bc-d56374deb10a.jpg
img.scupio.com/dsp/ad-image/1146/c/ Frame 239B 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/dsp/ad-image/1146/c/c7d12c02-343b-4b13-a7bc-d56374deb10a.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
61b3cb7a1724d28331a569948438c880ca387f663687a61828d6dc877826e71d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:05:18 GMT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2703
x-cache
Hit from cloudfront
content-length
28853
last-modified
Thu, 27 Oct 2022 05:45:28 GMT
server
nginx/1.15.2
etag
"635a1af8-70b5"
vary
Origin
content-type
image/jpeg
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
QgRIMY4LJUI2l09vkW0izpL9xY_0X976tTJysQCR43Jxw_-7JaMWrw==
expires
Wed, 10 May 2023 14:05:18 GMT
9962113.jpg
img.scupio.com/ec/x/1146/250/113/ Frame 239B 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/1146/250/113/9962113.jpg?h=c2e23c7e5683661ffac9a690a0cb34e9&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
ec9c9a70f678595914a96276d728bca4c58ccb3e5829139cc08e8c4638501bf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 04:02:29 GMT
strict-transport-security
max-age=31536000
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
17272
x-cache
Hit from cloudfront
content-length
27823
last-modified
Wed, 10 May 2023 01:45:23 GMT
server
nginx/1.15.2
etag
"645af733-6caf"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
2IzGGniYhyIq0O1OM4Po9n887c1W8WccHfXJCdUfHh-SSFYMEFQNNQ==
expires
Wed, 10 May 2023 10:02:29 GMT
8606657.jpg
img.scupio.com/ec/x/1146/250/657/ Frame 239B 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/1146/250/657/8606657.jpg?h=3465b75f510cdc7c1d86be9fc6d4f127&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
cc5ae68fbb8773f73a078e1495306c471333facc8ef38376117d718dcf1b7052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 05:22:26 GMT
strict-transport-security
max-age=31536000
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
12475
x-cache
Hit from cloudfront
content-length
8373
last-modified
Wed, 10 May 2023 05:21:13 GMT
server
nginx/1.15.2
etag
"645b29c9-20b5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
RDukKMCpw_W8MVXEwUHoV_1wzrcjXxFt-hDKA5_nu9Fskuj7jwe6NQ==
expires
Wed, 10 May 2023 11:22:26 GMT
10440695.jpg
img.scupio.com/ec/x/1146/250/695/ Frame 239B 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/1146/250/695/10440695.jpg?h=17737cf066a3902f4ad9848b8602efca&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
1205eeb6d4ecac66e4aaa55d1c67964891de7ce10a5af8d41f57397529dc963f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 04:02:19 GMT
strict-transport-security
max-age=31536000
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
17281
x-cache
Hit from cloudfront
content-length
22221
last-modified
Tue, 09 May 2023 22:32:58 GMT
server
nginx/1.15.2
etag
"645aca1a-56cd"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
0L4mslsbtdjfvYS7Bo8J6xHLFy6nK179osBJzwOwmi2D7gEOtXeadQ==
expires
Wed, 10 May 2023 10:02:19 GMT
10442285.jpg
img.scupio.com/ec/x/1146/250/285/ Frame 239B 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/1146/250/285/10442285.jpg?h=03921c3c780714200ff5f521832be7f4&v=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
a120875c161afadebbf66c1b61c70b771511dec29d4c897cc9707eabaf283dab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:18:16 GMT
strict-transport-security
max-age=31536000
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
1925
x-cache
Hit from cloudfront
content-length
24415
last-modified
Wed, 10 May 2023 04:34:15 GMT
server
nginx/1.15.2
etag
"645b1ec7-5f5f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
DVH-Z2Erb4sO8Am9dWchDIDzZEPouSZY3Xs-UTYG4bIixYXhQ5gMRA==
expires
Wed, 10 May 2023 14:18:16 GMT
9962113.jpg
img.scupio.com/ec/x/1146/250/113/ Frame 239B 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/1146/250/113/9962113.jpg?h=c2e23c7e5683661ffac9a690a0cb34e9&v=0?cb=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
ec9c9a70f678595914a96276d728bca4c58ccb3e5829139cc08e8c4638501bf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 07:41:15 GMT
strict-transport-security
max-age=31536000
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
4145
x-cache
Hit from cloudfront
content-length
27823
last-modified
Wed, 10 May 2023 07:30:12 GMT
server
nginx/1.15.2
etag
"645b4804-6caf"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
badXyH98Dhw-0zOUMp23f4abnvZOguNzXaC2AUlZVYNcWPahr8lU2g==
expires
Wed, 10 May 2023 13:41:15 GMT
8606657.jpg
img.scupio.com/ec/x/1146/250/657/ Frame 239B 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/ec/x/1146/250/657/8606657.jpg?h=3465b75f510cdc7c1d86be9fc6d4f127&v=0?cb=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-7.fra60.r.cloudfront.net
Software
nginx/1.15.2 /
Resource Hash
cc5ae68fbb8773f73a078e1495306c471333facc8ef38376117d718dcf1b7052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 05:24:11 GMT
strict-transport-security
max-age=31536000
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
12369
x-cache
Hit from cloudfront
content-length
8373
last-modified
Wed, 10 May 2023 05:21:13 GMT
server
nginx/1.15.2
etag
"645b29c9-20b5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
5LBiyVYCoho6DyxraYXL1qocx881XeyHuROvuk5vsGso9nn77JuJ7w==
expires
Wed, 10 May 2023 11:24:11 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 239B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://img.scupio.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Sat, 06 May 2023 15:11:34 GMT
x-content-type-options
nosniff
age
322727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 15:11:34 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame 9159 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2Fo0kM9q&n=499&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
CX6TrPcO3Dr87b87a51mjccHxU7U6Ozi
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:30 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
5
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
TVpRmL0nXbLDFa1ORTbMLD6wZqMYH6uDs4eAYAQhrs0EMUGcoEoMow==
activeview
pagead2.googlesyndication.com/pcs/ Frame 4D14 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstU1pLexWFsqfuFAvRIQqjRxlK3b-nq7drXVBVj0gS0S5h1hB2ig-AbY2BwayqYmPt7dt-hwGhT_tpwKqcxPkwumy-Geb-sFKpdwLOu2KliQUui-a7e&sig=Cg0ArKJSzI7jbj7EjU4YEAE&id=lidar2&mcvt=1001&p=108,650,358,950&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230508&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683708620555&rpt=170&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C3F7 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4iBoT8K92IHm1sALf21S478qRNteeRsxNPl9dPc_E9vK9AMeAqm_KFA6mPHSYM9XllIuzrgIe77DK6Xa-PLqGhyoggNVeVyGRm-RedQvfOx_EYUcL&sig=Cg0ArKJSzIHyPRl1VfjbEAE&id=lidar2&mcvt=1003&p=108,270,358,570&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230508&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=827794272&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683708620540&rpt=219&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 537F 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFx3GFExxL5MIGrUj07i-zVWbgJXUtdfWBCpQME8RMWq9jA5-MPfggjp562boFwviO34U4NrDriuRuSBqs-aT89cQgtWj7I_jwjJhHOX2pqfHGik7G&sig=Cg0ArKJSzGFzu0h4PsMBEAE&id=lidar2&mcvt=1005&p=384,800,385,801&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230508&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3271617715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683708620568&rpt=225&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame 61DC 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2Fo0kM9q&n=478&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
CX6TrPcO3Dr87b87a51mjccHxU7U6Ozi
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:30 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
5
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
cY5YBD0M6FsMfenloBvroDXwamWTqe0W5zdmDXhh22Au8nG2IWwKbQ==
activeview
pagead2.googlesyndication.com/pcs/ Frame 53BB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6iIsVCP6BZQzpsO3T5dkiGcrmXs5VTKu8PMd9jDArqkKq5SzbDazBgdeFDtSdvjBNKwggjEoJYPIGXAeljdxaeLTiXEaVat8G-1VRbUrH0TLAoIClHkbO0mCLDPbBzg6djUDOdA&sai=AMfl-YSy-GbuAdjYLMv9leyzH6VKXpJfj921IzEgkQYj-PfFPPbOV9_BIWcEifhb0MU1YYv8GyGl-VJNC9HR2qis98PaF2CiuCfnVqxGXTkDJ0B_W9RsOqYxGaafNTUHN1vZvKp0y4iTnmfV8Iau&sig=Cg0ArKJSzLaSMLVkCIJJEAE&cid=CAQSSwBygQiD2ehiYFCCwZYR_ZI7JhbQOP_R7rMjePljIF4DyS_CTRGFtPOywSc7gqRQdw-9EjUOjGtaVahQrSe33zEne-eMoc32PaEaahgB&id=ampim&o=315,511&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=404&tls=1405&g=100&h=100&tt=1405&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init.js
cdn.holmesmind.com/js/ Frame D051 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
Z6JK.Gb8ir05GRaM1kobvmatThcknVQQ
date
Wed, 10 May 2023 08:49:25 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:56 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
58
x-amz-server-side-encryption
AES256
etag
"6c37b2eb5706a6225b62a75a80493f4a"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17750
x-amz-cf-id
RuHSI3mwFA3SV2L4-BpNlXOttHxz-FggFP7gjP-fq7dUBJu1IWDWfA==
create
referer-log.holmesmind.com/api/v1/kinesis/ Frame D051 		51 B
260 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=13857&domain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.3.36 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-3-36.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
aee80027210ae75f2e8fb3327baa7cb67340c226af488b7aeba254096073e4e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:24 GMT
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
capmapping.htm
cdn.holmesmind.com/js/ Frame 0D48 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
57
content-length
7381
content-type
text/html
date
Wed, 10 May 2023 08:49:26 GMT
etag
"7043648f76be8783efb738bc06c56fa0"
last-modified
Wed, 10 May 2023 07:01:07 GMT
server
AmazonS3
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
x-amz-cf-id
mgoOIskhWjiJ9-eqDTDnfE5wwEP8JvZsxc1UWH4VQUpPwEpthTfhOQ==
x-amz-cf-pop
MAD56-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
HXPbK6ZTC0ohJrHB2mH8ElwnG9w_HBxK
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame D051 		662 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
SMVwftsa.JeDPSic4.4eIPk08t9H3JlQ
date
Wed, 10 May 2023 08:49:26 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:43 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
57
x-amz-server-side-encryption
AES256
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
BQhYTc2hxasRmbOaitvzdGh72VMGshGD-PDOUmi1u7PM9wSxOWNQDw==
presetfn.js
cdn.holmesmind.com/js/ Frame 069C 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
M75PhCgr4v11XCDgTBz2oJre7BG6fUhW
date
Wed, 10 May 2023 08:50:20 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:54 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
10
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
zW1vDXZVFpWmJPOHMMgyYTj3WbDPaTksTY9AZq2G4NW65U7vaywvuw==
fp
cm-dev-poc.holmesmind.com/ Frame 6E16 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.80.88 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-80-88.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 10 May 2023 08:50:22 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame FBD6 		0
0
utag.js
t.ssp.hinet.net/ Frame 0D48 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 10 May 2023 09:00:22 GMT
fp
cm-dev-poc.holmesmind.com/ Frame 0D48 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.80.88 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-80-88.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 0D48 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 0D48
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV&uu_m=undefined&google_gid=CAESEDV_xpGGEv0SZ9iIMW-kazg&google_cver=1
0
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV&uu_m=undefined&google_gid=CAESEDV_xpGGEv0SZ9iIMW-kazg&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
x-guploader-uploadid
ADPycdud8JyUidz0091cvxUhnbGPV2ssAChhuAW2kX-Hq33QtFmguwDrzDFsHrK3IFjXiG0T_S-Hi4x7Kkr_uSEzBBkEPOLzggKr
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Wed, 10 May 2023 09:50:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV&uu_m=undefined&google_gid=CAESEDV_xpGGEv0SZ9iIMW-kazg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 069C 		1 KB
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:b800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8aa2fd2ba5f420936e45859aa1a7bdd856759604a02f91e1cc67ece7faa7de26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:46:53 GMT
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P2
age
209
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
Y_pyosCRGm2ASYovLtimSgHwDp8byaXzdgkT73TRY4G9F1giLvLhkQ==
ads.js
ad.holmesmind.com/adserver/ Frame 069C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2Fo0kM9q&n=293&o=1&fc=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&d=1&b=2&ts=1&ii=2&FPCK=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.206.25.0 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-206-25-0.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
247c7e7682de3fcacadc70efbdeb196b761ca496843295058ab3f1aa0abf8389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 069C 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
nsID8w9LNvYQ3ezqQphaLDJ_3WDD30aU
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:01:08 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
54
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
szh9M9uvf1CyyITu6QDP9n1yzjnxU4MAop1yZP6yZiLJz2sX5Ziy_w==
publishertag.js
static.criteo.net/js/ld/ Frame 069C 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-1e357"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 May 2023 08:50:22 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 069C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
OQ2kIhAZeXWLYx9SXeEEYEdcIwFfZafG
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:22 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
35
x-amz-server-side-encryption
AES256
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
8QiCwK5lqhNRaQ2SvspZsaQWgbyNTFSZrkpD1Rr5uEU1M8rtzDmkMw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 069C 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
mIeWQI3nqLjG_i5OvvyTj9c7ts54AdBo
date
Wed, 10 May 2023 08:49:59 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:01:05 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
24
x-amz-server-side-encryption
AES256
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
445wk9-cBUCP11C7ZPpphjvNJZcxs9wFbajixB0dpFsecseu22bkLg==
appierV2.js
cdn.holmesmind.com/js/ Frame 069C 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
564pM1dRIqUZ665lbUhICkATNACWic6z
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:01:02 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
35
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
5SHqqtwlUSdQQgdhLpG0RC9Sitl6DwQbklQFlGGEInJdwlRxDYoCKw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 069C 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
Q4iAtty.78dI5lavIxW3NeoATIy.Z4Gr
date
Wed, 10 May 2023 08:49:57 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:49 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
35
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
2xXqWJ6aQWQjNLO_yP_n5RokNVnm5KpF4b68vsQO3SJVx0jlK7dsOA==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 069C 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 10 May 2023 08:50:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 069C 		2 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=15957331324
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28
prebid.aspx
prebid.scupio.com/recweb/ Frame 069C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.21642907878893114
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-181.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
6e0af4ff8d2333101980b23d267001b561f516ae318379a6e7992b49640c0ac0

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Wed, 10 May 2023 08:50:21 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame 069C
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 10 May 2023 08:50:23 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 069C
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 10 May 2023 08:50:22 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
events
bidder.criteo.com/csm/ Frame 069C 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 May 2023 08:50:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
utag.js
t.ssp.hinet.net/ Frame 069C 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 10 May 2023 09:00:22 GMT
/
t.ssp.hinet.net/ Frame 0D48 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
582c4235552c12c2645cfac538de11dbadb3276b9d133be514c4ed76956ed34f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5951 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c9692bd2f42e4d4dc362f7ff2f5f99651b27c0289f60e1a8de4ffe51bf78c3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24956
x-xss-protection
0
server
cafe
etag
485 / 19487 / 31074443 / config-hash: 10283026373551537385
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 May 2023 08:50:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F9E0 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02b0fb673a3e6b1bbebc75b910496206c0aecf6f90782e72fb1a319c91390aaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24956
x-xss-protection
0
server
cafe
etag
497 / 19487 / 31074443 / config-hash: 10283026373551537385
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 May 2023 08:50:22 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/ Frame 5951 		403 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6e574ac8407b2bc117178cac36692c418de322544cfd404cc70f9ca1780afce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 04:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
14637
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127574
x-xss-protection
0
server
cafe
etag
16110150592663817433
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 09 May 2024 04:46:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 5951 		544 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
expires
Wed, 10 May 2023 08:50:22 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame 069C 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2Fo0kM9q&n=293&o=1&fc=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&d=1&b=2&ts=1&ii=2&FPCK=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
CX6TrPcO3Dr87b87a51mjccHxU7U6Ozi
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:30 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
6
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
Fva4IFQbHzD7w3ic_POxkItErN_XRYRobeu2XSxqQzm0Z8DSMhsiCQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/ Frame F9E0 		403 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6e574ac8407b2bc117178cac36692c418de322544cfd404cc70f9ca1780afce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 04:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
14637
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127574
x-xss-protection
0
server
cafe
etag
16110150592663817433
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 09 May 2024 04:46:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame F9E0 		550 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be73bb089d3880699edb698c4dd5b45c89419e9d61e2666ae93729b3c579a230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
279
x-xss-protection
0
expires
Wed, 10 May 2023 08:50:22 GMT
integrator.js
adservice.google.de/adsid/ Frame 5951 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5951 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5951 		56 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2458129643213377&correlator=2070515772796849&eid=31073865%2C31074443%2C31070232&output=ldjh&gdfp_req=1&vrg=202305050101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14209&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x100%7C320x100%7C320x50&ifi=1&adks=2995874615&sfv=1-0-40&sc=1&cookie=ID%3D79181be60e5a0c09%3AT%3D1683708618%3AS%3DALNI_MZ6CBJgD1WylbkfdV401rs2n9_Zmg&gpic=UID%3D00000bf8cc29823a%3AT%3D1683708618%3ART%3D1683708618%3AS%3DALNI_MaXNGkc3U1TZkgJVlwGIivr4MxizA&abxe=1&dt=1683708622844&lmt=1683708622&dlt=1683708622438&idt=371&adxs=800&adys=384&biw=1600&bih=1200&isw=320&ish=100&scr_x=0&scr_y=0&btvi=0&ucis=9pk6lk1377ry&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Freurl.cc%2Fo0kM9q&ref=https%3A%2F%2Freurl.cc%2Fo0kM9q&top=https%3A%2F%2Freurl.cc%2Fo0kM9q&frm=23&vis=1&psz=320x100&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=1234105094.1683708618&ga_sid=1683708623&ga_hid=1701676772&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5440afdfaf6cb07a005c0a1a556fb14d1915e0f7c3cb9d13056cbc782e344012
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13262
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5951 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfa20cf8b12f3337a7b1b32bfc78b5a12e994aff914d9a5216246df8e1a8fcfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11278
x-xss-protection
0
container.html
3cf1d8dd06247e1188d25ef7bb0a7180.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 15ED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3cf1d8dd06247e1188d25ef7bb0a7180.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 08:50:22 GMT
expires
Thu, 09 May 2024 08:50:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame F9E0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F9E0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F9E0 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=628435908245916&correlator=1309308356073111&eid=31074411%2C31074443%2C44777899%2C31070232%2C21065724%2C44769662&output=ldjh&gdfp_req=1&vrg=202305050101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=1254560718&sfv=1-0-40&sc=1&cookie=ID%3D79181be60e5a0c09%3AT%3D1683708618%3AS%3DALNI_MZ6CBJgD1WylbkfdV401rs2n9_Zmg&gpic=UID%3D00000bf8cc29823a%3AT%3D1683708618%3ART%3D1683708618%3AS%3DALNI_MaXNGkc3U1TZkgJVlwGIivr4MxizA&abxe=1&dt=1683708622898&lmt=1683708622&dlt=1683708622481&idt=398&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=lms8lyay7tf4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Freurl.cc%2Fo0kM9q&ref=https%3A%2F%2Freurl.cc%2Fo0kM9q&top=https%3A%2F%2Freurl.cc%2Fo0kM9q&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1234105094.1683708618&ga_sid=1683708623&ga_hid=1375729931&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8653875c23467140d5fb1348d8520a8aa0ea0cf95dc6997c506a5c26a7412f06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10583
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F9E0 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ad46e47857ff04c1ef14c3c93e5b7534bdb42bfd8e7356891fb62c2fe3f7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11167
x-xss-protection
0
container.html
908720a3b42788c864e2b8e453bedaf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D849 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://908720a3b42788c864e2b8e453bedaf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 08:50:22 GMT
expires
Thu, 09 May 2024 08:50:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cm
t.ssp.hinet.net/ Frame 0D48 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV&mp=a917f705-b084-40be-a0db-967899e73ffa
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
a917f705-b084-40be-a0db-967899e73ffa.t.ssp.hinet.net/ Frame 0D48 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a917f705-b084-40be-a0db-967899e73ffa.t.ssp.hinet.net/pixel?bd=a917f705-b084-40be-a0db-967899e73ffa&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5951 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 May 2023 08:50:22 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 10 May 2023 08:50:22 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
214483
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 6A3C 		2 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
289940
expires
0
cm
c.holmesmind.com/ Frame 6A3C 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame 6A3C
Redirect Chain
  • https://sync.aralego.com/idSync
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 10 May 2023 08:50:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Wed, 10 May 2023 08:50:23 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F9E0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 May 2023 08:50:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF5F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11366
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 05:40:57 GMT
expires
Thu, 09 May 2024 05:40:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4A55 		783 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8c4c842b7e685fd6586e8fa1626d1c05ffa35063b89cf19e0ddcde88a03d76d6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BHR4zinYQop0SLxKqhUKaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-BHR4zinYQop0SLxKqhUKaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 08:50:23 GMT
expires
Wed, 10 May 2023 08:50:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
pagead2.googlesyndication.com/bg/ Frame FF5F 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c5b942bd3e64ff2eaff944993c252bcbb1ba01452c9779121f41670e7a0c45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 17:33:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
54987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14734
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 May 2024 17:33:56 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 12C5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11366
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 05:40:57 GMT
expires
Thu, 09 May 2024 05:40:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A486 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9d9895d97a9e25133808d45a2ec3129f28bdf3652f97e24d39b74d6a8772cabd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HhvL8Yt1GTebRlSfZH-G3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-HhvL8Yt1GTebRlSfZH-G3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 08:50:23 GMT
expires
Wed, 10 May 2023 08:50:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 4A55 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305050101&jk=2458129643213377&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 10 May 2023 08:50:23 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
257020
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame A0DD 		2 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
260737
expires
0
cm
c.holmesmind.com/ Frame A0DD 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:24 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame A0DD
Redirect Chain
  • https://sync.aralego.com/idSync
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 10 May 2023 08:50:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Wed, 10 May 2023 08:50:23 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
sodar
pagead2.googlesyndication.com/pagead/ Frame A486 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305050101&jk=628435908245916&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers
HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
pagead2.googlesyndication.com/bg/ Frame 12C5 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c5b942bd3e64ff2eaff944993c252bcbb1ba01452c9779121f41670e7a0c45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 17:33:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
54987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14734
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 May 2024 17:33:56 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304262219000/ Frame D94B 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
135597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"ccf36922213b3ec5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame D94B 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
135597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"4fd619331b8f64df"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame D94B 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
135597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"6451d33588c99856"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame D94B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
135597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"83933b769a9f5701"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame D94B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
135597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12938
x-xss-protection
0
server
sffe
etag
"3f9bab308b30f46e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
css
fonts.googleapis.com/ Frame D94B 		9 KB
932 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 08:30:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 08:50:23 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D94B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 08:58:43 GMT
x-content-type-options
nosniff
server
cafe
age
85900
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Wed, 10 May 2023 08:58:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D94B 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
69313
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 10 May 2023 13:35:10 GMT
l
www.google.com/ads/measurement/ Frame D94B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBwqA9y1HrpxlE_UvbtmIzidffQr8SENT1iQ7Bi2kW0dlzNKUN1-MwlgWw3m7KbzHYUiP0RFfEemqyGZqeP7oFPIrBZw
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame D94B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CggW0zlpbZNnPNo2g9u8PnIm1gAio4I3TVM_etYjmEZ-DuuPXAhABINLMgRpglfqXgqwHoAHugIP4AsgBAakCuEm_tTNnsj7gAgCoAwHIAwqqBOEBT9BjeldT8CI9aKT_cLqj3HwgBTAuUJXiRbZA_ThvH963xwVcxCstdXzo5dsQ58IJFB9w6GWwJmaAScAg9KLFOUKeKUX12vg-byW5j0DJrxbbW0xZIIep7uswXCCbVFXh1sMExdb4B-m_VO5lGctOpAgBRvzb4JQN23aogQ_KyfL3X74vhhxWw8wLN5k1POD0fy_9NqXVaLgk9JkQDIxjJfCdVLQX0aZ-UxHEPrhCY2rbjIAbQgwvAqQS9jm12DUVch-1MTfds3iVJlTnR6vBSXCiKQigJZfguVBMtdWtPGkmwATBqOuI2gHgBAGSBQQIBBgBkgUECAUYBIAH-v78hwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCP4QXSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMK0BUBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=bmo8UMsiHR4&uach_m=[UACH]&cid=CAQSOwBygQiDy3RNrcU-Hcy26otUj_Tvx-v8cs8R4Ikqndu9iJktyLqWWYIEJKmF8OFmNjbp6-3X71nIt6XMGAE
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers
truncated
/ Frame D94B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52439a5dcf8bf6fb26966a7822072ddc0257dc963f302a9d5c38ac4e775af8a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame D94B 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Sat, 06 May 2023 05:24:40 GMT
x-content-type-options
nosniff
age
357943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 05:24:40 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame D94B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c256c062b9e79df621df93e3d47017fa2317985efcfc829ff819780fee21fb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Sat, 06 May 2023 19:27:13 GMT
x-content-type-options
nosniff
age
307390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15072
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 19:27:13 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CD10 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukVBk4AlbSvd0RiTEGus1-cGazhbWggBAOXqBegQIUxb67Ozm6Ir0xmv1OnbeqZ8CLtgZZzhgtgEAbn4WJ7L0wYAKTxwyry4ev-bjxc9Wcbfj60Ju2ZHbM3enDz3iLh49221hINYh5uOGpIp2thc6A2Lm2s5vVRWh3AbQrPY-9u-0qylY5p4hbVxw2DKIGt-CxFUYio_C3nex1rgsI7kEprFgygseUReye-RnaGmTnNekNsEZuBLotMVj4hjQYJW0JwP0xn0R9rCTTllQbMG-fwhjvzxK7nyxT7XVeKM7xy51cYTpBzEQblDWOQ-IhH7RphUwoD2tzsbjFSmCZS5RUDkCWVY57&sai=AMfl-YTJazrdxe8wIaiPn2-BUT-KYSrxduJrpkcy6WA6kz7WvpEYMOytMfZbRBmfDStn-S4OGScC7XxrBaNEjNeFgZ9IBt2WQtu10GKDT8pUAeK1N_619HekprBVhjUfEQ&sig=Cg0ArKJSzPbxDzBnXYduEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame CD10 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
Z6JK.Gb8ir05GRaM1kobvmatThcknVQQ
date
Wed, 10 May 2023 08:49:25 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:56 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
59
x-amz-server-side-encryption
AES256
etag
"6c37b2eb5706a6225b62a75a80493f4a"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17750
x-amz-cf-id
BAqT3ik0GLISHu9df3Tek4wmxbv_BRK6pzVGitI7RzHiIPfu5mPTNw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CD10 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305050101/pubads_impl.js?cb=31074443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 08:50:23 GMT
generate_204
tpc.googlesyndication.com/ Frame FF5F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Uv-Giw
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7820 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f070302c2828036182da439c7592ebfcf3496a1a93e68e1da13e757e5b0fd2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25009
x-xss-protection
0
server
cafe
etag
278 / 19487 / 31074455 / config-hash: 10283026373551537385
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 May 2023 08:50:23 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D94B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H2
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 08:50:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
create
referer-log.holmesmind.com/api/v1/kinesis/ Frame CD10 		51 B
260 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=14210&domain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.3.36 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-3-36.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9e1de442462626bb4aca6238038502b12d2a55b007d35fa49cef6eaa5698e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:25 GMT
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
capmapping.htm
cdn.holmesmind.com/js/ Frame C053 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
58
content-length
7381
content-type
text/html
date
Wed, 10 May 2023 08:49:26 GMT
etag
"7043648f76be8783efb738bc06c56fa0"
last-modified
Wed, 10 May 2023 07:01:07 GMT
server
AmazonS3
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
x-amz-cf-id
6n-SYE-9k3uh4DCZOkGDcXLSiIg09NBKuAcw84TBaO_chWgmaCsbGA==
x-amz-cf-pop
MAD56-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
HXPbK6ZTC0ohJrHB2mH8ElwnG9w_HBxK
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame CD10 		662 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
SMVwftsa.JeDPSic4.4eIPk08t9H3JlQ
date
Wed, 10 May 2023 08:49:26 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:43 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
58
x-amz-server-side-encryption
AES256
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
n7PfFV4QXYWPuahCItzIIQRlJu5WKVvqMQmmJs9CFII8wJga8UJAog==
presetfn.js
cdn.holmesmind.com/js/ Frame 8ECE 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
M75PhCgr4v11XCDgTBz2oJre7BG6fUhW
date
Wed, 10 May 2023 08:50:20 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:54 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
11
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
slnrULmS8bmGIP7SSFZ2Al-a6O8OhlUSuTepCO1JdoTsqSqLvL2xAw==
truncated
/ Frame CD10 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd7d71674381440c7b4e6a862f9fb2cea412eed0dfbb1907efcde7e072a08a91

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/ Frame 7820 		403 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e5abf2e9f21e9e0431e2d8f6b3b27bd5922f522c534ea519bcec87b40e64d04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
52674
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127538
x-xss-protection
0
server
cafe
etag
14255841817258122496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 08 May 2024 18:12:29 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 7820 		550 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a57b89af110a4f2fe1576ccbe0c16a9bf6890ed81cc04c69f9ec9f7bb41314b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
279
x-xss-protection
0
expires
Wed, 10 May 2023 08:50:23 GMT
cm
c.holmesmind.com/ Frame C053 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame 3573 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=null
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.80.88 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-80-88.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 10 May 2023 08:50:23 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame C8BE 		0
0
utag.js
t.ssp.hinet.net/ Frame C053 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 10 May 2023 09:00:23 GMT
fp
cm-dev-poc.holmesmind.com/ Frame C053 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.80.88 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-80-88.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame C053
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV&uu_m=undefined&google_gid=CAESEDV_xpGGEv0SZ9iIMW-kazg&google_cver=1
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV&uu_m=undefined&google_gid=CAESEDV_xpGGEv0SZ9iIMW-kazg&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
age
0
x-guploader-uploadid
ADPycdud8JyUidz0091cvxUhnbGPV2ssAChhuAW2kX-Hq33QtFmguwDrzDFsHrK3IFjXiG0T_S-Hi4x7Kkr_uSEzBBkEPOLzggKr
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Wed, 10 May 2023 09:50:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV&uu_m=undefined&google_gid=CAESEDV_xpGGEv0SZ9iIMW-kazg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 8ECE 		1 KB
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:b800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d2fcc495189430b96578537046dc018a8f35ce50167af818560d1b032c4b201

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:46:51 GMT
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P2
age
212
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
qY05P5HCgmqZ6UNjtJRQVtjm6GIBbg4Qi4h7O0xHSdivE9PoZwMDdQ==
generate_204
tpc.googlesyndication.com/ Frame 12C5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lmsz5w
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads.js
ad.holmesmind.com/adserver/ Frame 8ECE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2Fo0kM9q&n=766&o=1&fc=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&d=1&b=2&ts=1&ii=2&FPCK=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36&initver=230331P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.206.25.0 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-206-25-0.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c066183e0175e164f9d69b02a4436696300dd687c7f32bf09978cdcdbf0a76ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 10 May 2023 08:50:24 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 8ECE 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
nsID8w9LNvYQ3ezqQphaLDJ_3WDD30aU
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:01:08 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
55
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
FrlLbyImVEUQdHhomKqD5H2Qq6PhNs8UeKckuY8gbN44ZgmWULQINg==
publishertag.js
static.criteo.net/js/ld/ Frame 8ECE 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-1e357"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 May 2023 08:50:23 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 8ECE 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
OQ2kIhAZeXWLYx9SXeEEYEdcIwFfZafG
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:22 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
36
x-amz-server-side-encryption
AES256
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
IXSHflcEppevxUenN-HIwaIwCcKzLDDDBMdqWglLwBsp8DJV68iotw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 8ECE 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
mIeWQI3nqLjG_i5OvvyTj9c7ts54AdBo
date
Wed, 10 May 2023 08:49:59 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:01:05 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
25
x-amz-server-side-encryption
AES256
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
MH0PQSFuDD7zBFNxTeSpzdQKGr5eACmetORwObwYjPwsmBQyLI3jbA==
appierV2.js
cdn.holmesmind.com/js/ Frame 8ECE 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
564pM1dRIqUZ665lbUhICkATNACWic6z
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:01:02 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
36
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
GTJwhO2H9zBDCClWZzijb5GT06BpV-n9o1mFox4JZdR31dxugUUo9Q==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 8ECE 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
Q4iAtty.78dI5lavIxW3NeoATIy.Z4Gr
date
Wed, 10 May 2023 08:49:57 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:49 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
36
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
Ozksw4EQUp3AT-mdpBKGFupPYVnEGca2DEuMQs2bEf48rG5qzCvK1g==
integrator.js
adservice.google.de/adsid/ Frame 7820 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7820 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7820 		110 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=745754029244919&correlator=2153237453263328&eid=31074368%2C31074455%2C44777901&output=ldjh&gdfp_req=1&vrg=202305080101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13857&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=2474970467&sfv=1-0-40&sc=1&cookie=ID%3D79181be60e5a0c09%3AT%3D1683708618%3AS%3DALNI_MZ6CBJgD1WylbkfdV401rs2n9_Zmg&gpic=UID%3D00000bf8cc29823a%3AT%3D1683708618%3ART%3D1683708618%3AS%3DALNI_MaXNGkc3U1TZkgJVlwGIivr4MxizA&abxe=1&dt=1683708623868&lmt=1683708623&dlt=1683708623408&idt=430&adxs=270&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=pe3afuisn9qv&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=5&url=https%3A%2F%2Freurl.cc%2Fo0kM9q&ref=https%3A%2F%2Freurl.cc%2Fo0kM9q&top=https%3A%2F%2Freurl.cc%2Fo0kM9q&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1234105094.1683708618&ga_sid=1683708624&ga_hid=331229992&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd9eb36d733db60322c2271c67e840033f5238abd49831792f6fc0e333d5ca6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37210
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7820 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305080101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6169c57175685f7c6a284bc39d065ddf7dc2bd0b62b459b25b92f2f8d689a5e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11199
x-xss-protection
0
container.html
445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8D32 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 08:50:23 GMT
expires
Thu, 09 May 2024 08:50:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
prebid.aspx
prebid.scupio.com/recweb/ Frame 8ECE 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.08848800099718312
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-181.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
7964ed6e6e2e6a48d95d19d05efd72d7c68292e0a79be8ced36af27edc7be2bb

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Wed, 10 May 2023 08:50:23 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame 8ECE
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:24 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 10 May 2023 08:50:24 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 8ECE
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:24 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 10 May 2023 08:50:24 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=ySVu1Xd3ASaChGomzlpbZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 8ECE 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 10 May 2023 08:50:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 8ECE 		2 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=184&cb=25479676386
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7820 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 May 2023 08:50:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B3A6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11366
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 05:40:57 GMT
expires
Thu, 09 May 2024 05:40:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8636 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cbb78584768f3d8a338e27912fa26ad8a44dc1b010f4625fceded9ac340865dd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F55Ogfg_F4h-ydwG2aN_kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-F55Ogfg_F4h-ydwG2aN_kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 08:50:24 GMT
expires
Wed, 10 May 2023 08:50:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
utag.js
t.ssp.hinet.net/ Frame 8ECE 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:24 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 10 May 2023 09:00:24 GMT
/
t.ssp.hinet.net/ Frame C053 		36 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
582c4235552c12c2645cfac538de11dbadb3276b9d133be514c4ed76956ed34f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:24 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
pagead2.googlesyndication.com/bg/ Frame B3A6 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c5b942bd3e64ff2eaff944993c252bcbb1ba01452c9779121f41670e7a0c45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 17:33:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
54988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14734
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 May 2024 17:33:56 GMT
events
bidder.criteo.com/csm/ Frame 8ECE 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 May 2023 08:50:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
sodar
pagead2.googlesyndication.com/pagead/ Frame 8636 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305080101&jk=745754029244919&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers
drawV2.js
cdn.holmesmind.com/js/ Frame 8ECE 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2Fo0kM9q&n=766&o=1&fc=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&d=1&b=2&ts=1&ii=2&FPCK=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36&initver=230331P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
CX6TrPcO3Dr87b87a51mjccHxU7U6Ozi
date
Wed, 10 May 2023 08:50:21 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:30 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
8
x-amz-server-side-encryption
AES256
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
LABS_aFIEzF0gUM-Wbp1AQvWVAptmwGhXjYEK7I90C9b5qz9zdT1CA==
generate_204
tpc.googlesyndication.com/ Frame B3A6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zPQmWg
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 5951 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305050101&jk=2458129643213377&bg=!SkmlSR3NAAYV_mUANf47ADkAdvg8Wu113B7FhziDNGkAMejNBYvPfrCbJ7rO-xCtk7-0i7TUv454ut0o8CcOz743FGlsYsJL90sCAAACKFIAAAADaAEHCgC8oF0ncx1F5qBpfgPjQgxpk8JfmNEXtt9i4OEfjPFufzLSr3CShWPsRnEaj6sF23tiMRyw7UKIQ4lGyesjFKwiTXEh185G-LXhQBioIzR_ATcybTKRT4H5OXbDcefZbKrioBCr088tPQI96vKbeyucctdZ7YIfa9ksDAFbrDSMojeOxBppdyOGlbhVgWImhjTlZmNozPHJMoCPlyb4u1z4qkxbAtgtz2dvIl7LC_ii8MZ-t0DyuOR3pqVCNPuZAsl8O6T5eq0cxGyiA6GZfAUYbtfFoDu6WO-rrp7ln-tGoSxrls6px--QiZSVNpVBMH_jmT4LEz7eEY5_BsKaNohK99EIZQo4m2f8qSirkNGDpipFV4thGxTlMqbhnlBoJuYgHxzC_kEyCw1ISuuCQlBcuP4pxD3WC233Vruqr3JuA-hkNUgiobD7S5N2BN45RxhJyr-30h0tolViHRIIc_0sUMz2xbNl6sqGfCqidNhtmyJDaW40FHd-bT6e4mMfSUx08He5vxse45p7BtY5KAmafqQF7RyiU1KlvkSwcSq1oOoxk1Bp_5A3xmjAe2KfSlJlrNxc1qK4Cut4iLZOcYky1Z3O6ISx4YQCKPfC9Sj2Jfbsmdj9nOFyqTiaiKU4KhPa0hXFEwELPuLz12xM9OleHzh5wvTLX05F1SbUpVtCKYpWwhpi-n3SLL8TNiVqivwTmD36dl3a4sWQiHsiDqjN3euehYIU-JexQAfKo6pD1JXajoJgP-3Or_orvddzDQYNzjTvi6vB3NgH0Co4MLcFT0T4tBl9qgqcbOYRuHtxxRqUA2gyHo2iQKwrFsxRV7bQaBPs5v0ahtzJCr1jqGmcGhw8hMlQxQghNswW8D4wZXGlbLL7H0dlBGFRIdsaMKcN7eCfmXLhxoK0Xb4gOhJ3xqQ8PX5VxY4s1ycn4gXrzEH5ggtH3gE3J_lxl_z5_SeO7wfd1NQSG3-eztmt4KCFOy4D1gW8ENkdiJaVmjtFFl4eklZlVGM-_x4WkpwQYJZGYAUpCawRyBZ7dslCzqQlIBvUAaTYciNiB4uFaml_JqUdcLypelURmFCemwSA2aDcdIXiPunMaWsn78f_jEM2tXZbUf9XR9A8ZUDGZX0wqIXE_5v3sODcN40b5ehfcBUQyiaS7joOEI1oAp6-zZuFpGmN6hIdABlliRL1_GFeFHTv_WrmYrOahw
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers
container.html
445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8BA2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305080101/pubads_impl.js?cb=31074455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 08:50:23 GMT
expires
Thu, 09 May 2024 08:50:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 8BA2 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 08:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 08:28:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 08:50:24 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame 8BA2 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:44:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
50743
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 May 2023 18:44:41 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8BA2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=COdmTz1pbZI_CN-Wi7_UP3pCrYPnk6sVtytWDmNMMjdaFmYAcEAEg0syBGmCV-peCrAegAbC6odcDyAEJqQK4Sb-1M2eyPuACAKgDAcgDywSqBOYBT9B-8t1OzaBEVnyhqpY0cPRsrLYaTWbLKRqRgYFnTNUMEyexLSghTt-XZKigbv4mzCEX63BHexJX9_TVv_IvX_4dZpeNAGPgJmf_RisSjy25Odh-iThl3Dz0XCE_4958eplQ0sAsPNRtEvrS4Fa1o7aQhqqxdcGlm6YdCPROMlYuF0Cyk_6zpa5mrpX6SowWWoaa_tKl4zK3AwJxXFotGOqacdozxH43wc2k4Q6jcDCvX4MMDlzE-9o7rrXj9bTzpGs4bCTpTNdrWwyvXW-M56FF6-HlGNijY3qWEO226jygI5cAtBnABLmr_eSiA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe_2b1gqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEOfMDdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=LJ2EngOG2sA&uach_m=[UACH]&cid=CAQSOwBygQiDMNG1ZFNIGNpTm074D77zo1sg7M9_wOmTLquc-Hx034u5fEwlH6Y34NXq6MHGLbYV5eqZHLUfGAE&template_id=494
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/ Frame 8BA2 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/abg_lite_fy2021.js
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec25a2a97a622751d1ec7a9f41e37b52e978d5482fa38c16391f5ce1eb732c22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:31:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
1144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8785
x-xss-protection
0
server
cafe
etag
9540740394202920180
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 May 2023 08:31:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame 8BA2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/window_focus_fy2021.js
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 05:40:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
11367
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 May 2023 05:40:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame 8BA2 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 18:42:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
50856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7958
x-xss-protection
0
server
cafe
etag
8677084837583379376
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 May 2023 18:42:48 GMT
l
www.google.com/ads/measurement/ Frame 8BA2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-rXAPVEO4eqTkfUIVG_k3jade6MVCJG6UBHVGSa-yCBpCZBCnhzd_BHRv4eNgsxDn5ldfW7FP29qyL1gMOPl0kSY-UQ
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8BA2 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 08:50:24 GMT
fe5bb951bcb64b0813d5b031a6a87c6d.js
www.gstatic.com/mysidia/ Frame 8BA2 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fe5bb951bcb64b0813d5b031a6a87c6d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 04:46:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13644
x-xss-protection
0
last-modified
Mon, 08 May 2023 06:22:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 04:46:40 GMT
truncated
/ Frame 8BA2 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 8BA2
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
  • https://tpc.googlesyndication.com/simgad/4091503581208051288
107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4091503581208051288
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Sat, 06 May 2023 14:59:09 GMT
x-content-type-options
nosniff
age
323475
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109931
x-xss-protection
0
last-modified
Wed, 23 Oct 2019 12:45:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 05 May 2024 14:59:09 GMT

Redirect headers

date
Tue, 09 May 2023 23:21:05 GMT
x-content-type-options
nosniff
server
cafe
age
34159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 08 Jun 2023 23:21:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7BBD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63156
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Wed, 10 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8BA2 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a6b870be226316389ad9aebdf7b28dae75187cba9ec863595ae911c1e94eca1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 7BBD
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBOECMzfj-tajEp3yMORgI4&google_cver=1&google_push=ATf1kGN7VvVzu-5SQGzA8PPEUP2PqYLE5W1KqjUASgNCEFxRUNfkF3fuaBv8PzF6SqTSkBfAhTjHQk5ujZ5...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGN7VvVzu-5SQGzA8PPEUP2PqYLE5W1KqjUASgNCEFxRUNfkF3fuaBv8PzF6SqTSkBfAhTjHQk5ujZ5ORsSEdblOxw1hNWAp&google_hm=II1KdWjITBmB7huvzsQxjoU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGN7VvVzu-5SQGzA8PPEUP2PqYLE5W1KqjUASgNCEFxRUNfkF3fuaBv8PzF6SqTSkBfAhTjHQk5ujZ5ORsSEdblOxw1hNWAp&google_hm=II1KdWjITBmB7huvzsQxjoU
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGN7VvVzu-5SQGzA8PPEUP2PqYLE5W1KqjUASgNCEFxRUNfkF3fuaBv8PzF6SqTSkBfAhTjHQk5ujZ5ORsSEdblOxw1hNWAp&google_hm=II1KdWjITBmB7huvzsQxjoU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7BBD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF0wwuSamXiuvujgBR6FBn8&google_cver=1&google_push=ATf1kGOI8Sy2RxjIxdkMeUttGUyrkI-p7NdCzSGNirigQgVJUj_Aia_tS43bxNVF049PXbYVn0j...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhIR041N1ktMU0tNEpPNw==&google_push=ATf1kGOI8Sy2RxjIxdkMeUttGUyrkI-p7NdCzSGNirigQgVJUj_Aia_tS43bxNVF049PXbYVn0jrAqPFOqSPXbzhd45IobfyjHDF
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhIR041N1ktMU0tNEpPNw==&google_push=ATf1kGOI8Sy2RxjIxdkMeUttGUyrkI-p7NdCzSGNirigQgVJUj_Aia_tS43bxNVF049PXbYVn0jrAqPFOqSPXbzhd45IobfyjHDF
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhIR041N1ktMU0tNEpPNw==&google_push=ATf1kGOI8Sy2RxjIxdkMeUttGUyrkI-p7NdCzSGNirigQgVJUj_Aia_tS43bxNVF049PXbYVn0jrAqPFOqSPXbzhd45IobfyjHDF
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7BBD
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEA-dtjQQz9-2PseYDR_OBvQ&google_cver=1&google_push=ATf1kGPDV94GwzPysCDRy8fIy_d_bTt9LXGl88Ch7rmcqhxyUDI5BoMR-BxwLh2ASU1GUpDrKlPHC_gn0fqP1doypVvKXQ...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEA-dtjQQz9-2PseYDR_OBvQ&google_cver=1&google_push=ATf1kGPDV94GwzPysCDRy8fIy_d_bTt9LXGl88Ch7rmcqhxyUDI5BoMR-BxwLh2ASU1GUpDrKlPHC_gn0fqP1doy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ChryI5lUTmymdsm7MiQ_7w&google_push=ATf1kGPDV94GwzPysCDRy8fIy_d_bTt9LXGl88Ch7rmcqhxyUDI5BoMR-BxwLh2ASU1GUpDrKlPHC_gn0fqP1do...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ChryI5lUTmymdsm7MiQ_7w&google_push=ATf1kGPDV94GwzPysCDRy8fIy_d_bTt9LXGl88Ch7rmcqhxyUDI5BoMR-BxwLh2ASU1GUpDrKlPHC_gn0fqP1doypVvKXQH05LcN
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ChryI5lUTmymdsm7MiQ_7w&google_push=ATf1kGPDV94GwzPysCDRy8fIy_d_bTt9LXGl88Ch7rmcqhxyUDI5BoMR-BxwLh2ASU1GUpDrKlPHC_gn0fqP1doypVvKXQH05LcN
access-control-allow-origin
*
date
Wed, 10 May 2023 08:50:24 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 7BBD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGNkD29n3eDcrMm_DacRAROmltbglImth7is6uuYjYiv0WdKyGIGTZwclfYoKE4BTjHtUgVZA5DAJaYYgqALVMXcdIXBcO8v&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-40459809-b679-4d96-8f44-df4030acc15a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGNkD29n3eDcrMm_DacRA...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGNkD29n3eDcrMm_DacRAROmltbglImth7is6uuYjYiv0WdKyGIGTZwclfYoKE4BTjHtUgVZA5DAJaYYgqALVMXcdIXBcO8v&google_hm=A0BFmAm2eU2Wj0TfQDCswVo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGNkD29n3eDcrMm_DacRAROmltbglImth7is6uuYjYiv0WdKyGIGTZwclfYoKE4BTjHtUgVZA5DAJaYYgqALVMXcdIXBcO8v&google_hm=A0BFmAm2eU2Wj0TfQDCswVo
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGNkD29n3eDcrMm_DacRAROmltbglImth7is6uuYjYiv0WdKyGIGTZwclfYoKE4BTjHtUgVZA5DAJaYYgqALVMXcdIXBcO8v&google_hm=A0BFmAm2eU2Wj0TfQDCswVo
date
Wed, 10 May 2023 08:50:24 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX40459809b6794d968f44df4030acc15a003
content-type
text/html
/
onetag-sys.com/match/ Frame 7BBD
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAfC1Z4D-50wRGHcghb642k&google_cver=1&google_push=ATf1kGPVj3sXSy5jDBZwmdjqLP26z3WpurQDL8Y7IZuEQ9pbLdy1KEb-nd_rtXjebKnZzdclRjfTAl1J7Tc...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPVj3sXSy5jDBZwmdjqLP26z3WpurQDL8Y7IZuEQ9pbLdy1KEb-nd_rtXjebKnZzdclRjfTAl1J7Tc1Vo4PF-bAOi672mug
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7BBD
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENSyokv3fTDGeDJ1RlymvK4&google_cver=1&google_push=ATf1kGN3UV7uSD1V3...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENSyokv3fTDGeDJ1RlymvK4%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU5ODkzNTY5NDcwMjA4OTcwOQ%3D%3D&google_gid=CAESENSyokv3fTDGeDJ1RlymvK4&google_cver=1&google_push=ATf1kGN3UV7uSD1V3O3DY2SZVj3qObcp2R...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU5ODkzNTY5NDcwMjA4OTcwOQ%3D%3D&google_gid=CAESENSyokv3fTDGeDJ1RlymvK4&google_cver=1&google_push=ATf1kGN3UV7uSD1V3O3DY2SZVj3qObcp2RWtrOuIBdrN0Ost-NtIDU8Vj-NOGStUrwSN14NEuG1p9jTEg694Vgt2SVWJ7933hzuPTw
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 10 May 2023 08:50:24 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
138.199.38.133; 138.199.38.133; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b2faedf0-8143-4353-8778-f6e145b124b5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU5ODkzNTY5NDcwMjA4OTcwOQ%3D%3D&google_gid=CAESENSyokv3fTDGeDJ1RlymvK4&google_cver=1&google_push=ATf1kGN3UV7uSD1V3O3DY2SZVj3qObcp2RWtrOuIBdrN0Ost-NtIDU8Vj-NOGStUrwSN14NEuG1p9jTEg694Vgt2SVWJ7933hzuPTw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7BBD
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECgJlqMgN...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECg...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d6cc06c1-0005-49a6-9704-838c78779f94&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d6cc06c1-0005-49a6-9704-838c78779f94&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d6cc06c1-0005-49a6-9704-838c78779f94&%%GOOGLE_PUSH_PAIR%%
date
Wed, 10 May 2023 08:50:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 7BBD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0FRNX7lQY80YEQOEpTgP1-VjFnR8dWMDNqnEJEO8RF9sA-T-e3cs8bkrno8nXqRieZTTRHrT3
Requested by
Host: 445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
URL: https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8BA2 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:03:36 GMT
x-content-type-options
nosniff
age
301608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 21:03:36 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F9E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305050101&jk=628435908245916&bg=!aWqlaj7NAAYV_mUANf47ADkAdvg8WgrJ9nJ1CaKBuqCpcVLeoWF815IT6r2uFeKE0hiiuySlcDXw-7BOadnevq_DUHsOFNTCVrgCAAACSVIAAAAFaAEHCgAfgGxjhV9kHBnBZnYibqoPgj1BHSC8tH7jhei6KU4Xc5kC1L8ZtTv-J9tCDNTnkRdGG0UQnWRIPyWCiAmmbYxCMZ8Ug9sblOR2RR2rc2CihrR70o0SDivm_GQ_gE_QiINOGDgZLCDlmatrjwIgzM3rTa8KK5Jhha7bTrhOKqs3_88WLG8BL-mf5rR3-eoJGi7SL0u5gPLvP2Zr4kQ_PJg-JvkOe9xjwRB1vuWsWcQ55DxqbJPEMduvD56uIWQrpKs2Og3sDdcoFBr4h8-m7w2hq9hHTtgRgv5BOfSSp6xei43oUczAqX1yNpjLzaNRA0ymN20Gaul265ksXz2h2kHB7q2FCaxwxTxjFH8vtghCSq6LjmnKDmKraMW-ufTexdwdsokkt3zxn4RHQbTe1h7Drj5kHfr134o_TuSDiIi4HZrasWl3Esq3S-3T0ixEePCaJrmtHPqcQ2S0CuztkkqNgu3_MCfH0aLLa_3E65ch8HBmrZp4SWA4cfoUzViVudrFCZ0cDNAleReSAT36GwJPJRy86wV29jzyI-cpvhsSYANbr80r8XgA99_QbF_-cn0MAlcOCTouiuyQe9VkE4rgNkijKcdryVYh-r82OYwryee030Bq-qoogDrjEi2xLyW01avI29aZ96gwrElwuI20J8mc5K9JpvqQunidxxEABtU5-ESA3Ouby72S5lQTYJtSz6zMk9OOQW_fx76MZZwgtaAIcQDisCMNH1zIXkbeikUQjBIW7cjqmR5kkRcoA2jdqtqBFNLcai1on_IVxcZNyxG2SX255QMRZdQWgOYMqiLbKgg6UlfM07I7zNIi1EcBYfu8XqQy4fLumT9q3erqk_M0S4Esni9dFHyBJ2sWn877fEeRD54TD6Lp2P7Pj-VLcz85O7MYNpKKyRNEhUK-s8tOmQssCVEu4jf03XfHHScywI73jROZI5W3l_SI8Kd9lhPexcf2grUUu7s88pyoF2t0GUf3Y-Mr1d6QRGpgsydB9zdBcTo
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers
HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
pagead2.googlesyndication.com/bg/ Frame 4D76 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c5b942bd3e64ff2eaff944993c252bcbb1ba01452c9779121f41670e7a0c45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 17:33:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
54988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14734
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 May 2024 17:33:56 GMT
cm
t.ssp.hinet.net/ Frame C053 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV&mp=a917f705-b084-40be-a0db-967899e73ffa
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:24 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
a917f705-b084-40be-a0db-967899e73ffa.t.ssp.hinet.net/ Frame C053 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a917f705-b084-40be-a0db-967899e73ffa.t.ssp.hinet.net/pixel?bd=a917f705-b084-40be-a0db-967899e73ffa&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:24 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 7820 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305080101&jk=745754029244919&bg=!wsGlwZXNAAYV_mUANf47ADkAdvg8Wn1O3LjscFVCBxGIGKTbbirJWHoqHkWSXm254-qx-0w2HAGPq7Y1zH-WsF_dmcRWnlDbDyYCAAAAuVIAAAAEaAEHCgBPnhmZMmAXaUUrpKOD9WwrEQVJ9-baYOMH4vjfeMLF3mnLD49Au02v6pvXiv2enPDOaGV6KJaHRb4pKoAK4GLw8n5qrUWeWZFd5dai3ua-w5kC9XfSx5GnEUcWJV0QGYqDqPKiCLK8s6L8aOdYNnYwEnkoOnlMUy0jqDYahBta-5F9dU9Za61uFLfQ62XcU_LR33cPVLtIKaEL_X5-VKb-DjgzXmDRHRszx-QiFLN6IkLvdmCxfeWej_0zDcmdh1zDMLrMGIlMCApFAM6Sez3G9p8a9PD7QP3_DlYAslMsGpo1l4PfCo7-5iQ5LYi_DUS2HMIf1Zw1a1gXWxbuDbREdxM1s4sDyVJ8DbxpTeRj8TyegsyBJEAH5da7N_kJWmJ8YuZ1mm6_SjvczY5OuOLUMjVdUkMF61aR-Kbfuj10I3zdaLJki8F2uyQ34hDPiVWvTqG8UTlQS2WvS5pnx2bo3Yjfy4V4GLaJ24LVjuoR6XWnh10UKIFSq9gFp24-AZ17FyhuiL_w9Gkp-oOgnKRPR1ZAHbGbrBImPjeOW9YBhC8ZeLMHJNazXk4lgKXc71S-x8o-P2GCnpsqeQJ6opHF-PK0JErV18-qPOrVyF6bOEyLVeSi4B1Kfbp1eDE-27JIRsYcFROsemQZGKHJvS-MO3bJcrvnRFmEvk1qSqTj0Toc_9pV7c8dD_fxUOSE0GBj0i90H3Tj-qS-Rp_A9PXB7IaFhX1zntsae8FTug5LgIZV5BEUU15dMIi0yp_GCxVcWn1RPkrBiyQPXzucO4yfFty5eZap4I2K76fToCwU41e4k80sQMPYtP2tKyOVycjD0JLknejCngzPl6nOmap3YV-JgOUicJyUS5dC5HCGvGmJQ6I-5fYrULogUOKVJAtNZuCTrXlqFofXRBm35E2RPYdg-7jaCLht-Suxkt2Ed6Z0tZgOHwbVlw-jEX2dxYuUanID6fAUEHS9mAJtfArrHGPafVG4hZ8pRH0XjN8txL2jMhLA3FYt-9brFuDRps1hMaJHyOpNHwV596IX9It5mkKb49f6RBuWrDm31CxERmV2vbpzRbeONo1oRcKRwYVD1h8CAT885lJkwSS-CdnlJy1oMqQ8Ns0
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C41D 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f408df6b616a0868451e1a54b9f56c733c7d9fb7878c186058a3d2141f6e1eb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24951
x-xss-protection
0
server
cafe
etag
931 / 19487 / m202305040101 / config-hash: 10283026373551537385
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 May 2023 08:50:24 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/ Frame C41D 		403 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77384310d4ffb3b35481ce813a3ef4f3cbcf694e8a7a58f6698c692bdf27de5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 07:42:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
4097
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127480
x-xss-protection
0
server
cafe
etag
445900462459606666
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 09 May 2024 07:42:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame C41D 		544 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
expires
Wed, 10 May 2023 08:50:24 GMT
integrator.js
adservice.google.de/adsid/ Frame C41D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C41D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C41D 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=719151556475339&correlator=2393422993383593&eid=31074303%2C31074368%2C31074370%2C31074475%2C31074438&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=1254560718&sfv=1-0-40&sc=1&cookie=ID%3D79181be60e5a0c09%3AT%3D1683708618%3AS%3DALNI_MZ6CBJgD1WylbkfdV401rs2n9_Zmg&gpic=UID%3D00000bf8cc29823a%3AT%3D1683708618%3ART%3D1683708618%3AS%3DALNI_MaXNGkc3U1TZkgJVlwGIivr4MxizA&abxe=1&dt=1683708625012&lmt=1683708625&dlt=1683708624858&idt=117&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=u6g5p71vrui7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=6&url=https%3A%2F%2Freurl.cc%2Fo0kM9q&ref=https%3A%2F%2Freurl.cc%2Fo0kM9q&top=https%3A%2F%2Freurl.cc%2Fo0kM9q&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1234105094.1683708618&ga_sid=1683708625&ga_hid=1462968555&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29fa779676caa6b28ce26183819868a90ce730d7f6db56bedac02e95ff4e5789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10584
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C41D 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
085ad122a3476ffc6a2b99ab2aaaa95e55690624a05f74a86cb539c3141f4fdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11276
x-xss-protection
0
container.html
2a5b4833352ec5d148941f854e189e31.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 186B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a5b4833352ec5d148941f854e189e31.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 08:50:25 GMT
expires
Thu, 09 May 2024 08:50:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C41D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 May 2023 08:50:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C272 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11368
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 05:40:57 GMT
expires
Thu, 09 May 2024 05:40:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 75B5 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
835f1396320171a18cf4bba1e9b25da3606fceeab4896e71fc3db9399040a30c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F3ZXp6HFqes1cv8VUIIDeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-F3ZXp6HFqes1cv8VUIIDeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 08:50:25 GMT
expires
Wed, 10 May 2023 08:50:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
pagead2.googlesyndication.com/bg/ Frame C272 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c5b942bd3e64ff2eaff944993c252bcbb1ba01452c9779121f41670e7a0c45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Tue, 09 May 2023 17:33:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
54989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14734
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 May 2024 17:33:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 75B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305040101&jk=719151556475339&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame A279 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvu4pZXpFnqz41UD87-R5h9rI121ddN7NrEdXorc3MHDEDEEb4DV6vOog2SI-lIZ1iUxicujkhc6_aSuviTgFlcSXBRC3wK-qbQIuV-h4YQp2eYO-K89rAYJHRKcm5M7ePUdCLuo6MxfGHEOAVDtBx9iEADkVtw57DaQ130dzXY5YiucKff5Q3-bO1FNMtGIidTktPL2b-nUnSOCewjQhIdCbF0gotBsRHaIh24NpHUPWCKAmOnpKzK7wpunWVsRNS8SNC32q2iwfDPDfA7JIJzxTq8LP2qDm1uFIlaz8zrqFWmoF0Iif8efRtm7Ffws9SF_gw4UYyI4yz-QUdh4K-M9Df55iEZ&sai=AMfl-YQ1MadnCvJRdQv1dE3pYC2U4M4PHzNzE6eodGliprNIkLjAtBUr-dntT3l24-XXMDvUA4bk5au_3uGHkJgayI6thyfgHOZ8MMYrYcj7CHWWgTsd1N0amhBHtKUPtQ&sig=Cg0ArKJSzNpH81pdhkyhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame A279 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
Z6JK.Gb8ir05GRaM1kobvmatThcknVQQ
date
Wed, 10 May 2023 08:50:27 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:56 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
x-amz-server-side-encryption
AES256
etag
"6c37b2eb5706a6225b62a75a80493f4a"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17750
x-amz-cf-id
nzAVi5jVzeqMr4TB0Tlygb28O-N5msLdaHKKiEtmxc7SqAvRStosVg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A279 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 08:50:25 GMT
truncated
/ Frame A279 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ff3c199c3ed4ba7adef2cab07a44fd8c351972e5b0e1da42ef5a42b0c83ca1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame C272 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?PD46Mg
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:50:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8BA2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSyWKVovelnxXDPgfgeIghHXWu4zkdSUqgM_KihFpkBEo29mZNgqLyAJEbqj3RFPgPyvKMoY6-j1wCXu_z78wIn6CPacXiwF2XADktD9m5uHBwR4h25CWlA5bLy4gLZJyb9fsG_-TLXTmj1a0q9N8UzpZVThy4fyJo&sai=AMfl-YRomd3Mqauyz4bbH7kvVJ3YvEOIHdnjgxZBjqT9SgbMZbm4QB7XF81KEPndlzus4XsWEzUZHKy7byTpsYdUGAK_htQ12NJgd8d16gLeWf9gGcatoyFlqkj4byc&sig=Cg0ArKJSzL_0iJGH9z-sEAE&cid=CAQSOwBygQiDMNG1ZFNIGNpTm074D77zo1sg7M9_wOmTLquc-Hx034u5fEwlH6Y34NXq6MHGLbYV5eqZHLUfGAE&id=lidar2&mcvt=1000&p=108,270,358,570&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230508&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2474970467&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683708624293&rpt=199&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 08:50:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C41D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305040101&jk=719151556475339&bg=!BgWlBVHNAAYV_mUANf47ADkAdvg8WrVYtHh8Khkqe15neRYYOKaTwfdc4yszVJVSX7UZCOC2oskZAhiETjUh-F_NhD0-BipsIsYCAAAAn1IAAAAEaAEHmQMB9efrB2Hn9y3sNVSWeS3qhcSFPBzpi2Lja1ui6g8KJsqOmC3hAOxzTcH5RcvMBLm0CtjoJbjJThit0VT9SG3Kwzus8T843AtYLWxVNwhbcQ20f_2io5aL-W8b7fFQaiDgSaEjsDNqqKxwdJOusTuxuBWIB9Z5rrNd1dl-R9HCv7-kQHYFlP4j7WbkIEIWF5OL3gs00g24BGhBYC3uIigDo1IeY93ZMCiclqKZTdBt0No7xizpA5XYTkRKlDTUE9mHKhSIPfed3PaMwzaCxsk-t5JpkzN82d3a2WFvm6zPBZjIISTa1RN1Wc5la8cu4U1uYEO0m8XuKZX5VDMUVsEwP2ofcLaqd9TZi48mZglU8PT3TCo8QxHmzYQovEW12goKe65loJ_-sgKzlGiYQlGPYxR6gWaD9DLW_GPicmWzrzUAXNdSP1d7ZK3Rso-A1oX5bTTvRAh-C5YI8X8F7sBoyFWj14aF0gR5NNMZo_rwjJivQxHt3Z2VkvcYA9QA9fKb4ykQja-MFXPhWo2W6SF92EPQxQmk9idiAbKFiUVd7CW0Pac7VhE-BsARmQovzaMfpADO8SMluBzcDPz2ZehbY16FhybukOTPIwlWx9LVufpgf2EQwkXkFvjZCmBtO0Gf7D4_pbXeCQO16mML1gmnUEmJZuxoL53tM5AIpIOIxELbpdMJhYBmbNiUU13eYke4ZlVKRvRFAc0Jc6FQk7vU4xkG3x0twp_B2DIfwfQdyaz4Ig7Y9Qs8_ZPZ3WAzDfz_uNq6stmg2ImysfY49v-L12wK_OrIcQFXSCt7qVkf3z2ttHBLzt-2tCcRSJHG0pRXGEugeSq4DjXGLaMpv9CAENLpXrCEntCzlGAHZ_hUrCOYlCbAZAfC2ZAHPGSSRh7lfDjUV0tcgVNpgbeYU133kNeRNZLsQY7C6MF3IESEDQJjdgFdmRfIQcFOk5zM-X3fPm8FNXrXAI7DcW8wQMgBk9Me99r6P2BDAq8aTyDZatlvnd7KRNhJ1EgzBvOgga_O2A
Requested by
Host: reurl.cc
URL: https://reurl.cc/o0kM9q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers
create
referer-log.holmesmind.com/api/v1/kinesis/ Frame A279 		0
0
capmapping.htm
cdn.holmesmind.com/js/ Frame 0436 		0
0
edmp_init.js
cdn.holmesmind.com/js/ Frame A279 		0
0
presetfn.js
cdn.holmesmind.com/js/ Frame 0D4B 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24de::e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

x-amz-version-id
M75PhCgr4v11XCDgTBz2oJre7BG6fUhW
date
Wed, 10 May 2023 08:50:20 GMT
via
1.1 6facad9f7e9d7675fd5d35a1551a9ff2.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 07:00:54 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P4
age
14
x-amz-server-side-encryption
AES256
etag
"fda6a78844e1e6ff9ca3f87a43daaa6d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
15489
x-amz-cf-id
_SN0Z6gimdxYPq-5VSapDMImLnxP6IJL6HakzBdrt0Tqc_Msl3K0Wg==
Preset.js
adcdn.holmesmind.com/adserver/ Frame 0D4B 		1 KB
755 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:b800:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.53 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:46:51 GMT
content-encoding
gzip
via
1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P2
age
215
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
B5fcbNnHP5N5z5igM_pXpspahfL0TlhRxR5kV-WatizdLQ8HuRc6jA==
ads.js
ad.holmesmind.com/adserver/ Frame 0D4B 		0
0
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 0D4B 		0
0
publishertag.js
static.criteo.net/js/ld/ Frame 0D4B 		0
0
criteoV2.js
cdn.holmesmind.com/js/ Frame 0D4B 		0
0
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 0D4B 		0
0
appierV2.js
cdn.holmesmind.com/js/ Frame 0D4B 		0
0
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 0D4B 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19487.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1007466523&__s=%3A%3A5kp9ik&__hsi=7231473450385621821&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw6awZwaOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwiU8U6C0L836w&__csr=&__sp=1
Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
referer-log.holmesmind.com
URL
https://referer-log.holmesmind.com/api/v1/kinesis/create?zone_id=14210&domain=reurl.cc
Domain
cdn.holmesmind.com
URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
Domain
cdn.holmesmind.com
URL
https://cdn.holmesmind.com/js/edmp_init.js
Domain
ad.holmesmind.com
URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2Fo0kM9q&n=770&o=1&fc=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&d=1&b=2&ts=1&ii=2&FPCK=2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d&fp_uuid=2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36&initver=230331P
Domain
cdn.holmesmind.com
URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.js
Domain
cdn.holmesmind.com
URL
https://cdn.holmesmind.com/js/criteoV2.js
Domain
cdn.holmesmind.com
URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Domain
cdn.holmesmind.com
URL
https://cdn.holmesmind.com/js/appierV2.js
Domain
cdn.holmesmind.com
URL
https://cdn.holmesmind.com/js/appier_mainV3.js

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS function| fbq function| _fbq string| partnerId function| hiball object| __hitagCmdQueue function| gtag object| dataLayer function| Vue object| renews function| getRenewsFeeds object| app string| labelToken string| category string| GoogleAnalyticsObject function| ga object| Scupioads function| hasOwnProperty object| scupiosdk object| SD object| device function| sitemajiDebugger object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| brWidgetInit object| truvid_protected object| hitag object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_syncframe_state

45 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1683708618.1.0.1683708618.0.0.0
.reurl.cc/ Name: _ga
Value: GA1.2.1234105094.1683708618
.reurl.cc/ Name: _gid
Value: GA1.2.2059435902.1683708618
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _fbp
Value: fb.1.1683708618567.323625289
.doubleclick.net/ Name: IDE
Value: AHWqTUnaaUlJ2lVoevEmI4YpEmy9FL4ZYXjhw2URBE7EVj27TbxKMux7SyGv2ssvudc
.prnasia.com/ Name: __cf_bm
Value: XOI70iXfFX3GD.tFV5X9NjuHrHm2VysxXn4wG0UnHik-1683708619-0-AWzxJJwRFiOYj5rk+BwT10IUEGPtMBpUMkbvNvyCncK81NTQRaxlFohYQTwHShAKihwh8IwEfuu93mIi8LyOhbk=
rt.ad-score.com/ Name: token
Value: FDZAmmPKBTnxl-lw28-wKhBXdqWWzcrC
.hinet.net/ Name: uuid
Value: a917f705-b084-40be-a0db-967899e73ffa
.reurl.cc/ Name: __htid
Value: a917f705-b084-40be-a0db-967899e73ffa
.reurl.cc/ Name: _ht_em
Value: 1
.reurl.cc/ Name: _ht_a546ca
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.reurl.cc/ Name: __gads
Value: ID=79181be60e5a0c09:T=1683708618:S=ALNI_MZ6CBJgD1WylbkfdV401rs2n9_Zmg
.reurl.cc/ Name: __gpi
Value: UID=00000bf8cc29823a:T=1683708618:RT=1683708618:S=ALNI_MaXNGkc3U1TZkgJVlwGIivr4MxizA
.criteo.com/ Name: uid
Value: 319d208f-8c9c-4750-8035-10969e369df4
.scupio.com/ Name: fxc
Value: 1
reurl.cc/ Name: CFFPCKUUID
Value: 3997-V45emHtYaNPesKpjWlesvHTROEUWkQ0Y
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 2847-QvRdxeNfcHm4oeesPyP3gFEteE7tiL2d
.reurl.cc/ Name: FPUUID
Value: 2847-f8d595890990b202d278b9424ae622335cbb6628d3be58daf2d6e04f1b080b36
.scupio.com/ Name: gx
Value: H4sIAEzLW2QA%2fxNmYGDg4uZ4cKXx5ebzL6wFWIVYOOwFmADW9GkZFwAAAA%3d%3d
.holmesmind.com/ Name: Vision
Value: 20230510-23:59,20230510-19,20230510-19,20230510-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: P
Value: 793072-6uPFUcbIqJB2njtqqulrb9Zpsw0KOqGV
.scupio.com/ Name: gxc
Value: 1
.aralego.com/ Name: sspid
Value: 4c7d0136-7929-37c4-be3e-ec2f37f0e7d9
.scupio.com/ Name: OrgKeyValue
Value: CGA20230510165020907155
.reurl.cc/ Name: _ht_hi
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBM1aW2QCECCBHl5_Anz5O1cVBgrNxHQFEgEBAQGsXGRlZAAAAAAA_eMAAA&S=AQAAApIVZsdL7ImxRTeAj_g2WkE
.c.appier.net/ Name: _auid
Value: ySVu1Xd3ASaChGomzlpbZA
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.doubleclick.net/ Name: DSID
Value: NO_DATA
.bidswitch.net/ Name: tuuid
Value: d6cc06c1-0005-49a6-9704-838c78779f94
.bidswitch.net/ Name: c
Value: 1683708624
.bidswitch.net/ Name: tuuid_lu
Value: 1683708624
.ctnsnet.com/ Name: cid_208d4a7568c84c1981ee1bafcec4318e
Value: 1
.ctnsnet.com/ Name: gid_CAESEBOECMzfj-tajEp3yMORgI4
Value: 1
.adnxs.com/ Name: uuid2
Value: 5598935694702089709
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-40459809-b679-4d96-8f44-df4030acc15a-003%22%7D
.360yield.com/ Name: tuuid
Value: 0a1af223-9954-4e6c-a676-c9bb32243fef
.360yield.com/ Name: tuuid_lu
Value: 1683708624
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-40459809-b679-4d96-8f44-df4030acc15a-003%22%7D

1 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02370b8c7026e2b0f1d212b2dd1e5be0.safeframe.googlesyndication.com
2a5b4833352ec5d148941f854e189e31.safeframe.googlesyndication.com
3cf1d8dd06247e1188d25ef7bb0a7180.safeframe.googlesyndication.com
445c7de659cff2a9d2bc814c439107c5.safeframe.googlesyndication.com
908720a3b42788c864e2b8e453bedaf6.safeframe.googlesyndication.com
a917f705-b084-40be-a0db-967899e73ffa.t.ssp.hinet.net
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
adcdn.holmesmind.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
anymind360.com
bidder.criteo.com
blog.alphaloan.co
bw.scupio.com
c.holmesmind.com
cdn.ampproject.org
cdn.holmesmind.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cnt.trvdp.com
connect.facebook.net
creditcards.com.tw
eus.rubiconproject.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
go.trvdp.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i0.wp.com
img.gbyhn.com.tw
img.scupio.com
m.holmesmind.com
match.360yield.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-apac.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
re-news.tw
rec.scupio.com
referer-log.holmesmind.com
region1.google-analytics.com
reurl.cc
rt.ad-score.com
s.trvdp.com
scontent.xx.fbcdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
sync.1rx.io
sync.aralego.com
sync.targeting.unrulymedia.com
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
x.bidswitch.net
ad.holmesmind.com
cdn.holmesmind.com
fcm.holmesmind.com
referer-log.holmesmind.com
static.criteo.net
www.facebook.com
103.132.192.30
13.32.99.3
13.32.99.7
142.250.185.162
143.204.215.89
143.204.89.50
15.197.193.217
151.101.65.55
162.210.196.208
172.105.221.240
178.250.1.11
18.200.127.67
185.89.211.12
192.0.77.2
192.0.78.135
192.0.78.236
192.96.203.13
2001:4860:4802:34::36
203.69.60.96
203.69.60.97
203.75.214.136
210.59.219.181
213.19.147.44
23.212.211.47
23.37.42.132
2600:9000:2250:b800:3:1794:2540:93a1
2600:9000:24de::e06c:e940:93a1
2606:4700::6810:fd04
2606:4700::6811:180e
2620:100:a001::18
2a00:1450:4001:806::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c08::9c
2a02:2638:3::3
2a02:2638:d::d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::485
2a05:d018:d29:3605:fdf6:466d:232e:738
2a06:98c1:3120::3
34.102.176.152
34.149.120.3
34.95.67.231
35.156.89.16
35.185.130.121
35.185.136.122
35.186.193.173
35.186.215.140
35.190.36.98
35.201.76.93
35.208.216.174
35.227.249.156
35.244.196.223
43.206.25.0
51.89.9.254
52.196.80.88
52.197.3.36
65.9.66.43
69.173.144.139
69.173.144.165
69.173.158.64
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
02b0fb673a3e6b1bbebc75b910496206c0aecf6f90782e72fb1a319c91390aaf
032ac2738c9a3466cfeafb0692fbc1f83aab781d04602588c270f0d8a5a4f49b
085ad122a3476ffc6a2b99ab2aaaa95e55690624a05f74a86cb539c3141f4fdd
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1
0d286a87737ce10b4d9d59c7559319f7e941aa6578c497c3f09b54308079f0d9
0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774
0e7ae7978e9374bdfa25d15aa5622977abdd1a1844f24d5e4b98da369f03a2cf
0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
1205eeb6d4ecac66e4aaa55d1c67964891de7ce10a5af8d41f57397529dc963f
12bf153fa82e96952391d98784dcf74e4ce28353a02d0f9cddc88bee0a98b6f6
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2
191909daedb34baf022f6e858758a9eb6a954f4205db65f1f8e79bb8a1747ab4
19b5717520dca15d78eab5b157ebc21a9c4fa01fcaf81de1fc47368691be4743
1ae126c4d0b642d6408e2fe2987ae44530739be7afd592de717330826359dd05
1bfc2e2068ee2ce434a9273fee1accffeeacdad69ce3c220d9daa5fbed639a62
1c5b942bd3e64ff2eaff944993c252bcbb1ba01452c9779121f41670e7a0c45c
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
20afd36026d6215327cb696bc82bf62f8a9275c2bf5929fae4d65f0c20f3f1fd
247c7e7682de3fcacadc70efbdeb196b761ca496843295058ab3f1aa0abf8389
25416120818605e620362a60ac860c8ac3642d1dbed1d4e8a68fc33facc9afee
25d4af745432f8e083a866ab91fdea004f4fa647c62720c5a9ccad702d5b297c
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
29bcdf32386c24501a2c009a965eb49b179eb5b3d3271d00d110bdf326e68c39
29fa779676caa6b28ce26183819868a90ce730d7f6db56bedac02e95ff4e5789
2a6b870be226316389ad9aebdf7b28dae75187cba9ec863595ae911c1e94eca1
2aeef005480752a3d08a34baf081380b8a21fa73a19f3836bc54f37a9fbefc7e
2c01d866f121ed8a84a1a9fd0ace431a7adb59898544940b406df1909dc60427
2e5abf2e9f21e9e0431e2d8f6b3b27bd5922f522c534ea519bcec87b40e64d04
2ed4e5d75a55369e7f69611af38ade2e22affa5844aab9c759a19c6d69e03733
2f14a0de8294143517f64c5df008140880202baed6e5fee89f7e50b528f92b68
2f40eec74eadfe630474d2e05285e9c8a8aa47eb1ebef18c176422f11709f3ca
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
3464ee934f5f50d54db9567cd54320aa259dc2f8089c8dc6c5c9ca0442fa89b9
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
3686dd034b95dee98b08d0dc82b0250a8c852142a11f5b21bb67599aac220c72
36f09ceb25af8bbf8606d7a202c581652ef4e3fa750ac38214c17ec2fcaa99e2
374e9d8518a7b50116f49afa5080d72fee48d9d82dba1948932d15134a341c57
39a868cc138b7cc9574193f69e769e04edc922134b24d0535ea909432dff0ae9
3ad46e47857ff04c1ef14c3c93e5b7534bdb42bfd8e7356891fb62c2fe3f7446
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d9a612f852ba9f3564e53516bcd21b0283341c3b3655c3f439f2e84bdc4faa2
3f070302c2828036182da439c7592ebfcf3496a1a93e68e1da13e757e5b0fd2f
3f69630ede703f500c5dee83d1cf15469265993951d2397c134da8f60af3cfdf
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4598aacc92f06a61ae939c7190912dc237228d726c0651932b3f2a06ed4faf00
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469a27a5bd460e05dfee49f42dbc0272fba339852731395328573b311dc173c1
475842a40aa11c2148de039432cc4addf6c8c1f28b76af91f44d66e64c1f33c1
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
48d6839e3e3304dff530f2cb7e70764108aa6db49f20c5c7cec01e8fda7dd6c5
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b
4970577cf117b038931112e0e6b702395dc14b5bec9d93729fde89d17667e97d
4a30d49710e9c49ef9651512529fb7422c1666e353a9e31ac508a69e8fe87550
4c256c062b9e79df621df93e3d47017fa2317985efcfc829ff819780fee21fb7
4c9692bd2f42e4d4dc362f7ff2f5f99651b27c0289f60e1a8de4ffe51bf78c3d
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4f2550e7b2d196012cba43a5342aa57a7a577c7b212f0f168be54b0ba7ba90b0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50f1e9fb7e043b6cea564efa5f71a24218e8c3ffce1a33587007eafa8613661a
51646fc33f9da007610a2064f0668034b80e3b7c25dbdd74f1d5c5da5ee55a96
51921cc9790138c4c5bdebded2b985851dcadde426dafff65fb90da1a43fa97a
52439a5dcf8bf6fb26966a7822072ddc0257dc963f302a9d5c38ac4e775af8a0
527562c5eafdba582d710aa4a87b5214e7a32a224ed12055c345e06ad4029567
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5440afdfaf6cb07a005c0a1a556fb14d1915e0f7c3cb9d13056cbc782e344012
549a9c73a97392bd323fe69ccda4015bc15820b9e377cc99a2566da236a0b727
55453f9b9b55f7f30512bc52abd6e7194b1d7bde47f7ce8ed40c8faeddb9973b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56baa57e0239dcc012df1180ca809db66046e9688510327b63c61a3dfc2aabf1
5700bfcb505c60e0f1a05212cb1f4d394dee20e56920da711271b926938f4d6b
582c4235552c12c2645cfac538de11dbadb3276b9d133be514c4ed76956ed34f
5c52f9af250bad11669abb45bbceb8087afd5d74b900f141ab275d0e2a68b4f0
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6169c57175685f7c6a284bc39d065ddf7dc2bd0b62b459b25b92f2f8d689a5e9
61b3cb7a1724d28331a569948438c880ca387f663687a61828d6dc877826e71d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626ca6a5c8ffad1c09b52f1e27959674cbe23c9cf526e180e5115558c9b5e2b4
6331282d1fbd0c91fd08bbf05c8849a1d5d0857599385931fe8cef4d586d9e3a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67988687e1abdb7513a40ec60f8ed45c834949e86c1c9fa76983d00590ce0da4
6b554798adaf5cb8c2c6f2607f28041ccb952a5727fac5ef07aa1024cab81a74
6e0af4ff8d2333101980b23d267001b561f516ae318379a6e7992b49640c0ac0
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
77384310d4ffb3b35481ce813a3ef4f3cbcf694e8a7a58f6698c692bdf27de5e
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7964ed6e6e2e6a48d95d19d05efd72d7c68292e0a79be8ced36af27edc7be2bb
7b366c506ee88c74e2c8b5605c596afe360f054f737099053888afbaf342ad80
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7ff3c199c3ed4ba7adef2cab07a44fd8c351972e5b0e1da42ef5a42b0c83ca1a
81a83ad8c65b893ec909609444e653b7e0be9395ccf59016e03284e0d1a13844
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835f1396320171a18cf4bba1e9b25da3606fceeab4896e71fc3db9399040a30c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8653875c23467140d5fb1348d8520a8aa0ea0cf95dc6997c506a5c26a7412f06
86930ec4b1bb739f8d41a0c0e9c923999f9a00eea544b20c9bd1ec3b1314045d
86df418d759487f91b379ac929723336e45cf28b31395bb383bc4439b2150125
8804179d4455fb6e29325fe79d0f98396fd305e1de6067621c6f42e7054a7671
8aa2fd2ba5f420936e45859aa1a7bdd856759604a02f91e1cc67ece7faa7de26
8b20dfc629819cbd50f6e1875a263c09747b871b1bdd01e6be4fb97b43267fca
8c4c842b7e685fd6586e8fa1626d1c05ffa35063b89cf19e0ddcde88a03d76d6
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8d2fcc495189430b96578537046dc018a8f35ce50167af818560d1b032c4b201
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc1f8352569662cbb0e100fe0f7459cfcb0682a67bd50e5246059ba2e97a42a
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
9521562582cce8c20dc4e62e619a707d5484ee08f7ae6644888bbe19637afee7
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9d86efc47e5f72d50883431b08ebc559e9ff4b7ab366c3bb10a402fcbe154f4d
9d9895d97a9e25133808d45a2ec3129f28bdf3652f97e24d39b74d6a8772cabd
9e1de442462626bb4aca6238038502b12d2a55b007d35fa49cef6eaa5698e2fa
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ecd4e7843f749e744f5385eaa6bb8e38238e2c8a46e9d4ef9b17fe81354532d
9f2aa6af4c0a4d80f08fb43a67de08fa12534cae17a1a1b5aa3a6b903638cea6
9f7bd306a36a6bd71f0e45a65367f0e48082255d89a849874c440bdf201a2551
a0b22701a98fe4d430b23700f66c6f11a7f2b6befb7d44b6b3fd0f34ebbc3251
a120875c161afadebbf66c1b61c70b771511dec29d4c897cc9707eabaf283dab
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57b89af110a4f2fe1576ccbe0c16a9bf6890ed81cc04c69f9ec9f7bb41314b1
a6e574ac8407b2bc117178cac36692c418de322544cfd404cc70f9ca1780afce
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa205af677ac592a53862b9c2326e6d4c9710039f646487dd54c354e2f98952c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee80027210ae75f2e8fb3327baa7cb67340c226af488b7aeba254096073e4e4
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b1d44689547b20fc05e5a1c9918b1f9fff3081e6bd6228fafcdbe5bdd3f7b2ac
b390cf9c148f7e972f84f636f87848422051b694d25b4fa0f3c5c09e09b95a4e
baebbf8e46dbb8a4b694b287086d07bc4787261da8bc8c32920dc052ce00fe8f
be73bb089d3880699edb698c4dd5b45c89419e9d61e2666ae93729b3c579a230
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c066183e0175e164f9d69b02a4436696300dd687c7f32bf09978cdcdbf0a76ac
c311a11312e199b80645e0faf674b901a1b055da7deda8975871a9c903dc5db4
c363d8d02bbcf937db6da67eb083cb6bbbd416255901f974b2c5d59c0e6e1eeb
c3c61752fc7f71168a77f9e8b07724d982bbd5db22a9fe0857138b7a490f4aae
c6b59ebd31ff100d883cffbd16b2ee8a0ab2263c3e2372f2a5a8dcbc824f9a44
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cbb78584768f3d8a338e27912fa26ad8a44dc1b010f4625fceded9ac340865dd
cc5ae68fbb8773f73a078e1495306c471333facc8ef38376117d718dcf1b7052
ce6009784549f23bc40aad1f3d36249eaea5ec40bda20b7d6fde9d991ec5d3ba
ce8384b626fbf122bbea4c0a4b10efac44a5dc37747bfa1dabb1902b3421d377
cf52685901e43d4ef0f97c590cad9066e283d53968f835add3f9521528c61e8c
cfa20cf8b12f3337a7b1b32bfc78b5a12e994aff914d9a5216246df8e1a8fcfa
cfb9efc885f20a99b4de4a37da33b3d25262b880f14df6b13aadd0c3e3754944
d0c3b85d2174280ee750bcd7e490a38b68338a14daad6bedada0d42e03461c87
d1ab6b09ba601f19aa8b8a7902e4252158e7c938c3f09163079e026600c87128
d393ee22f55ce463605c8bd1f2180d1eae34e042463797945e7c30518542183d
d464da3ea767548eba585d8f21deb98208c72bf6b70dc9e9317c2b610dad2d30
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
da4dbce9f2433beef02f55a779004ac1f1bc8ed34d2557707fe77c7f6f6f64f7
db1596ab27328bf00f34bf03ba07f4f34431a273b4544186f6177d8e776dda53
db98a415b9c81140352c3d5cfdf0522c47b199a4fb206651bc1cce677f95a51b
dd9eb36d733db60322c2271c67e840033f5238abd49831792f6fc0e333d5ca6e
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
e0f15e25c33e40deccdfea8bcb423ba48b4bee5825ce90f463f35800f2200101
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e527755186d1e662236338e946e9729165c70d428e433b0af4264aec7a2f0230
e7502670d6ba7bc9801375a17c95e9a01b68828e8f4eb6dba1bea47e78d8967e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e959f828018ed0f6df736ef5c5147b20c58ecf9bf998d92eec52db498604a03a
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
ea305a5fd53962458bc3120e697f3fd174f35c7286ddbc7e63a34f4186390315
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b
ec2542dbd2c36f584f663ecb375d31c4395d93154ab994c3cca3f6b5330a90be
ec25a2a97a622751d1ec7a9f41e37b52e978d5482fa38c16391f5ce1eb732c22
ec9c9a70f678595914a96276d728bca4c58ccb3e5829139cc08e8c4638501bf7
ee5dd0a4359b47cc49bbeaa01ee01d9ab77226267bc4999dce2331f35dd4b930
ee75ccd4f8f03b1183192e9b79898a7344958039be8a88d7864422dd8d2e1918
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef75043c121e8e3babf5d1eb1e1e740db401f7b0f698c5ab1c5b04ab0195a32a
f3414ea2767bf065a677b13f162601b28219f5c99040d26bb12a5717af67bdf8
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f408df6b616a0868451e1a54b9f56c733c7d9fb7878c186058a3d2141f6e1eb2
f4324875926c2de99a93c8da643403b868d0a7779a9a4a74ddd7c0844617f834
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5878af3044dd9236fc495c79b3e6b363d09c569bf128d5ed851bcffba1336fb
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8ebe2eaaafd97f1bf18fab713d8d53e890c9fd0b09348c0a8d19c4d518b8390
fa3dbcafc6697c7220329a5fbf7769030b593bb42f70edc4ef844cc0edfa688d
fc33c22d4e5683886ae5bd007a5d7dc4550fc52149efa7dfb6eaab141f0022c6
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fd7d71674381440c7b4e6a862f9fb2cea412eed0dfbb1907efcde7e072a08a91
fe3c06eeffb10add536e52ac60fb6cccc3ea545d6fa16231830de8c4630d4851
ff7752702f4c4c362f1eaec396e6aac8a0aadf3def7dc0817e558c60ce20f0c5