reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://reurl.cc/
Effective URL:
https://reurl.cc/main/tw
Submission: On June 20 via manual (June 20th 2022, 7:27:25 am UTC) from QA — Scanned from DE

Summary HTTP 398 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 62 IPs in 9 countries across 56 domains to perform 398 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 220180.
TLS certificate: Issued by R3 on May 25th 2022. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	35.185.130.121 35.185.130.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.149.98.30 34.149.98.30	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 1	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	2600:9000:206... 2600:9000:206f:4a00:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	23.75.245.170 23.75.245.170	16625 (AKAMAI-AS) (AKAMAI-AS)
3 9	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
46	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
6	2600:9000:225... 2600:9000:2250:2400:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
1 3	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
8	52.197.44.129 52.197.44.129	16509 (AMAZON-02) (AMAZON-02)
18	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9 18	34.96.119.68 34.96.119.68	15169 (GOOGLE) (GOOGLE)
9 9	103.3.63.48 103.3.63.48	63949 (LINODE-AP...) (LINODE-AP Linode)
6	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
5	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
6	34.117.219.39 34.117.219.39	15169 (GOOGLE) (GOOGLE)
1	192.0.78.244 192.0.78.244	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.176.152 34.102.176.152	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.78.187 192.0.78.187	2635 (AUTOMATTIC) (AUTOMATTIC)
4 8	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
4	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
8 15	142.250.179.162 142.250.179.162	15169 (GOOGLE) (GOOGLE)
3	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
4	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
19	54.95.78.196 54.95.78.196	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	199.115.117.82 199.115.117.82	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	2606:4700:20:... 2606:4700:20::681a:467	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:9000:224... 2600:9000:224a:9c00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3 5	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
2	142.251.36.2 142.251.36.2	15169 (GOOGLE) (GOOGLE)
1	82.113.101.132 82.113.101.132	() ()
398	62

9 35.185.130.121 (Taipei, Taiwan) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com

storage.reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.17.46.53 (Amsterdam, Netherlands) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2600:9000:206f:4a00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.75.245.170 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-245-170.deploy.static.akamaitechnologies.com

static-tagr.gd1.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.201.76.93 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5ab4284c-7222-4470-8b2e-ddb7b5817a6c.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c23fe1b8-4f6b-4d64-bb52-0e56731edff0.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2250:2400:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

tw-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.87 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.197.44.129 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 34.96.119.68 (Kansas City, United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 103.3.63.48 (Singapore, Singapore) 9 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li819-48.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.117.219.39 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 39.219.117.34.bc.googleusercontent.com

fp.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.244 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:1::13 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.179.162 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s41-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 54.95.78.196 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com

ccm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.115.117.82 (Oakton, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:9c00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.96.200.41 (Catonsville, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c4654169556448e66cc743b8ef973a26.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.142 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.36.2 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s44-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (None, )

ASN- ()

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
101	holmesmind.com 3 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 131430 c.holmesmind.com — Cisco Umbrella Rank: 99037 fcm.holmesmind.com — Cisco Umbrella Rank: 143768 adcdn.holmesmind.com — Cisco Umbrella Rank: 133649 ad.holmesmind.com — Cisco Umbrella Rank: 87281 fp.holmesmind.com — Cisco Umbrella Rank: 129810 m.holmesmind.com — Cisco Umbrella Rank: 235070 ccm.holmesmind.com — Cisco Umbrella Rank: 307467	269 KB
46	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 88598 5ab4284c-7222-4470-8b2e-ddb7b5817a6c.t.ssp.hinet.net c23fe1b8-4f6b-4d64-bb52-0e56731edff0.t.ssp.hinet.net	33 KB
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 150 c4654169556448e66cc743b8ef973a26.safeframe.googlesyndication.com	584 KB
37	criteo.net static.criteo.net — Cisco Umbrella Rank: 605 csm.eu.criteo.net — Cisco Umbrella Rank: 6838 pix.eu.criteo.net — Cisco Umbrella Rank: 6662	257 KB
27	appier.net 18 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 35046 gocm.c.appier.net — Cisco Umbrella Rank: 2561	4 KB
26	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 125 cm.g.doubleclick.net — Cisco Umbrella Rank: 217 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 283	205 KB
24	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 394 mug.criteo.com — Cisco Umbrella Rank: 2507 bidder.criteo.com — Cisco Umbrella Rank: 739 ads.eu.criteo.com — Cisco Umbrella Rank: 6834 widget.fr.eu.criteo.com — Cisco Umbrella Rank: 15882 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 8615 dis.criteo.com — Cisco Umbrella Rank: 750	137 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 265	294 KB
10	reurl.cc 2 redirects reurl.cc — Cisco Umbrella Rank: 220180 storage.reurl.cc	20 KB
8	google.com adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 9	3 KB
6	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 17344	1020 B
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 444	127 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623	4 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 613	2 KB
4	aralego.com 1 redirects ads.aralego.com — Cisco Umbrella Rank: 31192 sync.aralego.com — Cisco Umbrella Rank: 2588 Failed	2 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 7295 www.google.de — Cisco Umbrella Rank: 5111	2 KB
3	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 4553	45 KB
3	lndata.com cm.lndata.com — Cisco Umbrella Rank: 172231	1 KB
3	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 247 secure.adnxs.com Failed	3 KB
3	mookie1.com static-tagr.gd1.mookie1.com — Cisco Umbrella Rank: 42563 tw-gmtdmp.mookie1.com — Cisco Umbrella Rank: 353918	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	20 KB
2	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 417 Failed	951 B
2	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1278	1 KB
2	scupio.com prebid.scupio.com — Cisco Umbrella Rank: 57206	186 B
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 861	694 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 91	9 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	34 KB
1	o2online.de portal.o2online.de	639 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 813	334 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 384	265 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 687	534 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	43 KB
1	smartadserver.com rtb-csync.smartadserver.com Failed ssbsync.smartadserver.com — Cisco Umbrella Rank: 1292	75 B
1	alphaloan.co blog.alphaloan.co	274 KB
1	racingcharger.tw img.racingcharger.tw	184 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3432	38 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5553	1 MB
1	gbyhn.com.tw img.gbyhn.com.tw	46 KB
1	creditcards.com.tw creditcards.com.tw	53 KB
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 555	5 KB
1	re-news.tw storage.re-news.tw	5 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 246	5 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 10130	724 B
0	bing.com Failed c.bing.com Failed
0	adingo.jp Failed cs.adingo.jp Failed
0	yieldmo.com Failed sync-criteo.ads.yieldmo.com Failed
0	360yield.com Failed ad.360yield.com Failed
0	pubmatic.com Failed simage2.pubmatic.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
0	teads.tv Failed criteo-sync.teads.tv Failed
0	smaato.net Failed s.ad.smaato.net Failed
0	outbrain.com Failed sync.outbrain.com Failed
0	media.net Failed contextual.media.net Failed
0	rubiconproject.com Failed pixel.rubiconproject.com Failed
0	dable.io Failed adx.dable.io Failed
0	yahoo.com Failed ups.analytics.yahoo.com Failed ads.yahoo.com Failed sp.analytics.yahoo.com Failed
398	56

	Domain	Requested by
45	cdn.holmesmind.com	reurl.cc cdn.holmesmind.com ad.holmesmind.com
37	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
27	pagead2.googlesyndication.com	reurl.cc pagead2.googlesyndication.com tpc.googlesyndication.com ads.aralego.com securepubads.g.doubleclick.net googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
19	ccm.holmesmind.com	reurl.cc cdn.holmesmind.com
18	ad2.apx.appier.net	9 redirects reurl.cc
18	static.criteo.net	cdn.holmesmind.com reurl.cc ads.eu.criteo.com
15	pix.eu.criteo.net	reurl.cc
15	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
14	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net s0.2mdn.net
10	s0.2mdn.net	reurl.cc s0.2mdn.net
9	gocm.c.appier.net	9 redirects
9	c.holmesmind.com	3 redirects reurl.cc cdn.holmesmind.com
9	reurl.cc	2 redirects reurl.cc
8	gum.criteo.com	4 redirects static.criteo.net
8	ad.holmesmind.com	cdn.holmesmind.com reurl.cc
6	fp.holmesmind.com	cdn.holmesmind.com
6	prebid-asia.creativecdn.com	cdn.holmesmind.com
6	adcdn.holmesmind.com	cdn.holmesmind.com
6	cdn.jsdelivr.net	reurl.cc
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	5ab4284c-7222-4470-8b2e-ddb7b5817a6c.t.ssp.hinet.net	t.ssp.hinet.net
5	www.google.com	reurl.cc tpc.googlesyndication.com googleads.g.doubleclick.net
5	fcm.holmesmind.com	cdn.holmesmind.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net reurl.cc
4	c1.adform.net	4 redirects
4	csm.eu.criteo.net	reurl.cc
4	c23fe1b8-4f6b-4d64-bb52-0e56731edff0.t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net reurl.cc
4	bidder.criteo.com	static.criteo.net
4	mug.criteo.com
3	securepubads.g.doubleclick.net	cdn.aralego.net securepubads.g.doubleclick.net
3	cdn.aralego.net	reurl.cc ads.aralego.com
3	m.holmesmind.com	cdn.holmesmind.com
3	cm.lndata.com	cdn.holmesmind.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	ib.adnxs.com	1 redirects static-tagr.gd1.mookie1.com reurl.cc widget.fr.eu.criteo.com googleads.g.doubleclick.net
3	www.google-analytics.com	reurl.cc www.google-analytics.com
2	googleads4.g.doubleclick.net	reurl.cc
2	sync.aralego.com	reurl.cc ads.aralego.com widget.fr.eu.criteo.com
2	eb2.3lift.com	reurl.cc widget.fr.eu.criteo.com
2	dis.criteo.com	reurl.cc
2	cat.fr.eu.criteo.com	reurl.cc
2	secure-gl.imrworldwide.com	reurl.cc ads.eu.criteo.com
2	widget.fr.eu.criteo.com	ads.eu.criteo.com
2	ads.aralego.com	1 redirects ads.aralego.com
2	ads.eu.criteo.com	cdn.holmesmind.com
2	prebid.scupio.com	cdn.holmesmind.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.facebook.com	reurl.cc
2	static-tagr.gd1.mookie1.com	cdn.holmesmind.com
2	connect.facebook.net	reurl.cc connect.facebook.net
1	portal.o2online.de
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	c4654169556448e66cc743b8ef973a26.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	blog.alphaloan.co	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	i0.wp.com	reurl.cc
1	static.wixstatic.com	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	creditcards.com.tw	reurl.cc
1	www.google.de	reurl.cc
1	static.xx.fbcdn.net	www.facebook.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	tw-gmtdmp.mookie1.com	reurl.cc
1	storage.re-news.tw	reurl.cc
1	cdnjs.cloudflare.com	reurl.cc
1	cdn.rawgit.com	1 redirects
1	storage.reurl.cc	reurl.cc
0	sp.analytics.yahoo.com Failed	reurl.cc widget.fr.eu.criteo.com
0	c.bing.com Failed	reurl.cc widget.fr.eu.criteo.com
0	cs.adingo.jp Failed	reurl.cc widget.fr.eu.criteo.com
0	sync-criteo.ads.yieldmo.com Failed	reurl.cc widget.fr.eu.criteo.com
0	ad.360yield.com Failed	reurl.cc widget.fr.eu.criteo.com
0	rtb-csync.smartadserver.com Failed	reurl.cc widget.fr.eu.criteo.com
0	simage2.pubmatic.com Failed	reurl.cc widget.fr.eu.criteo.com
0	x.bidswitch.net Failed	reurl.cc widget.fr.eu.criteo.com
0	criteo-sync.teads.tv Failed	reurl.cc widget.fr.eu.criteo.com
0	s.ad.smaato.net Failed	reurl.cc widget.fr.eu.criteo.com
0	sync.outbrain.com Failed	reurl.cc widget.fr.eu.criteo.com
0	contextual.media.net Failed	reurl.cc widget.fr.eu.criteo.com
0	pixel.rubiconproject.com Failed	reurl.cc widget.fr.eu.criteo.com
0	secure.adnxs.com Failed	reurl.cc widget.fr.eu.criteo.com
0	adx.dable.io Failed	reurl.cc widget.fr.eu.criteo.com
0	ads.yahoo.com Failed	reurl.cc widget.fr.eu.criteo.com
0	ups.analytics.yahoo.com Failed	reurl.cc widget.fr.eu.criteo.com
398	89

This site contains links to these domains. Also see Links.

Domain
imgus.cc
youtils.cc
re-news.tw
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2022-05-25` - `2022-08-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
storage.reurl.cc GTS CA 1D4	`2022-05-06` - `2022-08-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-29` - `2022-06-27`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2022-05-04` - `2022-08-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
static-tagr.gd1.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-03` - `2022-12-01`	a year	crt.sh
*.ssp.hinet.net	`2021-10-12` - `2022-10-12`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2021-10-13` - `2022-11-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
tls.automattic.com R3	`2022-05-18` - `2022-08-16`	3 months	crt.sh
*.gbyhn.com.tw E1	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-30` - `2022-10-27`	6 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.lndata.com GeoTrust RSA CA 2018	`2021-11-29` - `2022-12-07`	a year	crt.sh
*.t.ssp.hinet.net	`2022-04-14` - `2023-04-14`	a year	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-18` - `2022-08-13`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-12` - `2022-09-12`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-21` - `2022-11-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2022-02-11` - `2023-03-08`	a year	crt.sh

This page contains 58 frames:

Primary Page: https://reurl.cc/main/tw
Frame ID: 7D30046679919667389242A664B3B5AF
Requests: 49 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 69C167AABD12375938BA2407896BB35B
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: DEF1AACF3510680758F572EC484C3046
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/zrt_lookup.html
Frame ID: 479F983EEAFC9ED39596CCEEF0CCB9ED
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: D14595EC7AA7FFB1915A0E73DFA32B67
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 1F5D1AC1C9974128C04DEA7DEAECAABE
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 7C478252DD9D06E4846C443EE0A0D9FB
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: A907220E3E5C670A9FB49995802DEFAB
Requests: 14 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: C6D6A4EF61689BD253B3C2AF8252C05D
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: A46506DE3E54B274C966E55BA76B8617
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1004948140419605&output=html&adk=1812271804&adf=3025194257&lmt=1655710039&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655710039176&bpp=2&bdt=432&idt=114&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=158423130175&frm=20&pv=2&ga_vid=373935847.1655710039&ga_sid=1655710039&ga_hid=1822093426&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31068031%2C42531605&oid=2&pvsid=3472745739392403&tmod=1641414418&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=178
Frame ID: C3710501D64E17C46E4EB16517981A7A
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&CFFPCKUUID=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Frame ID: F58F1D4C042DF69031735B8ED7CACDD2
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&CFFPCKUUID=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Frame ID: B834A91989495AD046C8D8D18F0F4DCD
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&CFFPCKUUID=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Frame ID: E06F7BBFFE2A700B90444ED1BF47050B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 79FB59B02CC97CC756C5FB935E5CC821
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 6DE8C1E7002C3ED78302533A29D41461
Requests: 12 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: DDC3F281ED8E8D0C1E8322B64C0ECBD4
Requests: 12 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 0080D593E16919796CB7DBC6C3A4DD5F
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: D84040075CCAB29A47CE2CBF69EAB33D
Requests: 17 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 7CEE1D924E6129230DACB42628A65D93
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 86BA40F1C18E614D812A2C2B4DAD356E
Requests: 15 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 79416E3AF06BE70CC80CF449DA95A541
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 1E479978F698499FCCF252DA0C51613D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 479C6F07CAEADBEDB0FB44A8C2038D5B
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: BEC01AA130DC3D9150062575821F38D3
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 4FB8CC9E84694E6D3C89637D941E7D85
Requests: 17 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 09F56ED6177679AAE48D2C75B6E72B8F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: CC22DC78F71486056AF3B02C6E54675D
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: FDC5A4281380F1975254920FEE6A801C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 31519F5E9490318933C73DB12BD7CE73
Requests: 2 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&CFFPCKUUID=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Frame ID: A05B464375829D1C46E0EE30BA14A74A
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&CFFPCKUUID=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Frame ID: B61FAE3C80CDC70763057E8FFFDF7D4F
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&CFFPCKUUID=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Frame ID: 9AC7C4F9646EA67FA310C611708BAF9F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 612D97085C1BF0260B3DE8345BD83284
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA7174E9FF5272A6AB9CB65BA1B188BE
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7Cs90djooKEGcGBlKV8V4sukvvtFvWQsEoge0LxmCi1Fw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bkU6QbForFm9v0N_A7kkGUbIUKwT571k2C50BNSRRBoV7nvAo_6dgVvxnCO7Q8Mqw4z-5BXPZHtM9WiJGXQ6gzcKdvrfNVByXiXjsTqBzgYVVvDdPE0Xk1A30R5YhlZ9xlKyKGO7_qn9I7KK5wVYQ8L9ndH2qh9CQTx63bKvN-QCCySJ5BGczrdPyOLHYbT2c92XlDUlYukmbKir5-8DMHMrityCdLJJGEf1YgAJQYX9C66Vw2Mp5eHT-kujPmMBC5Q1JFqN4oB03tFRFNHo-QME369q4VTSb9-xxDXdDQsD86vParCGiRt4KjxdxcHS_zy4tmuMcSbEGBmi3MfIK2pzF1O8jhe0-Qr58zugHu8gMSGm3MU-JDmiKynrNAYb3Ypv6qgit2-g
Frame ID: 81E75DE518C251CCD5EE017E58655266
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 75A6E1F68595C545CC2E03647C2C0B26
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7Cs90djooKEGcGBlKV8V4sukvvtFvWQsEoge0LxmCi1Fw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bkU6QbForFm9v0N_A7kkGUbIUKwT571k2C50BNSRRBoQrvN5H_0s3C6_M-ucW0Min85xfwX9Ksdo9lAr3gzHyT0idF0A4RtsTUaaU8VfVZkgsE6niywiWnBAdwKxCxNURngeTzkPqzBhLzQzVzule1lfVcsv4f0fOT-qSUSNH06-37QDL7IpiM5jD5TZpGAgIsP08-3U5dTzpgacEl1s92HCwAQyJOLm_1_JhG7xjfeAdKb0LKVzowTjBAAsy5v5u3HUabHzJMFP5FX2kS0jL7lf3eTsgVw0oPNBIm5-gwvtWZh8aF-E1apwxPNlbwe8MqEmjukKNcE0g-J9E5a1-NWPsEx9ELl3si2WOjVfk7yukI5wcqQfcfSU4Oc8AnNXTJKIPvrd9THw
Frame ID: CDF3DDCE37D11E0BE99EF21D0A5DA4C7
Requests: 1 HTTP requests in this frame

Frame: https://widget.fr.eu.criteo.com/dis/dis.aspx?pu=149517&cb=62b021591afff6a99399ece2e04234d9
Frame ID: 438C582D0BE0501D924369EC789DE277
Requests: 1 HTTP requests in this frame

Frame: https://static.criteo.net/animejs/animejs.js
Frame ID: 694989E18FAC4E5AFE32C01B7E606392
Requests: 18 HTTP requests in this frame

Frame: https://static.criteo.net/flash/icon/privacy_small.svg
Frame ID: 7EDDDC5D8FE97A38216DD9012179FB47
Requests: 19 HTTP requests in this frame

Frame: https://widget.fr.eu.criteo.com/dis/dis.aspx?pu=149517&cb=62b021584f6fe62b211889740dcd3d54
Frame ID: A5C90B4912805799ADC222CE40DE8F59
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Co0WvyYRRBPXrpbalnXceMmhrZC0K9biDpKFxQ&google_gid=CAESEDW9u9AFKANkpa8QvGdt1rg&google_cver=1&google_ula=913071,0
Frame ID: 2CDB8A9A994C05BD4BAAA5AE5F55EA93
Requests: 23 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Co0WvyYRRBPXrpbalnXceMmhrZC0K9biDpKFxQ&google_gid=CAESEDW9u9AFKANkpa8QvGdt1rg&google_cver=1&google_ula=913071,0
Frame ID: 9F51DDD3D378D5A12F4D8562002AD5D3
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 0B8DEEB4C53DCCC772588A6B9083FB09
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 915195E475525D4FE7C5F02F4E6486B5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12683&adk=2922729533&adf=2645242779&pi=t.ma~as.2784%2F12683&w=970&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655710042600&bpp=11&bdt=390&idt=75&shv=r20220615&mjsv=m202206150101&ptt=5&saldr=sa&cookie=ID%3D52b8e7cecdccc2c1-22afdbc3b6cd0060%3AT%3D1655710039%3ART%3D1655710039%3AS%3DALNI_MY1kslgW7A91_hcKvkTrZ5Zdn2dpw&correlator=158423130175&frm=23&ife=1&pv=2&ga_vid=373935847.1655710039&ga_sid=1655710043&ga_hid=1799351960&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=956&biw=1600&bih=1200&isw=970&ish=250&ifk=3294055689&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068062&oid=2&pvsid=1515047525666438&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sv1zl0mbtivo&fsb=1&dtd=89
Frame ID: 35B86B2D5EE34D43528894A5F84AC70B
Requests: 1 HTTP requests in this frame

Frame: https://c4654169556448e66cc743b8ef973a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: E06C767A3AFA18324818EDEA7F1EE47E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8206256A482AA62C123DBCABF20F4245
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29645D6E92F2768595879FC8131D8450
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiT6czLATAB&v=APEucNW7m-v77iU2uFOvt2cvsd55pJTc-5bOf7yQtkX5tDm8__LH4VlyGEAvu6UKAtc1EZFA03UqFacLaAoYfljPWRTUhMwICl0dGaeYBh5O1k8P5N19u1BrbKptgmZ86jxer65FiixGrt98BnVAS0l4hSwyn-rxxYH_aarasVeauy_fw-GYZI8
Frame ID: 5E19D79E448147F29548D1FC149F9857
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CSiqiupIjrUdUQfI9xRG25hQTpUefoe4l_3ifFod2qDFVwil4ouh0jsi6El0WklkI529la_4o9VY6ztFOembzn9mwxoKy3m63md4GgPgaTMukffV6A9bQnZxh8BgVndLE8zp6P-oyB1MlgbPViOXqu3pLggg&dbm_d=AKAmf-Cmowf7DCFRkCvQCdKhnEetsf2rVcOODTIXGOPopWXzmCxcs1-wHCfWG8dVVta_od8AcBJdSFTA0T2UtZK5h-dSweh38opOTPkfRyDhVI852bPDPoK4cIeuabCmj1MOkt5hYHDZcI24xoQkK44O7tb4DNZSiDnqtLPQc6K2LuODEq5UNOpcKuvbFCJyWIYOvL7nEIPe6_oXAxPRlHp20Y8DPIqF-mi6IGTela7sQ-A6cZQyUH7zucHy_I6RsZEeXPLnoZfEKinQVQNsoeYETr4wlvHMuenLXSUPubKTBuNsgKYrGKzoazXQgDY_nwpRjBNn1LKib9m0hAKH9Lisnk9ilR1DCfcAQQD-044PohY-V79cIiyYsU0Xscj2aif9vCcOlSYjX2vmaFHEKn_ikpa7FLjfBwhX_qywcUZq1lNiMtVjLC-M03RDo2JWPUCAl-nrPZDPT6n9QzGIWV7Y9olacLtXU7TYZVnum-hWwvadTE_qmjQUQHhTXk44Q7S4vLVswGMrS2cm_Drrx97Vj6GN4DwepcQk2eLSdt1q8Vh_gLbpX0tulm465zNBu7PWdGs6TBruLZK1vpoEsNCLP5VcjkzipXNp9tg1UMduKcJnRLCXNn_DXb4AysVuq1G7uGb-DjlYeWSBIYTSe36kSzTPA3tgm_VlJHkof8WQjjRMXuOVOQJAY-im5ZgtoCTkrrAwGrOlNQBn9-lW6imclkt6gGVB03pp1pRYXOnZVC_9bGH092vsUnCz8qt21guhqHHLhJN8Rxyk_bdco6TsH6o7MmyuZ_D8kn5zKPsFrI3-dUzlcgpaXOCnoHQBDfqtV53_Y-zq2u1Nq-Pi9lZ_vVaR0anlD9eIiG7YVp_EGBkT7jNDafpYfEHlT7wfwYMFBdWhWTOKpL5EIElfHFF5TPGOVYLfqVwZypMpjuGVlu5YY1emsT8mATqZ-asdDvYXmWXp7CDLBOqK5TYN3kunq4gJM6_s5DlpEmbdSdZSgiyB01W-Zplv4fbZQZbxKFZFUaWOdhlBMP2togQHKT1Cozv_GtVXh80BjpxPrscbv1f5w9N2BcIdihZxvSP5GoyJxkJ-Pe4fi_TztGt3mQcYIiys0cC9KrHjAB2fuwo8Zlr0QxT3wI37nlcsjF5g1_rxX_9WeYQ3Yfp2SOkGS0DaC6-Ml0vfGoFRzLfI75ClAxr2douOX3-P62DrW4UNvXdYYFdzL8mo2H5y-diSTo5DQGc61hktS2q0cYoWwKe22Icj-zt4jMbyvj7t1yWdPZQE2-pKXy9SBxTmsGjFi1MKOSbqvNmJ5paoeUeOeTYmt02dZ2r2JdUp_bV_-wPPidsVYbBnrimrRO8OPj-4ts0OvGQAzXZTtaZL8LF3msILXEVTXqExkWEqBz0KCSsYEd8VK34V8txP5VnEhL_64SXUvmbmaF0NmkwkUBfYeN-P-MFLxURu_X7lVm4ai5rtjH-WMhzJf27jvf42oAHfoAbuIN57s_Bmz1bpSUncx44_-M3naCaI1oT0hpfjAa32t_ayHqjroiezvH-nA4Zg29hPidX7_Olm-KbEi2NUTeANV1Wxidjt27ptuvq227dedOgpydaP8Lo_3yBBz1g5STjCLUAsSPhjQuOa3LlKQZEYF3gifRCDXXR-Yh7tkiDzQIVIlPfHvltrW6q3Hcz1tzn4etV6x3cWTaTX6pdFvM740hq1pvRh7_Ql_ofwd1wAmFwpB1l_e50N1bwx4_kADS4IFkY-Jeq361x-64xX5E28uScTWaE00RZW-QWKoZkkqPRSmaNlQ-p10KAbumBaUPHvyYOzjJNYtH8VuqrV_yYVFLzlhwoBxF1SzoHZXnTl5xUXSO5047a4BpeLI1d2EWRJ4liuKbc8JJcaUULNXEVjDzqDcCtfqqPDHITjoVc4sY0ad0XQq2giEad67a1L8jY5-i0UBMrXKZd3Q5k-AK0jrgH08wV0STYe7jk3x1rbM6jqo5y7djD0prj58XwpIz9y2mZ87KPL2K1IVB2UtPaIT-y7iADHp_8QcJBulrNSqR-CfBbkmdZyMrC4t6EQs-v_JZxIz5GEXkWC2is15A2YZaVxKJg5OF2b9zkiduGJwAbLWPjFOjD44Q6ios7cSH8-joyLMrlO-mdSVV5n2IY5pcaxbf-TjiX0fDugcHZjRoXxVIFQ58p7Xg9ttKBu90G2Hf0w8ZRWeo9Zg5O07XkZu9J3bS7DGJJ3Jlk8Taniik5bo01r0rmBAZ121f_e64X6DOF1KuLTA1Vaj7zLGmB8NU_gyGqKEAjdtzASxAisSBf6tlivBkc6DWxe_u0FB0BnKVkC_1z6K8BG4mYLMowcWN229OJ51DmvgpwIG30N1eeyZRP6hm3sKvXHZCLfZBLVVvx2nRFsUfpWEcEdtPe-R5oQQGJXy5215xwFMxMKrCUPB67F099foFvPB6m0DYIFGuUQjKO1HIm9t8tNDbuU6gUMNSkcVnxduOukYkGr0Nau3ySHXsoFIXF9HVyH3TdgGqSXyKo8lsdtem_lRAnpifzKnF_MbheMtwNIcWpzEyaRFPuSW5XITyMpnay8zRULLotCTfU3b5ZvjzZHYoqwsL1IMiTegxASZGyl6eELjmuf9ukGbWVZzw9UtMm6otNoyN4aEG0m3bu3qvOBW15TxCX20OFC4e5bMXtuonsZsG_hRSOoT093nHgT7qBAIgxaNkKH5hu8TwKJofKLmCCQkdHFwu9pe-yKZpJzMMQ8x0WUIiSzhedWRecM_PP-Qj0hN6ok8Y0gZ8aFxna0Os_Krw4UbXG3wR6Nk8H-Ar58S16ignKnWwmj16JE5Qv13zjj5ERD-kL-RIu4SRPGrT3TRWl05BVTpy1v7XTJpDQeK1mqWq5-6Z3XWoPBzutzAZpGbCLm0yLT0xZhQSUM13RWYDg4faXz3hcE4XWREhiM9jZcEdWbpyCtdC0QRWD1vDWNx-uOPWuxMQDVYMlP4npYZ8O7MPaWOrmbm1FkXIwVUzIOE3mVMrswyLu0ICKAoWNUlA43e1HTstlQjl2oRfQcgK8wa4Rgbqybzh3yJdRfWEWG6yPUz0DCguTUnienhebhh8mEW5BM4AyTTsWQCxN_jsjB1o5GPbUrKvK9guTocnUzusW2Pym14JAEUR8DyB9nzd0Y7OXI2JLkjQolXir8wLbMLmlZ5vTRti-7b48v3CxnjhrgIx0iJxrpHpIB4Jt7ZcVhmYHV9MbTv0FeAWtiTukIJAC8zV6KYavtASiALILJSg6BvN3yLcEZBgbFwcJI_OobDAiQzQ&cid=CAASJORoqf4umKhjYxKKoU4RZmGDBkcvA-wPd8-bEfH9eD2Zj4pfcQ&rfl=7%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Frame ID: 928FB02709935982259B5A13D82D220D
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 134760C1C642722A4BBFBAF663AE63BC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5777CDC9A652673100B22DE9A9B0D4A2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=4S1aVwg1sr&t=1&renderingType=2&ev=01_247
Frame ID: 9DC7990DCD07924FC40D692A8558AC79
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6E6CBB739B43EAE1BBB2C5D2AC59481E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3B916FE9635DA9641654FC35DE4EC03D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js
Frame ID: 20EBEFDC668EBD9E51D2E336F0865BAD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

http://reurl.cc/ HTTP 301
https://reurl.cc/ HTTP 302
https://reurl.cc/main/tw Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

398
Requests

80 %
HTTPS

37 %
IPv6

56
Domains

89
Subdomains

62
IPs

9
Countries

3909 kB
Transfer

6697 kB
Size

60
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://imgus.cc/
Title: 縮圖片

Search URL Search Domain Scan URL

URL: https://youtils.cc/yt-dlp/main/zh-hants
Title: 下載youtube

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: 什麼是utm?

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/275350

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/39144

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/62ac3baf046fbcdeb316da93

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/2381

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/28226

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/24570

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/password/zh-Hants
Title: 密碼序號產生器

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://reurl.cc/ HTTP 301
https://reurl.cc/ HTTP 302
https://reurl.cc/main/tw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js HTTP 301
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

Request Chain 26

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 34

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 38

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 67

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg

Request Chain 72

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=QVDsCVU1DKuGGCdOWCGwYg

Request Chain 73

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=OGv-he6UA06Cy92VWCGwYg

Request Chain 74

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=Pe92jM3UDF-iav8cWCGwYg

Request Chain 104

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=e-QnGnxLUmNValRmZkFOOGZvNzBlV1ltMnRXeStEQzNtWWNhdFJBamNVNG0yb3pFVXp1WDdiZ3ZKdzI4czFjOVpvVU9HaldjNDMwU3RDQnpZWnJVRUtMUWgreTNoZDVrTkJRL3ZHT0pkYUpKZnkzaFFkakt5RXNUdjZ1b04vOXE1RGhDb0pZZzdZd3VEVEc1NXRGSk9ySkgzVXRwWG4xaGd4NkxSSnJxYklnVXZldEgvTzZET1N5Y2ExYlRzd3A1WlhUY3pRaFVRM3lQV1JvWWJ5RVBiaU8yYVFGZm5kcGF4WUtrbG1lMWJJclN4LzAzSXc2cWI2STlXZ2h0c3R0VmZId3JkbGUvNVhlVFlzN1lhUFVxOHR3cFl3Zz09fA&cppv=2

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined&google_gid=CAESEC2k2kCg-RKiNAW0IL58K8c&google_cver=1

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined&google_gid=CAESEMMfFfCqZLrC757bwogi3yg&google_cver=1

Request Chain 139

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg

Request Chain 140

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined&google_gid=CAESECUMfwjjpiR809xZH_TKNJA&google_cver=1

Request Chain 153

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg

Request Chain 165

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg

Request Chain 166

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg

Request Chain 170

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=lIQpyl9UcWpjVG52VExiak5qZHg3dzJ3ZEtZQmNIcTFkTWhsZ2VZVG5aVU0lMkZvQUxlMzltZjNqWDF0QXg0YlhTOHJrNSUyRlhMOUUxTTJsZE5HM1N5Mm9tcXkydEFJcmNNSEpBViUyQiUyQkFVTURHWDZxUnI3R1NVSG5veUE5V280QXlFdnJEbkRhT0VPODF5dSUyQjVrQ2VXcWRKQ1pkczZ3JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_G-9DHxhTk5VRDFnYngvNU5ialJpRjJ0aW16ekJNbEtFYVlENzNwSVkxUDJuRzM3UFd4Ukp4bFMzNkFBdS8vZFcrc2tTck5NM0wveE1jdlpwQ0VCS3Y4ODBIcXBXQi9OWTN6V2JCTUc4alV6aGZCWmF0Znh1RHdXYWlFS2tzbWNUdVR4M3dhaEpjUDB5M21CRG50UjBZampHclNHYUU1Mm9COWR4VmFsSk0wOGxrc2phSjVISmx5NjFseGFlOEJ3RCtmSXJhUTRMM1B3akthN2RDWDV2bk0rcWJ4blB6QUUyYStjbkNObXVoK1ZRNVFCdXIyQ1I2Wk1KanBOZzlUbEo3VGcyQmxEUEFTTlo4ODhZdUJOSE5qM0RLUT09fA&cppv=2

Request Chain 172

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=lIQpyl9UcWpjVG52VExiak5qZHg3dzJ3ZEtZQmNIcTFkTWhsZ2VZVG5aVU0lMkZvQUxlMzltZjNqWDF0QXg0YlhTOHJrNSUyRlhMOUUxTTJsZE5HM1N5Mm9tcXkydEFJcmNNSEpBViUyQiUyQkFVTURHWDZxUnI3R1NVSG5veUE5V280QXlFdnJEbkRhT0VPODF5dSUyQjVrQ2VXcWRKQ1pkczZ3JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=T31panwxYWdLek5KdUFjeU1wdTJEeThQdkIrSks5TFJYeU1nWWlhSmpZM3J6RUJ4WmhwMVJ1TUxnanEwRzVOMXdGa1lrbzdod3E3STlhOHRJK2tmUlBwOW5uemw0RjlPY0podG5FN24xbHlHRUYwZjdrQ1VUWklJbEtrUTljMTYwMGpDOEVScFdCNlNYT2hYR1FjaURJd3dMb1o1TlFDeXJvU1hQY0k4S2lJQnk5NkV5Y2FkRVVzVU9Zb2dFWWt1YTRDYk93c1AzSUVzeXJvTkN5d1JIakNJRi93WVFYWnlSR2UrTTR2aUdpYUVqOVdJcHdhUjlBR3BkVk1RdHZhcjZoYjdGZ0hrR0Q3NS9aSDNsNWZOY2YwVnhtZz09fA&cppv=2

Request Chain 175

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=lIQpyl9UcWpjVG52VExiak5qZHg3dzJ3ZEtZQmNIcTFkTWhsZ2VZVG5aVU0lMkZvQUxlMzltZjNqWDF0QXg0YlhTOHJrNSUyRlhMOUUxTTJsZE5HM1N5Mm9tcXkydEFJcmNNSEpBViUyQiUyQkFVTURHWDZxUnI3R1NVSG5veUE5V280QXlFdnJEbkRhT0VPODF5dSUyQjVrQ2VXcWRKQ1pkczZ3JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=XoQ7v3w2d1BxZTJ2aTFjbEpSYnZ3N3NpQ3cxYWJQak5JYXl6UHdZSFZlSW1lTTh6TTYyelp2NXdCc1FMYmtHbWsvQzRYQUYwcTB1OGpGYUIwcHp0Q01mRWpZZ1MrTGxLTWhMQ0F2NWwvUkN6TURNdWlmR2pNMUdnSkRQUVJkWUdUcVMyRmpYTXN2Z0dMWTkwaUhMb1FWNjJhdTF3RExsT0RmNkU0THlDeGpsWi9sMnhaYlZpa2g3ZGVGd0UxbEhPa2J0T1dvQTg3NjZ6VHNOY3IrVnFpYnJJMEpFQjlRUTJqZG5idXUxb2hmcTBkVkxrTTVMUSsybzVMQkxxcEptWTZOem5jekx3Y3hOMnBmWE9TNHNUTGhpYXM2dz09fA&cppv=2

Request Chain 225

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 271

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Co0WvyYRRBPXrpbalnXceMmhrZC0K9biDpKFxQ&google_cm&google_hm=ay1DbzBXdnlZUlJCUFhycGJhbG5YY2VNbWhyWkMwSzliaURwS0Z4UQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Co0WvyYRRBPXrpbalnXceMmhrZC0K9biDpKFxQ&google_gid=CAESEDW9u9AFKANkpa8QvGdt1rg&google_cver=1&google_ula=913071,0

Request Chain 295

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Co0WvyYRRBPXrpbalnXceMmhrZC0K9biDpKFxQ&google_cm&google_hm=ay1DbzBXdnlZUlJCUFhycGJhbG5YY2VNbWhyWkMwSzliaURwS0Z4UQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Co0WvyYRRBPXrpbalnXceMmhrZC0K9biDpKFxQ&google_gid=CAESEDW9u9AFKANkpa8QvGdt1rg&google_cver=1&google_ula=913071,0

Request Chain 351

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBY3tDtc6pTSkh7K7AKfIIA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBY3tDtc6pTSkh7K7AKfIIA&google_cver=1&C=1

Request Chain 352

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YrAhW9IDRHAg1JafojdYaAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBY3tDtc6pTSkh7K7AKfIIA&google_cver=1

Request Chain 353

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBLwBXYofLPsyvxV97dQBos&google_cver=1

Request Chain 354

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0OTg1NDg3NDczNTEzODk3OA%3D%3D

Request Chain 361

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAaez5iXEiUDaFJrj-UsvGE&google_cver=1&google_push=ARnp8GBKgpRDy0b62pxXGPxCU3V4xoaELhiOAud4bcz1hQe-Ofe1K-Ycige9Q-6ukkzrKiQHNbKksNTcs-Ry4oMt3SK-8vWRpHc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAaez5iXEiUDaFJrj-UsvGE&google_push=ARnp8GBKgpRDy0b62pxXGPxCU3V4xoaELhiOAud4bcz1hQe-Ofe1K-Ycige9Q-6ukkzrKiQHNbKksNTcs-Ry4oMt3SK-8vWRpHc

Request Chain 363

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ0Db72XHIYmsHNOyZBwAzk&google_cver=1&google_push=ARnp8GCQHuUETohN3CBHcaz_wAZj2zCVvUHQGnj5OoOeEQBujrig-w-_ecIxlRWnaKg1-kScRDUNvPuynvyOg4EWsNjQ3raWvg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ0Db72XHIYmsHNOyZBwAzk&google_cver=1&google_push=ARnp8GCQHuUETohN3CBHcaz_wAZj2zCVvUHQGnj5OoOeEQBujrig-w-_ecIxlRWnaKg1-kScRDUNvPuynvyOg4EWsNjQ3raWvg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE2NzA3NjI0MzU4MTU2Mjc4Mw&google_push=ARnp8GCQHuUETohN3CBHcaz_wAZj2zCVvUHQGnj5OoOeEQBujrig-w-_ecIxlRWnaKg1-kScRDUNvPuynvyOg4EWsNjQ3raWvg

Request Chain 364

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ0Db72XHIYmsHNOyZBwAzk&google_cver=1&google_push=ARnp8GC94bYiIGf2H0kVBNpJeNeK0iHVhY34R0Pf-IMrlwc70Awmyds8mMuJeT45fQtfz03Dg8cHdS2BCJgmD44zbuSSKIKnuw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ0Db72XHIYmsHNOyZBwAzk&google_cver=1&google_push=ARnp8GC94bYiIGf2H0kVBNpJeNeK0iHVhY34R0Pf-IMrlwc70Awmyds8mMuJeT45fQtfz03Dg8cHdS2BCJgmD44zbuSSKIKnuw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY3MDEzODc3MjMxMjc2ODc1Nw&google_push=ARnp8GC94bYiIGf2H0kVBNpJeNeK0iHVhY34R0Pf-IMrlwc70Awmyds8mMuJeT45fQtfz03Dg8cHdS2BCJgmD44zbuSSKIKnuw

Request Chain 365

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPdxISZGyIvjiD-d5gZjAPs&google_cver=1&google_push=ARnp8GCtLsclkaFWhndAF0UAvGhrcC_eIcgOMrNwVs3y3aaUHu2jleO56MMhIdRLKeZQvnpPNVGWDY7bSd9KdxcKnxvSeplYKWc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCtLsclkaFWhndAF0UAvGhrcC_eIcgOMrNwVs3y3aaUHu2jleO56MMhIdRLKeZQvnpPNVGWDY7bSd9KdxcKnxvSeplYKWc

Request Chain 366

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHjbmJV1HzlvB_MkS-MAqMU&google_cver=1&google_push=ARnp8GCq7GpvOyRzGo8RGR9sNKp15K4eBehqZa4lWrOeniOrUKGFrnohbm8RNfwBy-WuSQpz-F6Kb1xTR34KaXYhd59HoRsrcg HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GCq7GpvOyRzGo8RGR9sNKp15K4eBehqZa4lWrOeniOrUKGFrnohbm8RNfwBy-WuSQpz-F6Kb1xTR34KaXYhd59HoRsrcg&google_gid=CAESEHjbmJV1HzlvB_MkS-MAqMU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQyMzkzNzQ1NTI0NTEyOTk3MzY2MA%3D%3D&google_push=ARnp8GCq7GpvOyRzGo8RGR9sNKp15K4eBehqZa4lWrOeniOrUKGFrnohbm8RNfwBy-WuSQpz-F6Kb1xTR34KaXYhd59HoRsrcg

398 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tw Show response
reurl.cc/main/
Redirect Chain

http://reurl.cc/
https://reurl.cc/
https://reurl.cc/main/tw

13 KB
5 KB

266ms
266ms

Document
text/html

35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e8a4d4a06c605d883eda60c7f1b48a4152d0cf6b5be8f1f3c2fdf76ec38720ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 07:27:18 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

Redirect headers

content-length: 31
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 07:27:18 GMT
location: /main/tw
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
25 KB 33ms
16ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7855529
x-jsd-version: 4.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19137-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvZmtZRr48U1Cx8nth07I4ZZc7J53ClaWITvgNBLXusMPp2UNl9V%2FImx0IYt5N4IPcbzHJrqDocGg7bSvG2W2FIOvaKX0OdgctctYLFTP6%2FxijFllV%2FUu%2FB6vx58RkuwJ1pe5kg3Y%2BlPrLPFqgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 71e2c7fe4ab068e5-FRA

GET
H2 200 style.css
storage.reurl.cc/stylesheets/rwd/ 3 KB
1 KB 58ms
8ms Stylesheet
text/css 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/stylesheets/rwd/style.css
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e32272da242ceb6ecfad754975bc09782c6229a7a46c58e46cec347aab22be64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 04:34:02 GMT
via: 1.1 google
last-modified: Thu, 05 May 2022 00:38:33 GMT
age: 10396
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public,max-age=28800
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1091

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 66ms
31ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1004948140419605

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edc243be592bbbcd2ac21c33edcdd7ef487e41c99469c4dc5f557c6b09b7c123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Origin: https://reurl.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56299
x-xss-protection: 0
server: cafe
etag: 3903102004500582011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:27:19 GMT

GET
H2 200 pixel.js Show response
reurl.cc/javascripts/ 470 B
559 B 261ms
261ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:18 GMT
content-encoding: gzip
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61100f5a-1d6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Tue, 20 Jun 2023 07:27:18 GMT

GET
H3

200

clipboard.min.js Show response
cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/
Redirect Chain

https://cdn.rawgit.com/zenorocha/clipboard.js/v1.7.1/dist/clipboard.min.js
https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

11 KB
4 KB

16ms
16ms

Script
application/javascript

2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7855433
x-jsd-version: 1.7.1
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19180-FRA, cache-hhn4068-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2aa5-qeaI8MJlRinRJjDbMhGpT3WiLLY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEMrga70lIF%2BuGkLrQoS09tZj%2FELMFaleFytbphZyqtgx0BjDmFKZbM4AT1oEvWgvdtgHR6Dch26oSXJ3aAv67FqMILcQsyL3gp19HSGjATpMVxpUoYeIBMCcmiMsOXKUffG0NTQIHknGKOJU6g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 71e2c8013b9390e8-FRA

Redirect headers

date: Mon, 20 Jun 2022 07:27:19 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 879
age: 79619
access-control-expose-headers: *
x-cache: MISS, HIT
cdn-cachedat: 06/20/2022 07:27:19
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 113
server: BunnyCDN-AMS1-879
x-served-by: cache-fra19140-FRA, cache-chi-kigq8000026-CHI
access-control-allow-origin: *
cdn-proxyver: 1.02
cdn-requestpullcode: 301
location: https://cdn.jsdelivr.net/gh/zenorocha/clipboard.js@v1.7.1/dist/clipboard.min.js
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
cdn-cache: EXPIRED
vary: Accept-Encoding
cache-control: public, max-age=2592000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0f0e78ac68324258bf38420aba28e213
timing-allow-origin: *
cdn-requestcountrycode: RO
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/ 13 KB
5 KB 38ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.19.0/axios.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7805324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4224
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6a-3580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeySWEHX1YtjUdzigxOtzzxs3SsyEanSL7BHynv6nhJTo4BzNYtDTuQYqITErMWyKO1JMGDhPtT04jJIGjTvHxs4EMnOIBhpGXEfXREcevxY1Aw7lLeTMVJdYEsirz5uZ9HDXbaWM3iaxqjEyvRrQCu5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71e2c8000fc9922f-FRA
expires: Sat, 10 Jun 2023 07:27:19 GMT

GET
H2 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.net/npm/sweetalert2@9/dist/ 65 KB
18 KB 19ms
14ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@9/dist/sweetalert2.all.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2950bc3fd628cb8a8c6b1367f664e31353a6ff9edd99c3f2831ce548610a05b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2844
x-jsd-version: 9.17.2
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19162-FRA, cache-hhn4034-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"105f5-IoZ47xa2VqsB8s6EqlY9hdo2pRY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MyFyI4Jhr2R%2FHDjm7l%2FkdCrhzNFJgSeEucafNUCwROiQjW3l42pFJ99Zanp0h7yay39aGre9lZX1Hb0C5uVZwah127f8e9%2BQtX1BfCo2Oc24Zu4oj%2B169xoB2y3i2CcZplG5KOVS%2F4zxk3XbEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 71e2c7fffe1668e5-FRA

GET
H2 200 FileSaver.js Show response
reurl.cc/javascripts/ 12 KB
4 KB 265ms
261ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/FileSaver.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f3481bf12191837d5e19d9526f18fd20fc88395a403c1a0b098eeef10a7f56ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: gzip
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61100f5a-2fce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Tue, 20 Jun 2023 07:27:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 61ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965cb4f40ad635f5200ed561d7d69f41621c5d7a8515e163f7b08361f8c77b68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56318
x-xss-protection: 0
server: cafe
etag: 2722253768848079973
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:27:19 GMT

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.4.1/dist/ 86 KB
31 KB 38ms
22ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.4.1/dist/jquery.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7855539
x-jsd-version: 3.4.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19138-FRA, cache-hhn4047-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"15851-iFI5JDUbrAtdVg/gxXgeJVbnaT0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQfhn2K1L2qDax7fQj%2FLaW3v3FqnrkX6RWyyS3PJWBltWrwEGcecme34GBqanFcMcmi8csllZYkkIOLehgm4H%2F0b10vKAeRyXXzVeLseQKOifrehkA63NV8f5FxxOZ%2FTymWGCh6Ndi5n8FFkB3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 71e2c7fe4ab268e5-FRA

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/ 59 KB
16 KB 44ms
28ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7855511
x-jsd-version: 4.4.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19171-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"ea6a-s8EWxl5vBTqqtF5WGaeOwAJxpQ8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vavm%2FBlrcGFKy7NBw6E28d7sevqKVrPHV2BDQMwHECHGfjMDAWmGPzYYva%2BZYlYnFv7tm4uWTg4W3gKXhNQZd2GZr7cxre2BzHy1ffbXIe1o5tBdppDjWLC55VmysrMptUa6rR6XGD1wDIy89yk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 71e2c7fe4ab468e5-FRA

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
32 KB 34ms
23ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7855511
x-jsd-version: 2.5.16
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19143-FRA, cache-hhn4039-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJQjNJPM0ssQXYjFEjx3Av2icdCCpjhxy0Df8MP1iak%2BC89ctkbmUBJopU%2B%2FRAHy432FJA8onxMigXP%2FXuQjNIQYuxw2JlOPL%2BA8xM1Ek%2Fj9QI4vQwimAr7AYYOLCd0UKehWxQsW6MF9xIzMq%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 71e2c7fe4ab668e5-FRA

GET
H2 200 vue-qrcode.min.js Show response
reurl.cc/javascripts/ 18 KB
7 KB 265ms
263ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/vue-qrcode.min.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 62a62225a4e6e5ea098b9ed6aa19c2149880cbd6d3e0314f2b875a32b1f8ce25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:18 GMT
content-encoding: gzip
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61100f5a-470c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Tue, 20 Jun 2023 07:27:18 GMT

GET
H2 200 main.js Show response
reurl.cc/javascripts/ 5 KB
1 KB 267ms
265ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/main.js?v=7
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 00fc5eede87ce2644e673193b3ffce854cad06f548d8a6057acce9c0dbef3b2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:18 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 04:36:28 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61a458cc-12bf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Tue, 20 Jun 2023 07:27:18 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ 6 KB
7 KB 10ms
7ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
age: 41
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:26:39 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: 2YbnMeUjV5hGUI3zTarm6yO4oYWtcEVQQoRXPL5-7PZvjszlfBTrRw==

GET
H2 200 renews.js Show response
reurl.cc/javascripts/ 698 B
561 B 268ms
267ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:18 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 00:38:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62731c89-2ba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Tue, 20 Jun 2023 07:27:18 GMT

GET
H2 200 ga2.js Show response
reurl.cc/javascripts/ 618 B
588 B 270ms
269ms Script
application/javascript 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/ga2.js?v=2
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/main/tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:18 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 12:16:16 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"623c6110-26a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Tue, 20 Jun 2023 07:27:18 GMT

GET
H2 200 rwd_cap.js Show response
cdn.holmesmind.com/js/ 41 KB
41 KB 79ms
20ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rwd_cap.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 003c6c7476d2158d18f48473e7071c87f48e8e1cf957343020a148c97ba30482

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: BN9WwPCNLHdSgIvzd1_opxGo9OZ3hU5f
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 02:02:46 GMT
server: AmazonS3
age: 46
etag: "8fdf120a4b0155367b0b2347946ccc01"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:18 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 41735
x-amz-cf-id: CujaFD4hR306DxZ3rV6zRfWJ7nQbzuqc3WOeAuLS3obODQxBKBRb5g==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 34ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: vOKQqtlUrMEeo01XF7N/VbDarCeUfbT2+93unoR0Ohhp0SCUqT+SL7yB+TPz364CB3q1Thk+UblHZJp6onl9QQ==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Mon, 20 Jun 2022 07:27:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 feeds Show response
storage.re-news.tw/ 5 KB
5 KB 548ms
269ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: a2016ceddd3f0e2cfbfd6668d66581c01fae2caff09bd5b7c8df392eb03df1bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
via: 1.1 google
etag: W/"1433-sc+VSlDdCKiGvY4F8EKUQOTqxQQ"
x-powered-by: Express
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5171

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2292
date: Mon, 20 Jun 2022 06:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 20 Jun 2022 08:49:07 GMT

GET
H/1.1 200
OK tagr_lib_learn_tw_v3.js Show response
static-tagr.gd1.mookie1.com/s1/ 4 KB
1 KB 85ms
16ms Script
application/javascript 23.75.245.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tagr.gd1.mookie1.com/s1/tagr_lib_learn_tw_v3.js?tagid=V2_98222&id=ClickForce_Learn
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.75.245.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-245-170.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 10407b8212733e00354b330f4e4790764e6bc187a9d2b6b62b27aeb387bc268b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 07:27:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2016 05:38:37 GMT
Server: nginx
ETag: "57999a5d-1153"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1217

GET
H/1.1 200
OK checkSegmentsNFI.min.js Show response
static-tagr.gd1.mookie1.com/s1/sas/lh1/ 1 KB
843 B 86ms
17ms Script
application/javascript 23.75.245.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tagr.gd1.mookie1.com/s1/sas/lh1/checkSegmentsNFI.min.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.75.245.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-245-170.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: afc3261eac9e8f5606c513fa7c62f5add4200b8d171d1972f11abe2ec1a0ac41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 07:27:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2016 14:26:27 GMT
Server: nginx
ETag: "581b4913-428"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 552

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 69C1 3 KB
3 KB 8ms
7ms Document
text/html 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39
content-length: 3044
content-type: text/html
date: Mon, 20 Jun 2022 07:26:40 GMT
etag: "b585383190cc538c34a520974872d918"
last-modified: Thu, 24 Mar 2022 11:21:34 GMT
server: AmazonS3
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id: sHyOc--6XdYnU40GLlyHOnrv6cTK2jazZALoq4p0X4d90YyubYIZ1g==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ 662 B
1012 B 7ms
7ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
age: 39
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:26:40 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 662
x-amz-cf-id: 0kWmSi1NpdflR6u86V74KMQuHsgLE7IEWwExj2Vc-TtiW-3ygY5Lgw==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame DEF1 6 KB
6 KB 7ms
7ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rwd_cap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 39
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:26:40 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: U82KzQRDqzrRJysXNGHAGr-3G2_3ypE35fr5vei4GXLMoSkiZWMUSA==

GET
H3

200

cm
c.holmesmind.com/
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
16 B

138ms
116ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Mon, 20 Jun 2022 07:27:19 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ 340 KB
120 KB 45ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1004948140419605&plah=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1004948140419605

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f124e272ae420a6131fdbbf258f7f0d985579b70bc1ed18e3180d0e088d64e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122727
x-xss-protection: 0
server: cafe
etag: 13250488933943256615
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:27:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/ Frame 479F 10 KB
5 KB 28ms
7ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1004948140419605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Jun 2022 18:51:32 GMT
etag: 8616628553774171045
expires: Sun, 03 Jul 2022 18:51:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame D145 15 KB
9 KB 182ms
165ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a7623bc840dc27f6134d8ae05c4abfca6a33bd7f94b33344f38c34f02ea6a93c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Mon, 20 Jun 2022 07:27:19 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: P/UQaoy1nnieuz7X9k1zLocs4zpCBdg4ANInwDc8XaPFrKH6k5fJyd0ys9EwqW1nosk2yhPrBYf8Y1Maahcatw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 1F5D 3 KB
3 KB 6ms
6ms Document
text/html 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39
content-length: 3044
content-type: text/html
date: Mon, 20 Jun 2022 07:26:40 GMT
etag: "b585383190cc538c34a520974872d918"
last-modified: Thu, 24 Mar 2022 11:21:34 GMT
server: AmazonS3
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id: cHPz4yIcvxLkjZKcMhKBcCbE6DoIeJDkrG_Gz70k0OwHX9NLw_SPyw==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 7C47 6 KB
6 KB 7ms
6ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 39
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:26:40 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: CQ9bV59dy_wpmuxZBte9K1ZcXkfWOJsky2WiH7N3upXLO-NG859Q7Q==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame A907 6 KB
6 KB 7ms
6ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 39
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:26:40 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: 9xy5xHftMvUBFRKzu1NoV29Pdg3Jtn9qSWFWqepB45h35APvlnDemg==

GET
H3 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82b3482a538a502cbc1010f6af2b197b5a76741c6e782d5d12576c52eaa035ff

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7136
x-xss-protection: 0
pragma: public
x-fb-debug: 91Lxw07hzUmDp7NWBKv9HdOuSbynJ1LS7+i10xsRgWIn1vtS37kXFgGES0LH4EDC8DAFYP3M8/hjdNHCO19JXg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 20 Jun 2022 07:27:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

cm
c.holmesmind.com/ Frame 69C1
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
16 B

134ms
116ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Mon, 20 Jun 2022 07:27:19 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame C6D6 39 B
97 B 138ms
108ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 07:27:19 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 69C1 4 KB
2 KB 1020ms
284ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Mon, 20 Jun 2022 07:37:20 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame DEF1 731 B
685 B 83ms
10ms Script
text/html 2600:9000:2250:2400:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=12684
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 21f132eacc2adf061517872fad22e205bf15966adb0376edae16617736d6f64c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:23:18 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 241
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: EbjDva814jFvyM5aiAyEhiZs_4DgjQeL9onL7t7SSF8SBgWVzUgkkw==
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)

GET
H3

200

cm
c.holmesmind.com/ Frame 1F5D
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
16 B

130ms
116ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Mon, 20 Jun 2022 07:27:19 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame A465 39 B
191 B 129ms
103ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 07:27:19 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 1F5D 4 KB
2 KB 1018ms
286ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Mon, 20 Jun 2022 07:37:20 GMT

GET
H2 200 learn
tw-gmtdmp.mookie1.com/t/v2/ 43 B
641 B 294ms
264ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tw-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_98222&src.domain=reurl.cc&src.url=%252Fmain%252Ftw&src.id=ClickForce_Learn&src.rand=555109986
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:19 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ 0
782 B 47ms
13ms Script
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?id=10761225&callback=window.xaxS.auctionResult&cb=8678676152

Requested by

Host: static-tagr.gd1.mookie1.com
URL: https://static-tagr.gd1.mookie1.com/s1/sas/lh1/checkSegmentsNFI.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 07:27:19 GMT
X-Proxy-Origin: 146.70.117.120; 146.70.117.120; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 53918bb8-ad64-4a4d-b1d7-38d7b4c3093e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 7C47 536 B
632 B 82ms
13ms Script
text/html 2600:9000:2250:2400:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13799
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 051141599f128f399f2cd53514ee1c28ba9d269ce1b065ba81dcc4b11a5d3b02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:23:19 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 240
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: EOM2nEUxF19OaNPyvvSckKRFTIu6V78QEpAtEydkPbjIeFfYhJMQwQ==
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame A907 606 B
646 B 81ms
12ms Script
text/html 2600:9000:2250:2400:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13800
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e830fb2cd84ed7cc6eb54b4f7b682ddc8bf7dfe2bc02c3662631f0ee9abda2b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:23:18 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 241
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: dA7-wNbZj1yW8K-jklXA4y7YX3MTCx3siIHk1-d8oTdE9mArHQSnNA==
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1822093426&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1343033082&gjid=1824529264&cid=373935847.1655710039&tid=UA-102456694-1&_gid=1134839914.1655710039&_r=1&_slc=1&z=1836172654

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1822093426&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=0&el=MTQ2LjcwLjExNy4xMjA&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=373935847.1655710039&tid=UA-102456694-1&_gid=1134839914.1655710039&z=1892396005

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Jun 2022 20:21:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&rl=&if=false&ts=1655710039278&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655710039277.1124418615&it=1655710039233&coo=false&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 20 Jun 2022 07:27:19 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
641 B 50ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-1004948140419605

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1004948140419605&plah=reurl.cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8b93883b32af13d20ef712bbc193aabcb0a63a092f8e1877843cca9ee2876a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 60ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=reurl.cc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 61ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&tn=NAV&cls=navbar%20navbar-expand-lg%20navbar-dark%20bg-reurl%20fixed-top%20nav-no-padding&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C371 603 B
68 B 58ms
42ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1004948140419605&output=html&adk=1812271804&adf=3025194257&lmt=1655710039&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655710039176&bpp=2&bdt=432&idt=114&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=158423130175&frm=20&pv=2&ga_vid=373935847.1655710039&ga_sid=1655710039&ga_hid=1822093426&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C31068031%2C42531605&oid=2&pvsid=3472745739392403&tmod=1641414418&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=178

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:27:19 GMT
expires: Mon, 20 Jun 2022 07:27:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102456694-1&cid=373935847.1655710039&jid=1343033082&gjid=1824529264&_gid=1134839914.1655710039&_u=IEBAAEAAAAAAAC~&z=977710864

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 20 Jun 2022 07:27:19 GMT
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame DEF1 2 KB
1 KB 773ms
296ms Script
text/html 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=12684&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=848&o=1&d=1&b=2&ts=1&ii=undefined&FPCK=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 88d6186158aa86ad27a42670df6fc398ee30ba19f7c8542e6989aa51289f245f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame DEF1 3 KB
3 KB 16ms
15ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 28
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: jj-_OpJglrVdH5p90LRSUxRCAYs56DCdokwWRajqqqonYWgZB9bR7g==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame DEF1 119 KB
39 KB 72ms
35ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-1dc01"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Jun 2022 07:27:19 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame DEF1 2 KB
3 KB 12ms
10ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
age: 40
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: a8Uub2RagFFe0jahKPpwF5GPuiUQHymIwl8QaULCgh688ojgiwSAbg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame DEF1 4 KB
5 KB 22ms
21ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
age: 18
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: WzvqoN40mDNS9hSw1Gn1DMWIH1EKFOtqrAi3dhAc3o3pdRaZj3yQ8w==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame DEF1 3 KB
3 KB 22ms
21ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 14
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: CQhKTZrkTRHbOddGavIzZvhLfYwXj9YVWrsLcipz17Os-J-IWOFg5w==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame DEF1 3 KB
3 KB 13ms
12ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 15 Oct 2021 07:41:44 GMT
server: AmazonS3
age: 24
etag: "adc35fd9401ac04bdb2a47c466e46174"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2568
x-amz-cf-id: ZLIYQ0ilDN9kxvDh1gtZzf2eCjJpLN9oDwAvGhQsWJ8rGJTUhwYFHg==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 7C47 2 KB
990 B 717ms
244ms Script
text/html 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13799&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=881&o=1&d=1&b=2&ts=1&ii=3&FPCK=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 020cf5d9ba2fb76463eb4884990e15e4cbaeafc7290944979f094a947c610c98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 7C47 3 KB
3 KB 13ms
13ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 28
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: 3MCKlOhm9_wZhXK2iznHVy0kNQuQW02XSmLRehfcSHsUhYMAULfNNg==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame A907 2 KB
1003 B 718ms
246ms Script
text/html 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13800&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=744&o=1&d=1&b=2&ts=1&ii=3&FPCK=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bee532affd04afa339e8a6cd51c6efac9776300f5d9f2850ceffe6f25ad3b26d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame A907 3 KB
3 KB 12ms
12ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 28
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: 0Kptn9jLyWivl-RW-xZ20rq5DdF-fyxXUp2ZH10ERRC0yDynhmf0bw==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame A907 3 KB
3 KB 19ms
18ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 14
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: kvwwm9OtKFiYMwYOR8qNSetH_8l7lMwuQ1PwIvGFqilwEaOBTdfrUQ==

GET
H2 200 uW5A-9M9qu_.css
static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ Frame D145 18 KB
5 KB 23ms
7ms Stylesheet
text/css 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/uW5A-9M9qu_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

417dbce419383072377a955804304271ad17feb16889c06d05023898df3b6a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wNfQQXzjcvSHi20fs+m+0w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 4761
x-fb-rlafr: 0
x-fb-debug: dqrWglxUOAP0bKHaiahx65P2E6SyjXIqq5+y2g3aV9MSDqPskSvh0FONJfKhijCOXvdW+ayO5JplMsWQt00fkA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:50:03 GMT

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame DEF1
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg

2 B
19 B

287ms
273ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Mon, 20 Jun 2022 07:27:20 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame DEF1 0
170 B 505ms
165ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 7C47 0
170 B 507ms
167ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame A907 0
170 B 508ms
169ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame DEF1 0
159 B 922ms
319ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.42167998734918144
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame A907
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=QVDsCVU1DKuGGCdOWCGwYg

2 B
19 B

289ms
275ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=QVDsCVU1DKuGGCdOWCGwYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Mon, 20 Jun 2022 07:27:20 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=QVDsCVU1DKuGGCdOWCGwYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame A907
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=OGv-he6UA06Cy92VWCGwYg

2 B
19 B

288ms
274ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=OGv-he6UA06Cy92VWCGwYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Mon, 20 Jun 2022 07:27:20 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=OGv-he6UA06Cy92VWCGwYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame DEF1
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=Pe92jM3UDF-iav8cWCGwYg

2 B
19 B

288ms
274ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=Pe92jM3UDF-iav8cWCGwYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Mon, 20 Jun 2022 07:27:20 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=Pe92jM3UDF-iav8cWCGwYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 53ms
30ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=373935847.1655710039&jid=1343033082&_u=IEBAAEAAAAAAAC~&z=1655056487

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 54ms
32ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=373935847.1655710039&jid=1343033082&_u=IEBAAEAAAAAAAC~&z=1655056487

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame F58F 0
249 B 313ms
272ms Document
text/html 34.117.219.39
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&CFFPCKUUID=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 07:27:19 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame DEF1 4 KB
2 KB 968ms
568ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Mon, 20 Jun 2022 07:37:20 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame B834 0
82 B 309ms
276ms Document
text/html 34.117.219.39
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&CFFPCKUUID=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 07:27:19 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 7C47 4 KB
2 KB 679ms
287ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Mon, 20 Jun 2022 07:37:20 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame E06F 0
82 B 297ms
274ms Document
text/html 34.117.219.39
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&CFFPCKUUID=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 07:27:19 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame A907 4 KB
2 KB 671ms
288ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Mon, 20 Jun 2022 07:37:20 GMT

GET
H2 200 2022-%E8%A1%8C%E5%8B%95%E6%94%AF%E4%BB%98%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2022/01/ 52 KB
53 KB 542ms
413ms Image
image/webp 192.0.78.244
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2022/01/2022-%E8%A1%8C%E5%8B%95%E6%94%AF%E4%BB%98%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.244 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fb2b243a4c105e30f1a8a0ba603238f0d06ff0253268c66be2e4d8b7a57c7bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
x-ac: 2.hhn _atomic_ams
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-length: 53574
x-nc: HIT bur 6
last-modified: Thu, 03 Feb 2022 18:57:56 GMT
server: nginx
etag: "696835099bef61aa"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Sun, 04 Feb 2024 06:57:56 GMT

GET
H2 200 1655647916-f62a15cf97de3f9a65cc17f74b1ffd2d-840x525.jpg
img.gbyhn.com.tw/2022/06/ 46 KB
46 KB 626ms
15ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.gbyhn.com.tw/2022/06/1655647916-f62a15cf97de3f9a65cc17f74b1ffd2d-840x525.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e754c73ba1ce92fc14a6d0e18fccb7b509b128e4c93d820e1afba7f31aed63e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55516
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46602
last-modified: Sun, 19 Jun 2022 14:11:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqsA4lbGTrpIJTuDEKBkTzsrKKoEHiVvd7RfieLPFOihA8QpgA1X1wLovY%2BZeiG%2FLsPgoA%2FKxLsPArnBpU3CPUF1A1quhqLkZWxqky%2BGCVhrkQgxaKxMBSWjpN1Io81L9WJWC1uOenxDQNNBtZ9I"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 71e2c807eb096946-FRA
expires: Sun, 26 Jun 2022 15:04:01 GMT

GET
H2 200 file.png
static.wixstatic.com/media/8d2acb_fdb46ac5354548829f23a46cc4d4a954~mv2.jpeg/v1/fit/w_1000,h_720,al_c,q_80/ 1 MB
1 MB 36ms
9ms Image
image/png 34.102.176.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/8d2acb_fdb46ac5354548829f23a46cc4d4a954~mv2.jpeg/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: 42176dd8bba6d2b3043429bc0f0401f069e2c8e3e2642fa3f2cfef58cad0071b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 10:45:51 GMT
via: 1.1 google
server: openresty/1.19.9.1
age: 247288
etag: ""
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
content-length: 1235774
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wix-tracer: 2AhXNdsznCCwou6rdwBu1Kbsgtk
x-seen-by: image-manipulator-6cf84679cc-wv4lz

GET
H2 200 1653215412-S__67641348.jpg
i0.wp.com/golike.tw/wp-content/uploads/2022/05/ 38 KB
38 KB 49ms
12ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2022/05/1653215412-S__67641348.jpg?fit=767%2C555&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

827ff17fe2fe5ba8bf91ae0ff74dfdccc6ecf4200179f9a1ec4b06b1fe1b6457

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Mon, 20 Jun 2022 07:27:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 17 Jun 2022 08:25:35 GMT
server: nginx
etag: "fdbb60ef0f174066"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2022/05/1653215412-S__67641348.jpg>; rel="canonical"
content-length: 39018
expires: Sun, 16 Jun 2024 20:25:35 GMT

GET
H2 200 2022051801313495.jpg
img.racingcharger.tw/wp-content/uploads/ 184 KB
184 KB 55ms
20ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2022051801313495.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13ace3000c230275163af5eb27c262bc3788baa569bd5f4ebf8acdbc9b368650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:19 GMT
cf-cache-status: HIT
last-modified: Wed, 18 May 2022 01:31:41 GMT
server: cloudflare
age: 25469
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkhWcI6WUxf3H%2BeIZbpbCk9QX7aUQlNDJCU9LrxCMKvcKyQLeUmLPHLfdoocExljzoOomtj9uJorxhYPpkkX9ffruPgY%2BPtI%2FWI3CaWea33Au%2FjJSAXh1wBu97ZESx8uUKQ1Onk6wbTrPPd47dl%2BNOGycw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71e2c8047cff9b7c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 187919

GET
H2 200 %E4%BF%A1%E8%B2%B8%E6%A1%88%E4%BE%8B69.png
blog.alphaloan.co/wp-content/uploads/2022/06/ 274 KB
274 KB 448ms
413ms Image
image/png 192.0.78.187
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2022/06/%E4%BF%A1%E8%B2%B8%E6%A1%88%E4%BE%8B69.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9507c82f63728034db45af7acd453276bfa6185dc77051a1c9ba4e832768decf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Tue, 07 Jun 2022 02:54:43 GMT
server: nginx
etag: "629ebdf3-4474e"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 280398
expires: Mon, 27 Jun 2022 07:27:19 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 7C47 10 KB
10 KB 13ms
12ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13799&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=881&o=1&d=1&b=2&ts=1&ii=3&FPCK=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 59
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:20 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: u4ec7XCOvzT16FbUi6O-dxUNsteEylc4stOp256YPu8EE6rfBPOYRg==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame A907 10 KB
10 KB 12ms
11ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13800&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=744&o=1&d=1&b=2&ts=1&ii=3&FPCK=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 59
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:20 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: ZyL5rTQvUJYvoJuw1cGsTeXDUlzXlQtI6fBPXwluK9I4G1CJGgNHXw==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame DEF1 10 KB
10 KB 8ms
8ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=12684&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=848&o=1&d=1&b=2&ts=1&ii=undefined&FPCK=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 59
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:20 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: kg64k_xkNR2vr6MTr3007gTXvoB5o0pYvYO80gNe75Jp0YrYQpRTCg==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 69C1 37 B
409 B 287ms
286ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

a801f509980cd5d4664fa7286b038ed2218bf86ed18764e0b888754c802c6a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 1F5D 37 B
408 B 286ms
286ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

eaea8ddb719a53bc859375a2c3374863235dda6ea282e88c0fb44485a4c1f84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 7C47 37 B
402 B 287ms
286ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

f383cc0edd288e856898ee96b33d5a77464462ecd954bfa0e0452d9527e2d5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame A907 37 B
402 B 286ms
286ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

f286ee2ad5013b97e2c50ef239f0aa3f379d6fb2cb1246be680571740bc01dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame DEF1 37 B
402 B 287ms
287ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

20745e277afb374d4cb9753d5297a70358278885026bdaf225b961dd5d4a7712

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 37ms
23ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5279558a5bf3ca716e08f221777e788f941780427bb3a537122ec4eb9a1778ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10619
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 79FB 15 KB
6 KB 61ms
20ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7425ddfd92670868e11419c944b64876cfcb7e0cfd95b163dc0edd4e5923718c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6149
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:27:20 GMT
server-processing-duration-in-ticks: 1816
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 69C1 30 B
278 B 287ms
287ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=0b47ae6b-b82c-43fb-ad6f-8359fe175e79

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 1F5D 30 B
278 B 288ms
288ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=687d2f01-5c1a-4da3-b97e-653aaa61aa4f

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 7C47 30 B
271 B 287ms
287ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=5ab4284c-7222-4470-8b2e-ddb7b5817a6c

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame A907 30 B
271 B 288ms
288ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=5ab4284c-7222-4470-8b2e-ddb7b5817a6c

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 733ms
705ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Jun 2022 07:27:21 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 79FB
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=e-QnGnxLUmNValRmZkFOOGZvNzBlV1ltMnRXeStEQzNtWWNhdFJBamNVNG0yb3pFVXp1WDdiZ3ZKdzI4czFjOVpvVU9HaldjNDMwU3RDQnpZWnJVRUtMUWgreTNoZDVrTkJRL3ZHT0pkYUpKZnkzaFFkakt5RXNUdjZ1b0...

435 B
633 B

168ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=e-QnGnxLUmNValRmZkFOOGZvNzBlV1ltMnRXeStEQzNtWWNhdFJBamNVNG0yb3pFVXp1WDdiZ3ZKdzI4czFjOVpvVU9HaldjNDMwU3RDQnpZWnJVRUtMUWgreTNoZDVrTkJRL3ZHT0pkYUpKZnkzaFFkakt5RXNUdjZ1b04vOXE1RGhDb0pZZzdZd3VEVEc1NXRGSk9ySkgzVXRwWG4xaGd4NkxSSnJxYklnVXZldEgvTzZET1N5Y2ExYlRzd3A1WlhUY3pRaFVRM3lQV1JvWWJ5RVBiaU8yYVFGZm5kcGF4WUtrbG1lMWJJclN4LzAzSXc2cWI2STlXZ2h0c3R0VmZId3JkbGUvNVhlVFlzN1lhUFVxOHR3cFl3Zz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d834e40dd69bca9cade844f9b6b0b9c577cd80fbabc11c74dfb1ef62636a70d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4846
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:20 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=e-QnGnxLUmNValRmZkFOOGZvNzBlV1ltMnRXeStEQzNtWWNhdFJBamNVNG0yb3pFVXp1WDdiZ3ZKdzI4czFjOVpvVU9HaldjNDMwU3RDQnpZWnJVRUtMUWgreTNoZDVrTkJRL3ZHT0pkYUpKZnkzaFFkakt5RXNUdjZ1b04vOXE1RGhDb0pZZzdZd3VEVEc1NXRGSk9ySkgzVXRwWG4xaGd4NkxSSnJxYklnVXZldEgvTzZET1N5Y2ExYlRzd3A1WlhUY3pRaFVRM3lQV1JvWWJ5RVBiaU8yYVFGZm5kcGF4WUtrbG1lMWJJclN4LzAzSXc2cWI2STlXZ2h0c3R0VmZId3JkbGUvNVhlVFlzN1lhUFVxOHR3cFl3Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1548
content-length: 541
expires: 0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 6DE8 6 KB
7 KB 7ms
6ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
age: 42
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:26:39 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: hFjawLYvcGESG4gM1STLMYkNt0oKeML7KdnOZ3l4-dFn4MKI1r6pXw==

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame DDC3 6 KB
7 KB 8ms
7ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
age: 42
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:26:39 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: DQb735O-pgxcJCxTf5BhcFCFHzV3eGhnIu8tUPZIzKwsa_CetxOVwQ==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 0080 3 KB
3 KB 7ms
7ms Document
text/html 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40
content-length: 3044
content-type: text/html
date: Mon, 20 Jun 2022 07:26:40 GMT
etag: "b585383190cc538c34a520974872d918"
last-modified: Thu, 24 Mar 2022 11:21:34 GMT
server: AmazonS3
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id: xnFb-1WN_e1ZleYbuHNwzP5h1_110JGJQ62R2n3n-jiWoJ7qfZ6k0A==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 6DE8 662 B
1004 B 7ms
6ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
age: 40
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:26:40 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 662
x-amz-cf-id: 37VzbY4pmgjG5J6Wj-OWLZHo0ZUOlgfNGPKvwVusx_oCTCzEEEmlcw==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame D840 6 KB
6 KB 6ms
6ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 40
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:26:40 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: VGGjIQu3_1UIOOgKTr_0uTuGEipU6evuvqzRwWGcF3Sl-VQBKUXHYg==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 7CEE 3 KB
3 KB 7ms
7ms Document
text/html 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40
content-length: 3044
content-type: text/html
date: Mon, 20 Jun 2022 07:26:40 GMT
etag: "b585383190cc538c34a520974872d918"
last-modified: Thu, 24 Mar 2022 11:21:34 GMT
server: AmazonS3
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id: A9uz-l4WqGMR0HZ8YXYulBIhqxoJo32Ovf15x4hq2wst-2Nfy2x-_A==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame DDC3 662 B
1003 B 7ms
6ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
age: 40
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:26:40 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 662
x-amz-cf-id: TrVaPu-u5MRItVuWzaembcr3PixHupENmbj0EHjiYODAZDP6WbLB-w==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 86BA 6 KB
6 KB 7ms
7ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 40
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:26:40 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: XJHRN4Nd4iGTcSHpwOcTsVy_mOXPk8-D-7jy1MOrNdz1tpQPo-Is4A==

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 7941 95 B
241 B 109ms
108ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 07:27:20 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 0080 4 KB
2 KB 285ms
284ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Mon, 20 Jun 2022 07:37:20 GMT

GET
H3 200 cm
c.holmesmind.com/ Frame 0080 0
15 B 424ms
423ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 0080 35 B
470 B 835ms
204ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 07:27:21 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Content-Type: image/gif
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2

200

google
m.holmesmind.com/ml/ Frame 0080
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined&google_gid=CAESEC2k2kCg-RKiNAW0IL58K8c&google_cver=1

0
142 B

950ms
927ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined&google_gid=CAESEC2k2kCg-RKiNAW0IL58K8c&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
x-guploader-uploadid: ADPycdsujoCdvL0foAue0geNH5-YP3-zbdAt3JkXMwEkanIX1yFxIWtokaxcEDBnoAt62qB2l_B5QHRnMwcvVH9b4ImOevdgW7nc
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation: 1519198601160228
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
content-type: image/png
expires: Mon, 20 Jun 2022 08:27:21 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.holmesmind.com/ml/google?cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined&google_gid=CAESEC2k2kCg-RKiNAW0IL58K8c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame D840 668 B
660 B 14ms
14ms Script
text/html 2600:9000:2250:2400:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13802
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5c9b0652899d3687ea14076efe8f4144d1317fe1073dd7f1e87af7413408339a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:23:23 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 237
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: zo0qY0TjuampsgA-3lAH8HPGRtpi9aoqrCStXL_Hcw-aRAMhumKdkQ==
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)

GET
H3 200 cm
c.holmesmind.com/ Frame 7CEE 0
15 B 424ms
424ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 1E47 95 B
222 B 114ms
114ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 07:27:20 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 7CEE 4 KB
2 KB 285ms
284ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Mon, 20 Jun 2022 07:37:20 GMT

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 7CEE 35 B
470 B 861ms
205ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 07:27:21 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Content-Type: image/gif
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2

200

google
m.holmesmind.com/ml/ Frame 7CEE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined&google_gid=CAESEMMfFfCqZLrC757bwogi3yg&google_cver=1

0
165 B

541ms
519ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined&google_gid=CAESEMMfFfCqZLrC757bwogi3yg&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
x-guploader-uploadid: ADPycduz0DBetBSiwGOhhKBfKb4L2c0Fx3BVpS6QRb8or3iH03apZ1l-7Xscz0O6TA32VfvxHakli1if-yKr6YYZStIpHWFg_M3Z
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation: 1519198601160228
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
content-type: image/png
expires: Mon, 20 Jun 2022 08:27:21 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.holmesmind.com/ml/google?cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined&google_gid=CAESEMMfFfCqZLrC757bwogi3yg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 479C 6 KB
7 KB 6ms
6ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
age: 42
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:26:39 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: 3Zd9wRTFym7rzzu9S043YFgY7SdjJKUZV2Ss4jBYiHCQZlh6cgjk_w==

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 86BA 668 B
660 B 16ms
15ms Script
text/html 2600:9000:2250:2400:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13803
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5c9b0652899d3687ea14076efe8f4144d1317fe1073dd7f1e87af7413408339a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:23:21 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 239
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: ft4EUGGsi2upn-OXfc-kS22y29_Rf2C0F2Myr2IXdil0yUoGAzxCTQ==
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 7C47 0
187 B 289ms
288ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&mp=5ab4284c-7222-4470-8b2e-ddb7b5817a6c

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
5ab4284c-7222-4470-8b2e-ddb7b5817a6c.t.ssp.hinet.net/ Frame 7C47 0
80 B 1709ms
295ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5ab4284c-7222-4470-8b2e-ddb7b5817a6c.t.ssp.hinet.net/pixel?bd=5ab4284c-7222-4470-8b2e-ddb7b5817a6c&t=50ef57

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 pixel
5ab4284c-7222-4470-8b2e-ddb7b5817a6c.t.ssp.hinet.net/ Frame A907 0
79 B 1708ms
295ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5ab4284c-7222-4470-8b2e-ddb7b5817a6c.t.ssp.hinet.net/pixel?bd=5ab4284c-7222-4470-8b2e-ddb7b5817a6c&t=50ef57

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame A907 0
187 B 288ms
287ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&mp=5ab4284c-7222-4470-8b2e-ddb7b5817a6c

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame D840 3 KB
1 KB 256ms
256ms Script
text/html 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13802&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=503&o=1&d=1&b=2&ts=1&ii=2&FPCK=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d7bb7265b11dc7a034cdb8e62fec5f1f3dc2174b98e3e5dd00db79e64b6fb7b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame D840 3 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 29
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: JxTVo5UJK1PGvxHxUrUjTm1x_ULXBPEqXqi2drSh_qW9gIm2aGPUBA==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame D840 119 KB
39 KB 23ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-1dc01"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Jun 2022 07:27:20 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame D840 2 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
age: 41
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: 2DzOaKtNcbU94O2T3JihqWqm-36u4lLesZ_baSkzjnRhQmtawm0orA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame D840 3 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 15
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: Os1bERHPLGuQ0puBfGu9Uqh6FVWPoMYApNMZWNciUkzpni4KiHwOQQ==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame BEC0 3 KB
3 KB 8ms
8ms Document
text/html 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40
content-length: 3044
content-type: text/html
date: Mon, 20 Jun 2022 07:26:40 GMT
etag: "b585383190cc538c34a520974872d918"
last-modified: Thu, 24 Mar 2022 11:21:34 GMT
server: AmazonS3
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id: f0PrdGefOtkKpcoLHv2Hcyc4LuGp4dYovVJ_KfdoYTF99IngbqzKDA==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 479C 662 B
1003 B 7ms
6ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
age: 40
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:26:40 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 662
x-amz-cf-id: T1p4ZH2qvP-5yDSCDV6jl2GEhnph6377ZiZu9tA15JqtvasFRfvu_Q==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 4FB8 6 KB
6 KB 8ms
8ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 40
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:26:40 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: dC1AX1k3JJp3UvyoKJVerK3TmabX4kaK9oMp8Q7-4p0l0WZ0laqwqA==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame D840 0
170 B 165ms
164ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:20 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame D840
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg

2 B
19 B

273ms
273ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame D840
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg

2 B
19 B

271ms
271ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 86BA 3 KB
1 KB 318ms
318ms Script
text/html 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13803&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=489&o=1&d=1&b=2&ts=1&ii=2&FPCK=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: da97bbc559f8872e9d65cc78f36b414be8f187a67948de066794a2ffbb1d8f9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 86BA 3 KB
3 KB 7ms
6ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 29
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: wNAn6b6bWyeesjRCO4AY0U545neAoWGRfY-Y6P_L8E_8nDj3Hf-YjA==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 86BA 119 KB
39 KB 26ms
25ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-1dc01"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Jun 2022 07:27:20 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 86BA 2 KB
3 KB 7ms
6ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
age: 41
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: CwyNo9vkUujxw9yklCQ2jb1hZ1QPVNRwco1ct_YVqOyuJswz1iEi6g==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 86BA 3 KB
3 KB 7ms
7ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 15
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: P_mqHoT9zNRhopy_gBK5_jOjuOVXjPqysW15dm_OvVpN9k1Rk8B3qQ==

GET
H3 200 cm
c.holmesmind.com/ Frame BEC0 0
15 B 431ms
431ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 09F5 95 B
222 B 109ms
108ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 86
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 07:27:20 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame BEC0 4 KB
2 KB 285ms
284ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Mon, 20 Jun 2022 07:37:20 GMT

GET
H/1.1 200
OK /
cm.lndata.com/ Frame BEC0 35 B
470 B 919ms
236ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 07:27:21 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Content-Type: image/gif
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2

200

google
m.holmesmind.com/ml/ Frame BEC0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined&google_gid=CAESECUMfwjjpiR809xZH_TKNJA&google_cver=1

0
479 B

289ms
267ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined&google_gid=CAESECUMfwjjpiR809xZH_TKNJA&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
x-guploader-uploadid: ADPycdsr8uWlTcX6to2_DMntcQfTgYGe2SqBBvNusfA5sbRWxidxKvksrrbdmYMTWNQ7pMPkSJ2fSkfwFri1bCWFG4P_HJwPje5A
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation: 1519198601160228
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
content-type: image/png
expires: Mon, 20 Jun 2022 08:27:20 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.holmesmind.com/ml/google?cf_uid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&uu_m=undefined&google_gid=CAESECUMfwjjpiR809xZH_TKNJA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 4FB8 764 B
694 B 10ms
10ms Script
text/html 2600:9000:2250:2400:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=12683
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2400:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9b78e53c08e957d3c108aca00801eb75b820eb311cc7882c8a7905fba96aeda7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:23:22 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 238
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: 2Wvmx_mOyelH6rR_7iwFK6H2NVIK_eFMidcdmn44VEPW5WDVaJIWWg==
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 86BA 0
170 B 164ms
164ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:20 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 86BA
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg

2 B
19 B

272ms
272ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 4FB8 2 KB
1 KB 251ms
249ms Script
text/html 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=12683&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=965&o=1&d=1&b=2&ts=1&ii=2&FPCK=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 05dd9110137391e1666d1a42f023b9d1885247fce3ab7e3981d2823b0fb772a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 4FB8 3 KB
3 KB 8ms
6ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 29
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: M5-OJSoVHewIVbeY5XLD88KE-Du4HcA1kPxELSq-VrWAvtKsfn9R_Q==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 4FB8 119 KB
39 KB 25ms
24ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-1dc01"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Jun 2022 07:27:20 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 4FB8 2 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
age: 41
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: 4qfvdYNMENMl_Y0LP5ScLtdjKFTIybJ-qDOIfGUEgLqggselZIjW5w==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 4FB8 4 KB
5 KB 8ms
7ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
age: 19
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: oRzdKNPI1YFssMjE89Jit18dv84IfHVplgiGLV_2iATDVp8cePJUNA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 4FB8 3 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 15
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: M3KxjPua0rFhv3FaeUK45MCUNPA94kbMd_j_6mE5pnEm9naCv9FJvw==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 4FB8 3 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 15 Oct 2021 07:41:44 GMT
server: AmazonS3
age: 25
etag: "adc35fd9401ac04bdb2a47c466e46174"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:19 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2568
x-amz-cf-id: OIAvDlG2L8fTZ0gJhfiEHOU4EysyasSIhVEq0Y42B967E1u1KwH4Tw==

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame D840 1 KB
1 KB 71ms
28ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=81084592684

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

921d14b76eb8113a677cbc8d538cc7591b3fc79336d97c4f5ac7a84a4c5472cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 827

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CC22 15 KB
6 KB 22ms
21ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7425ddfd92670868e11419c944b64876cfcb7e0cfd95b163dc0edd4e5923718c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6149
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:27:20 GMT
server-processing-duration-in-ticks: 3947
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 4FB8 0
170 B 164ms
164ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:20 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 4FB8 0
27 B 294ms
293ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.08015496761897101
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 4FB8
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg

2 B
19 B

276ms
276ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 4FB8
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg

2 B
19 B

273ms
273ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=dGAtrr63Dq6LyDwBWCGwYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FDC5 15 KB
6 KB 22ms
21ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7425ddfd92670868e11419c944b64876cfcb7e0cfd95b163dc0edd4e5923718c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6149
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:27:20 GMT
server-processing-duration-in-ticks: 4107
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 86BA 1 KB
1 KB 44ms
26ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=123&profileId=184&bundle=lIQpyl9UcWpjVG52VExiak5qZHg3dzJ3ZEtZQmNIcTFkTWhsZ2VZVG5aVU0lMkZvQUxlMzltZjNqWDF0QXg0YlhTOHJrNSUyRlhMOUUxTTJsZE5HM1N5Mm9tcXkydEFJcmNNSEpBViUyQiUyQkFVTURHWDZxUnI3R1NVSG5veUE5V280QXlFdnJEbkRhT0VPODF5dSUyQjVrQ2VXcWRKQ1pkczZ3JTNEJTNE&cb=33212459764

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a7914f46e3ccfbe8ae813f09c71f9ff2bf87d3109605cc271bdd35ed91de7c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 825

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame DEF1 30 B
271 B 289ms
289ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=5ab4284c-7222-4470-8b2e-ddb7b5817a6c

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2

200

sid Show response
mug.criteo.com/ Frame CC22
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=lIQpyl9UcWpjVG52VExiak5qZHg3dzJ3ZEtZQmNIcTFkTWhsZ2VZVG5aVU0lMkZvQUxlMzltZjNqWDF0QX...
https://mug.criteo.com/sid?cpp=_G-9DHxhTk5VRDFnYngvNU5ialJpRjJ0aW16ekJNbEtFYVlENzNwSVkxUDJuRzM3UFd4Ukp4bFMzNkFBdS8vZFcrc2tTck5NM0wveE1jdlpwQ0VCS3Y4ODBIcXBXQi9OWTN6V2JCTUc4alV6aGZCWmF0Znh1RHdXYWlFS2...

417 B
629 B

19ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_G-9DHxhTk5VRDFnYngvNU5ialJpRjJ0aW16ekJNbEtFYVlENzNwSVkxUDJuRzM3UFd4Ukp4bFMzNkFBdS8vZFcrc2tTck5NM0wveE1jdlpwQ0VCS3Y4ODBIcXBXQi9OWTN6V2JCTUc4alV6aGZCWmF0Znh1RHdXYWlFS2tzbWNUdVR4M3dhaEpjUDB5M21CRG50UjBZampHclNHYUU1Mm9COWR4VmFsSk0wOGxrc2phSjVISmx5NjFseGFlOEJ3RCtmSXJhUTRMM1B3akthN2RDWDV2bk0rcWJ4blB6QUUyYStjbkNObXVoK1ZRNVFCdXIyQ1I2Wk1KanBOZzlUbEo3VGcyQmxEUEFTTlo4ODhZdUJOSE5qM0RLUT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

417c42f2898e8d6308a7a50aceec81456a6df6fa1807abb1972d22753ef30824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3634
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:20 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=_G-9DHxhTk5VRDFnYngvNU5ialJpRjJ0aW16ekJNbEtFYVlENzNwSVkxUDJuRzM3UFd4Ukp4bFMzNkFBdS8vZFcrc2tTck5NM0wveE1jdlpwQ0VCS3Y4ODBIcXBXQi9OWTN6V2JCTUc4alV6aGZCWmF0Znh1RHdXYWlFS2tzbWNUdVR4M3dhaEpjUDB5M21CRG50UjBZampHclNHYUU1Mm9COWR4VmFsSk0wOGxrc2phSjVISmx5NjFseGFlOEJ3RCtmSXJhUTRMM1B3akthN2RDWDV2bk0rcWJ4blB6QUUyYStjbkNObXVoK1ZRNVFCdXIyQ1I2Wk1KanBOZzlUbEo3VGcyQmxEUEFTTlo4ODhZdUJOSE5qM0RLUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1581
content-length: 541
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3151 15 KB
6 KB 24ms
24ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7425ddfd92670868e11419c944b64876cfcb7e0cfd95b163dc0edd4e5923718c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6149
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:27:20 GMT
server-processing-duration-in-ticks: 3807
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame FDC5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=lIQpyl9UcWpjVG52VExiak5qZHg3dzJ3ZEtZQmNIcTFkTWhsZ2VZVG5aVU0lMkZvQUxlMzltZjNqWDF0QX...
https://mug.criteo.com/sid?cpp=T31panwxYWdLek5KdUFjeU1wdTJEeThQdkIrSks5TFJYeU1nWWlhSmpZM3J6RUJ4WmhwMVJ1TUxnanEwRzVOMXdGa1lrbzdod3E3STlhOHRJK2tmUlBwOW5uemw0RjlPY0podG5FN24xbHlHRUYwZjdrQ1VUWklJbEtrUT...

428 B
632 B

19ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=T31panwxYWdLek5KdUFjeU1wdTJEeThQdkIrSks5TFJYeU1nWWlhSmpZM3J6RUJ4WmhwMVJ1TUxnanEwRzVOMXdGa1lrbzdod3E3STlhOHRJK2tmUlBwOW5uemw0RjlPY0podG5FN24xbHlHRUYwZjdrQ1VUWklJbEtrUTljMTYwMGpDOEVScFdCNlNYT2hYR1FjaURJd3dMb1o1TlFDeXJvU1hQY0k4S2lJQnk5NkV5Y2FkRVVzVU9Zb2dFWWt1YTRDYk93c1AzSUVzeXJvTkN5d1JIakNJRi93WVFYWnlSR2UrTTR2aUdpYUVqOVdJcHdhUjlBR3BkVk1RdHZhcjZoYjdGZ0hrR0Q3NS9aSDNsNWZOY2YwVnhtZz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

24bc6c6c448a9a78eb0f0f9e43f3cc07b70ff435ab8963aaefb8b98cafb8a5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:19 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3650
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:20 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=T31panwxYWdLek5KdUFjeU1wdTJEeThQdkIrSks5TFJYeU1nWWlhSmpZM3J6RUJ4WmhwMVJ1TUxnanEwRzVOMXdGa1lrbzdod3E3STlhOHRJK2tmUlBwOW5uemw0RjlPY0podG5FN24xbHlHRUYwZjdrQ1VUWklJbEtrUTljMTYwMGpDOEVScFdCNlNYT2hYR1FjaURJd3dMb1o1TlFDeXJvU1hQY0k4S2lJQnk5NkV5Y2FkRVVzVU9Zb2dFWWt1YTRDYk93c1AzSUVzeXJvTkN5d1JIakNJRi93WVFYWnlSR2UrTTR2aUdpYUVqOVdJcHdhUjlBR3BkVk1RdHZhcjZoYjdGZ0hrR0Q3NS9aSDNsNWZOY2YwVnhtZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1552
content-length: 541
expires: 0

POST
H2 204 events
bidder.criteo.com/csm/ Frame 86BA 0
209 B 15ms
15ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ Frame D840 0
209 B 15ms
15ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3151
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=lIQpyl9UcWpjVG52VExiak5qZHg3dzJ3ZEtZQmNIcTFkTWhsZ2VZVG5aVU0lMkZvQUxlMzltZjNqWDF0QX...
https://mug.criteo.com/sid?cpp=XoQ7v3w2d1BxZTJ2aTFjbEpSYnZ3N3NpQ3cxYWJQak5JYXl6UHdZSFZlSW1lTTh6TTYyelp2NXdCc1FMYmtHbWsvQzRYQUYwcTB1OGpGYUIwcHp0Q01mRWpZZ1MrTGxLTWhMQ0F2NWwvUkN6TURNdWlmR2pNMUdnSkRQUV...

417 B
630 B

19ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XoQ7v3w2d1BxZTJ2aTFjbEpSYnZ3N3NpQ3cxYWJQak5JYXl6UHdZSFZlSW1lTTh6TTYyelp2NXdCc1FMYmtHbWsvQzRYQUYwcTB1OGpGYUIwcHp0Q01mRWpZZ1MrTGxLTWhMQ0F2NWwvUkN6TURNdWlmR2pNMUdnSkRQUVJkWUdUcVMyRmpYTXN2Z0dMWTkwaUhMb1FWNjJhdTF3RExsT0RmNkU0THlDeGpsWi9sMnhaYlZpa2g3ZGVGd0UxbEhPa2J0T1dvQTg3NjZ6VHNOY3IrVnFpYnJJMEpFQjlRUTJqZG5idXUxb2hmcTBkVkxrTTVMUSsybzVMQkxxcEptWTZOem5jekx3Y3hOMnBmWE9TNHNUTGhpYXM2dz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d84f83bf8f6b1c7840c91680eab9faeed0291e9ceb273f1a92a34dd6f45032f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3575
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:20 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=XoQ7v3w2d1BxZTJ2aTFjbEpSYnZ3N3NpQ3cxYWJQak5JYXl6UHdZSFZlSW1lTTh6TTYyelp2NXdCc1FMYmtHbWsvQzRYQUYwcTB1OGpGYUIwcHp0Q01mRWpZZ1MrTGxLTWhMQ0F2NWwvUkN6TURNdWlmR2pNMUdnSkRQUVJkWUdUcVMyRmpYTXN2Z0dMWTkwaUhMb1FWNjJhdTF3RExsT0RmNkU0THlDeGpsWi9sMnhaYlZpa2g3ZGVGd0UxbEhPa2J0T1dvQTg3NjZ6VHNOY3IrVnFpYnJJMEpFQjlRUTJqZG5idXUxb2hmcTBkVkxrTTVMUSsybzVMQkxxcEptWTZOem5jekx3Y3hOMnBmWE9TNHNUTGhpYXM2dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1232
content-length: 541
expires: 0

GET
H3 200 landing.php Show response
fp.holmesmind.com/ Frame A05B 0
37 B 271ms
263ms Document
text/html 34.117.219.39
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&CFFPCKUUID=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame D840 4 KB
2 KB 285ms
284ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Mon, 20 Jun 2022 07:37:21 GMT

GET
H3 200 landing.php Show response
fp.holmesmind.com/ Frame B61F 0
37 B 264ms
264ms Document
text/html 34.117.219.39
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&CFFPCKUUID=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 86BA 4 KB
2 KB 285ms
284ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Mon, 20 Jun 2022 07:37:21 GMT

GET
H3 200 landing.php Show response
fp.holmesmind.com/ Frame 9AC7 0
37 B 263ms
263ms Document
text/html 34.117.219.39
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&CFFPCKUUID=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 4FB8 4 KB
2 KB 285ms
284ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Mon, 20 Jun 2022 07:37:21 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame D840 10 KB
10 KB 8ms
7ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13802&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=503&o=1&d=1&b=2&ts=1&ii=2&FPCK=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 60
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:20 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: TGb7Y0GDEQa1UMUqDt7osBSLZ8taGe6KwdoJ6nNewjDvHQl0KV4IrQ==

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 6DE8 0
214 B 862ms
370ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D43618%26Tags%3D2006%2C2005%2C2004%2C2003
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 6DE8 0
214 B 864ms
372ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D45589%26Tags%3D2004%2C2003%2C2002
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 6DE8 0
214 B 944ms
452ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D45618%26Tags%3D2004%2C2003%2C2002
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 6DE8 0
214 B 865ms
373ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D45621%26Tags%3D2004%2C2003%2C2002
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 6DE8 0
214 B 867ms
375ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D45591%26Tags%3D2004%2C2003%2C2002
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 6DE8 0
214 B 864ms
372ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D45595%26Tags%3D2004%2C2003%2C2002
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 6DE8 0
215 B 366ms
364ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D45599%26Tags%3D2004%2C2003%2C2002
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 6DE8 0
214 B 453ms
452ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D45620%26Tags%3D2004%2C2003%2C2002
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 6DE8 0
214 B 589ms
587ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D44161%26Tags%3D2010%2C2009%2C2005%2C2004%2C2003%2C2002
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 0080 36 B
408 B 289ms
288ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

dc2547cdda57dbb415e747b977f626150c74dc82c8995c1abdf48925546184c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
5ab4284c-7222-4470-8b2e-ddb7b5817a6c.t.ssp.hinet.net/ Frame DEF1 0
79 B 1436ms
295ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5ab4284c-7222-4470-8b2e-ddb7b5817a6c.t.ssp.hinet.net/pixel?bd=5ab4284c-7222-4470-8b2e-ddb7b5817a6c&t=50ef57

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame DEF1 0
187 B 288ms
288ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&mp=5ab4284c-7222-4470-8b2e-ddb7b5817a6c

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 7CEE 36 B
408 B 288ms
287ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

dc2547cdda57dbb415e747b977f626150c74dc82c8995c1abdf48925546184c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 4FB8 10 KB
10 KB 7ms
7ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=12683&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=965&o=1&d=1&b=2&ts=1&ii=2&FPCK=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 60
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:20 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: -O2NNoNO9hnXpH8zpE1fbifn6odYSaR_i2Y6vdVpotwANimLrlV3rg==

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 479C 0
214 B 591ms
590ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D44161%26Tags%3D2010%2C2009%2C2005%2C2004%2C2003%2C2002
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame BEC0 36 B
408 B 287ms
287ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

dc2547cdda57dbb415e747b977f626150c74dc82c8995c1abdf48925546184c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 86BA 10 KB
10 KB 7ms
7ms Script
application/javascript 2600:9000:206f:4a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13803&rf=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&n=489&o=1&d=1&b=2&ts=1&ii=2&FPCK=3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 60
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 20 Jun 2022 07:27:20 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: F-unNAMZyGe90DVx-PM-uU2rW1DPlhKMyJNXc4P4OHkngKZXUYUXFA==

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame DDC3 0
214 B 598ms
596ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D43618%26Tags%3D2006%2C2005%2C2004%2C2003
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame DDC3 0
214 B 602ms
600ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D45618%26Tags%3D2004%2C2003%2C2002
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame DDC3 0
214 B 588ms
587ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D45595%26Tags%3D2004%2C2003%2C2002
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame DDC3 0
214 B 604ms
603ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D45589%26Tags%3D2004%2C2003%2C2002
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame DDC3 0
214 B 597ms
596ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D45621%26Tags%3D2004%2C2003%2C2002
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame DDC3 0
214 B 600ms
599ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D45620%26Tags%3D2004%2C2003%2C2002
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame DDC3 0
214 B 596ms
595ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D45591%26Tags%3D2004%2C2003%2C2002
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame DDC3 0
214 B 600ms
598ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D45599%26Tags%3D2004%2C2003%2C2002
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame DDC3 0
214 B 603ms
602ms Image
text/html 54.95.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO%26SID%3D44161%26Tags%3D2010%2C2009%2C2005%2C2004%2C2003%2C2002
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.78.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-78-196.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame D840 36 B
401 B 286ms
286ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

dc2547cdda57dbb415e747b977f626150c74dc82c8995c1abdf48925546184c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 612D 13 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:26:42 GMT
expires: Tue, 20 Jun 2023 07:26:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DA71 783 B
534 B 38ms
18ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a6ba582790415c2e2c41fb37172b8120116735af5b1766aa867f8f1e52878726

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UWT2EfiEH8TCARtoLUXuiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-UWT2EfiEH8TCARtoLUXuiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:27:21 GMT
expires: Mon, 20 Jun 2022 07:27:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 0080 30 B
278 B 287ms
287ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=c23fe1b8-4f6b-4d64-bb52-0e56731edff0

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 7CEE 30 B
278 B 287ms
287ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=c23fe1b8-4f6b-4d64-bb52-0e56731edff0

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame 612D 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 17:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Jun 2023 17:35:00 GMT

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame BEC0 30 B
278 B 288ms
288ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=c23fe1b8-4f6b-4d64-bb52-0e56731edff0

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA71 0
0 55ms
55ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=3472745739392403&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 612D 0
9 B 8ms
8ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NwSjhg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 0080 0
194 B 289ms
289ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&mp=c23fe1b8-4f6b-4d64-bb52-0e56731edff0

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
c23fe1b8-4f6b-4d64-bb52-0e56731edff0.t.ssp.hinet.net/ Frame 0080 0
79 B 1230ms
566ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c23fe1b8-4f6b-4d64-bb52-0e56731edff0.t.ssp.hinet.net/pixel?bd=c23fe1b8-4f6b-4d64-bb52-0e56731edff0&t=cf

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 pixel
c23fe1b8-4f6b-4d64-bb52-0e56731edff0.t.ssp.hinet.net/ Frame 7CEE 0
79 B 956ms
294ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c23fe1b8-4f6b-4d64-bb52-0e56731edff0.t.ssp.hinet.net/pixel?bd=c23fe1b8-4f6b-4d64-bb52-0e56731edff0&t=cf

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 7CEE 0
194 B 288ms
288ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&mp=c23fe1b8-4f6b-4d64-bb52-0e56731edff0

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
c23fe1b8-4f6b-4d64-bb52-0e56731edff0.t.ssp.hinet.net/ Frame BEC0 0
79 B 921ms
295ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c23fe1b8-4f6b-4d64-bb52-0e56731edff0.t.ssp.hinet.net/pixel?bd=c23fe1b8-4f6b-4d64-bb52-0e56731edff0&t=cf

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame BEC0 0
194 B 288ms
288ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO&mp=c23fe1b8-4f6b-4d64-bb52-0e56731edff0

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 ajs.php Show response
ads.eu.criteo.com/delivery/r/ Frame 81E7 141 KB
47 KB 166ms
130ms Script
text/javascript 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7Cs90djooKEGcGBlKV8V4sukvvtFvWQsEoge0LxmCi1Fw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bkU6QbForFm9v0N_A7kkGUbIUKwT571k2C50BNSRRBoV7nvAo_6dgVvxnCO7Q8Mqw4z-5BXPZHtM9WiJGXQ6gzcKdvrfNVByXiXjsTqBzgYVVvDdPE0Xk1A30R5YhlZ9xlKyKGO7_qn9I7KK5wVYQ8L9ndH2qh9CQTx63bKvN-QCCySJ5BGczrdPyOLHYbT2c92XlDUlYukmbKir5-8DMHMrityCdLJJGEf1YgAJQYX9C66Vw2Mp5eHT-kujPmMBC5Q1JFqN4oB03tFRFNHo-QME369q4VTSb9-xxDXdDQsD86vParCGiRt4KjxdxcHS_zy4tmuMcSbEGBmi3MfIK2pzF1O8jhe0-Qr58zugHu8gMSGm3MU-JDmiKynrNAYb3Ypv6qgit2-g

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

01997c1d0ecece819f707984fc5a5dce6b5632245746998b3a8b7d22b1994a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:20 GMT
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 114389426
strict-transport-security: max-age=31536000; preload;
pragma: no-cache
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 75A6
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

42 KB
43 KB

104ms
23ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 252
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43274
last-modified: Thu, 10 Feb 2022 09:21:22 GMT
server: cloudflare
etag: "6204d912-a90a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHaHPwoUfhTBJGo%2Bomx68hEYDt%2BroCtjQQBUSbxMfjPBaNJ2%2B5PFpzE8hHsEc6QkfCje61yCf5NdHCMr8b4%2BjhI9ccBIbNFRd3%2Bm6DOUU6nmZ6M%2BkNZ8xRiEnIviGFb0FZXZelG4tvBdiMG5oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 71e2c8139b750e26-MXP

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 ajs.php Show response
ads.eu.criteo.com/delivery/r/ Frame CDF3 164 KB
51 KB 155ms
155ms Script
text/javascript 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7Cs90djooKEGcGBlKV8V4sukvvtFvWQsEoge0LxmCi1Fw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bkU6QbForFm9v0N_A7kkGUbIUKwT571k2C50BNSRRBoQrvN5H_0s3C6_M-ucW0Min85xfwX9Ksdo9lAr3gzHyT0idF0A4RtsTUaaU8VfVZkgsE6niywiWnBAdwKxCxNURngeTzkPqzBhLzQzVzule1lfVcsv4f0fOT-qSUSNH06-37QDL7IpiM5jD5TZpGAgIsP08-3U5dTzpgacEl1s92HCwAQyJOLm_1_JhG7xjfeAdKb0LKVzowTjBAAsy5v5u3HUabHzJMFP5FX2kS0jL7lf3eTsgVw0oPNBIm5-gwvtWZh8aF-E1apwxPNlbwe8MqEmjukKNcE0g-J9E5a1-NWPsEx9ELl3si2WOjVfk7yukI5wcqQfcfSU4Oc8AnNXTJKIPvrd9THw

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

006540e915dc85d811f239faa16acd17cd7b1f6c426538501988494d93d64739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 132832532
strict-transport-security: max-age=31536000; preload;
pragma: no-cache
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame D840 0
187 B 289ms
288ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&mp=c23fe1b8-4f6b-4d64-bb52-0e56731edff0

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
c23fe1b8-4f6b-4d64-bb52-0e56731edff0.t.ssp.hinet.net/ Frame D840 0
79 B 599ms
295ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c23fe1b8-4f6b-4d64-bb52-0e56731edff0.t.ssp.hinet.net/pixel?bd=c23fe1b8-4f6b-4d64-bb52-0e56731edff0&t=50ef57

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 pixel
5ab4284c-7222-4470-8b2e-ddb7b5817a6c.t.ssp.hinet.net/ Frame 86BA 0
79 B 575ms
296ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5ab4284c-7222-4470-8b2e-ddb7b5817a6c.t.ssp.hinet.net/pixel?bd=5ab4284c-7222-4470-8b2e-ddb7b5817a6c&t=50ef57

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 86BA 0
187 B 288ms
287ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&mp=5ab4284c-7222-4470-8b2e-ddb7b5817a6c

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
5ab4284c-7222-4470-8b2e-ddb7b5817a6c.t.ssp.hinet.net/ Frame 4FB8 0
79 B 575ms
296ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://5ab4284c-7222-4470-8b2e-ddb7b5817a6c.t.ssp.hinet.net/pixel?bd=5ab4284c-7222-4470-8b2e-ddb7b5817a6c&t=50ef57

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 4FB8 0
187 B 288ms
287ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL&mp=5ab4284c-7222-4470-8b2e-ddb7b5817a6c

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 dis.aspx Show response
widget.fr.eu.criteo.com/dis/ Frame 438C 5 KB
2 KB 283ms
18ms Document
text/html 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.fr.eu.criteo.com/dis/dis.aspx?pu=149517&cb=62b021591afff6a99399ece2e04234d9

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7Cs90djooKEGcGBlKV8V4sukvvtFvWQsEoge0LxmCi1Fw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bkU6QbForFm9v0N_A7kkGUbIUKwT571k2C50BNSRRBoV7nvAo_6dgVvxnCO7Q8Mqw4z-5BXPZHtM9WiJGXQ6gzcKdvrfNVByXiXjsTqBzgYVVvDdPE0Xk1A30R5YhlZ9xlKyKGO7_qn9I7KK5wVYQ8L9ndH2qh9CQTx63bKvN-QCCySJ5BGczrdPyOLHYbT2c92XlDUlYukmbKir5-8DMHMrityCdLJJGEf1YgAJQYX9C66Vw2Mp5eHT-kujPmMBC5Q1JFqN4oB03tFRFNHo-QME369q4VTSb9-xxDXdDQsD86vParCGiRt4KjxdxcHS_zy4tmuMcSbEGBmi3MfIK2pzF1O8jhe0-Qr58zugHu8gMSGm3MU-JDmiKynrNAYb3Ypv6qgit2-g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9796d180e66645b4bd08c077e0f6d68cd37bdb408f8fd9e11c3c0d6cdc8ddd46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:27:21 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 3541519
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6949 12 KB
6 KB 18ms
18ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Jun 2023 07:27:21 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6949 0
128 B 58ms
17ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=3gtnuBErMDoqNvpXbOBziTrAOtHyXDUtz4qVuRrSPEoyxAfrrRb2z5Y4tPHXPntaEW3OJPCgObpk1OykYH8pQEXVm2nHUGu4U906_vwuwXfir536CNJF2iPWP2w0JSRnfK_WjpAdQzINo_yYXsN14yReZ3X5N4gbe5GZ3P7kYlhmSdFveIlBHE1-EXjUTcA-fC3kBs1pyqUYMSv0vvx-rIYbOWTCtcWWJjy6zXZ_yzZHJboUnqa2PdVSQr8yxoqIrrxXUw&sds=2&rev=81817&sendBeacon=true

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Jun 2022 07:27:21 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6949 2 KB
1 KB 26ms
25ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Jun 2023 07:27:21 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6949 2 KB
1 KB 19ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Jun 2023 07:27:21 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6949 308 B
636 B 19ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 15 Jun 2023 07:27:21 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6949 293 B
621 B 20ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 15 Jun 2023 07:27:21 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 6949 0
689 B 118ms
105ms Image
text/plain 2600:9000:224a:9c00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1655710041
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:9c00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:22 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: kXvwfXivfdciVYzgQqPEBqa-4apmc1figyCdOU-Q0DVB5SFi9zEPVA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 6949 43 B
347 B 185ms
20ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=TAC1r4n4VEF2g4Uqc221GMGoCvaYsC7cc7P5u7jCKJvTuA64V-Pj8sH0w3B1rHJuIr8NhJWtDJLAtGQYFV5m6TKFJrpCWftva_FhTUvOCyatlWBUvPehTnbx75CkYfgiIOtGNzYUW05NOaCRN3jEMKtN9t-57ClpwxIT8YMlS9QpmMM7raR5r4JiF93j2byja_wRYSfmB4D3aibiKBv0tQ_26pvF08Qdj33o51RCqbae7hRXWXoDdC-2oibSmyc4NeUya0o6TsJYT0cKY3iBwrWeDJI0Bx_DKKBZhyvMAks8IpbxmVAbWRrlBQQcfkG-M16AZNmw5_SZ8B5cBstbd15DJT8_avcr-6j_rW-EP9EHSc416Cbl0t7Yukai0n2gImWAl-vVjZInwDt86SUhU8XbaAVL_RjwQlkCOkZCU_QnujHaCCR5K7MmaCIn6QoA8_mCGaPgaYYisSuVeKMoss-85q4

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:21 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4293859
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6949 11 KB
11 KB 55ms
16ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=CxRtjByjbRtf0nK6cmCwL0fZ

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28662876
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10911
expires: Thu, 18 May 2023 01:21:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6949 4 KB
4 KB 19ms
18ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoKaufland-e-commerce-167865DE-2203110913.gif%3Feb%3D1&v=3&w=400&s=QPeQ2r_AfmXzl0DTHtkfRMAF&b=400

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5fccf1096034f0e911abb617de8c2e1bf39fda75bf1b1f4f69c24fae33d7269e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=1686265
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4002
expires: Sat, 09 Jul 2022 19:51:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6949 2 KB
2 KB 18ms
18ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoChrono24-GmbH-75008DE.gif%3Feb%3D1&v=3&w=400&s=3BBAM3XMNTbtUpMzRWj01Uda&b=400

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

81e64f849a9e5f775a6aa490191f9b7cd04784e2dd4af7c8b43fbe4546f54d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=972134
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1754
expires: Fri, 01 Jul 2022 13:29:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6949 874 B
1 KB 24ms
23ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FS%2FlogoSTILL-GmbH-Stammhaus-Hamburg-DE.gif%3Feb%3D1&v=3&w=400&s=EHZkISxVqX31mDccnpXqvwhs&b=400

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

14497ab03c2d2361d93afed4285910b166b548de6fdf1c23967c2b2d027d2d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=44909
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 874
expires: Mon, 20 Jun 2022 19:55:51 GMT

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6949 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Jun 2023 07:27:21 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6949 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Jun 2023 07:27:21 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7EDD 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7Cs90djooKEGcGBlKV8V4sukvvtFvWQsEoge0LxmCi1Fw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bkU6QbForFm9v0N_A7kkGUbIUKwT571k2C50BNSRRBoQrvN5H_0s3C6_M-ucW0Min85xfwX9Ksdo9lAr3gzHyT0idF0A4RtsTUaaU8VfVZkgsE6niywiWnBAdwKxCxNURngeTzkPqzBhLzQzVzule1lfVcsv4f0fOT-qSUSNH06-37QDL7IpiM5jD5TZpGAgIsP08-3U5dTzpgacEl1s92HCwAQyJOLm_1_JhG7xjfeAdKb0LKVzowTjBAAsy5v5u3HUabHzJMFP5FX2kS0jL7lf3eTsgVw0oPNBIm5-gwvtWZh8aF-E1apwxPNlbwe8MqEmjukKNcE0g-J9E5a1-NWPsEx9ELl3si2WOjVfk7yukI5wcqQfcfSU4Oc8AnNXTJKIPvrd9THw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Jun 2023 07:27:21 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7EDD 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7Cs90djooKEGcGBlKV8V4sukvvtFvWQsEoge0LxmCi1Fw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bkU6QbForFm9v0N_A7kkGUbIUKwT571k2C50BNSRRBoQrvN5H_0s3C6_M-ucW0Min85xfwX9Ksdo9lAr3gzHyT0idF0A4RtsTUaaU8VfVZkgsE6niywiWnBAdwKxCxNURngeTzkPqzBhLzQzVzule1lfVcsv4f0fOT-qSUSNH06-37QDL7IpiM5jD5TZpGAgIsP08-3U5dTzpgacEl1s92HCwAQyJOLm_1_JhG7xjfeAdKb0LKVzowTjBAAsy5v5u3HUabHzJMFP5FX2kS0jL7lf3eTsgVw0oPNBIm5-gwvtWZh8aF-E1apwxPNlbwe8MqEmjukKNcE0g-J9E5a1-NWPsEx9ELl3si2WOjVfk7yukI5wcqQfcfSU4Oc8AnNXTJKIPvrd9THw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Jun 2023 07:27:21 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7EDD 308 B
636 B 24ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7Cs90djooKEGcGBlKV8V4sukvvtFvWQsEoge0LxmCi1Fw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bkU6QbForFm9v0N_A7kkGUbIUKwT571k2C50BNSRRBoQrvN5H_0s3C6_M-ucW0Min85xfwX9Ksdo9lAr3gzHyT0idF0A4RtsTUaaU8VfVZkgsE6niywiWnBAdwKxCxNURngeTzkPqzBhLzQzVzule1lfVcsv4f0fOT-qSUSNH06-37QDL7IpiM5jD5TZpGAgIsP08-3U5dTzpgacEl1s92HCwAQyJOLm_1_JhG7xjfeAdKb0LKVzowTjBAAsy5v5u3HUabHzJMFP5FX2kS0jL7lf3eTsgVw0oPNBIm5-gwvtWZh8aF-E1apwxPNlbwe8MqEmjukKNcE0g-J9E5a1-NWPsEx9ELl3si2WOjVfk7yukI5wcqQfcfSU4Oc8AnNXTJKIPvrd9THw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 15 Jun 2023 07:27:21 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7EDD 293 B
621 B 18ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7Cs90djooKEGcGBlKV8V4sukvvtFvWQsEoge0LxmCi1Fw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bkU6QbForFm9v0N_A7kkGUbIUKwT571k2C50BNSRRBoQrvN5H_0s3C6_M-ucW0Min85xfwX9Ksdo9lAr3gzHyT0idF0A4RtsTUaaU8VfVZkgsE6niywiWnBAdwKxCxNURngeTzkPqzBhLzQzVzule1lfVcsv4f0fOT-qSUSNH06-37QDL7IpiM5jD5TZpGAgIsP08-3U5dTzpgacEl1s92HCwAQyJOLm_1_JhG7xjfeAdKb0LKVzowTjBAAsy5v5u3HUabHzJMFP5FX2kS0jL7lf3eTsgVw0oPNBIm5-gwvtWZh8aF-E1apwxPNlbwe8MqEmjukKNcE0g-J9E5a1-NWPsEx9ELl3si2WOjVfk7yukI5wcqQfcfSU4Oc8AnNXTJKIPvrd9THw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 15 Jun 2023 07:27:21 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 7EDD 0
689 B 146ms
106ms Image
text/plain 2600:9000:224a:9c00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1655710041
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7Cs90djooKEGcGBlKV8V4sukvvtFvWQsEoge0LxmCi1Fw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bkU6QbForFm9v0N_A7kkGUbIUKwT571k2C50BNSRRBoQrvN5H_0s3C6_M-ucW0Min85xfwX9Ksdo9lAr3gzHyT0idF0A4RtsTUaaU8VfVZkgsE6niywiWnBAdwKxCxNURngeTzkPqzBhLzQzVzule1lfVcsv4f0fOT-qSUSNH06-37QDL7IpiM5jD5TZpGAgIsP08-3U5dTzpgacEl1s92HCwAQyJOLm_1_JhG7xjfeAdKb0LKVzowTjBAAsy5v5u3HUabHzJMFP5FX2kS0jL7lf3eTsgVw0oPNBIm5-gwvtWZh8aF-E1apwxPNlbwe8MqEmjukKNcE0g-J9E5a1-NWPsEx9ELl3si2WOjVfk7yukI5wcqQfcfSU4Oc8AnNXTJKIPvrd9THw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:9c00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:22 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: IRazIMkEXk8zxfVBXs27jhbuyTCXhKIm6aAcstN1BE7miAU9uhZ-2A==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 dis.aspx Show response
widget.fr.eu.criteo.com/dis/ Frame A5C9 5 KB
2 KB 225ms
20ms Document
text/html 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.fr.eu.criteo.com/dis/dis.aspx?pu=149517&cb=62b021584f6fe62b211889740dcd3d54

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/ajs.php?u=%7Cs90djooKEGcGBlKV8V4sukvvtFvWQsEoge0LxmCi1Fw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bkU6QbForFm9v0N_A7kkGUbIUKwT571k2C50BNSRRBoQrvN5H_0s3C6_M-ucW0Min85xfwX9Ksdo9lAr3gzHyT0idF0A4RtsTUaaU8VfVZkgsE6niywiWnBAdwKxCxNURngeTzkPqzBhLzQzVzule1lfVcsv4f0fOT-qSUSNH06-37QDL7IpiM5jD5TZpGAgIsP08-3U5dTzpgacEl1s92HCwAQyJOLm_1_JhG7xjfeAdKb0LKVzowTjBAAsy5v5u3HUabHzJMFP5FX2kS0jL7lf3eTsgVw0oPNBIm5-gwvtWZh8aF-E1apwxPNlbwe8MqEmjukKNcE0g-J9E5a1-NWPsEx9ELl3si2WOjVfk7yukI5wcqQfcfSU4Oc8AnNXTJKIPvrd9THw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9796d180e66645b4bd08c077e0f6d68cd37bdb408f8fd9e11c3c0d6cdc8ddd46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:27:21 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 4731660
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7EDD 12 KB
6 KB 19ms
19ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Jun 2023 07:27:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7EDD 11 KB
11 KB 24ms
24ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28662876
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10911
expires: Thu, 18 May 2023 01:21:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7EDD 4 KB
4 KB 19ms
19ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5fccf1096034f0e911abb617de8c2e1bf39fda75bf1b1f4f69c24fae33d7269e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=1686265
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4002
expires: Sat, 09 Jul 2022 19:51:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7EDD 2 KB
2 KB 32ms
31ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

81e64f849a9e5f775a6aa490191f9b7cd04784e2dd4af7c8b43fbe4546f54d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=972134
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1754
expires: Fri, 01 Jul 2022 13:29:36 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7EDD 0
127 B 17ms
17ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=bvmgmhErMDoqNvpXPO0q8YUaFNudaLpNbPr0FI2GtuuY5z97w9M8VrRLoa5vQ4hXebNAG2c0P0YYIMYy_4hOOWYxLS5eDPFIcAvAB3UsrKIdE_mH5MYrZ22WdkKAx_uq9XbaHtJzWzaRv58dJeGDLy40NBh-q7zthXuN2qGxInrpbofXscGYlvS9RWJ0c92t64xKQ7w_KbLkyUDiHj7jjF91apODY9qaJ0VBbByFXB62ePQ_MwryvRPGkX19vD7WLx91sg&sds=2&rev=81817&sendBeacon=true

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Jun 2022 07:27:21 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7EDD 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Jun 2023 07:27:21 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7EDD 2 KB
1 KB 23ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Jun 2023 07:27:21 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 7EDD 43 B
348 B 129ms
20ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=LM4yk4n4VEF2g4Uqc221GMGoCvbZKrPsyDEeVlng1rxr9tcCGfeXR4aYSBz6633TAcWMpGzWvYquqxRSh2H6l6i7JCwGX-OpnMq-uhMJTGBmQjNaaNKZazZFjH2OQmU_kMEiZ7BvVpxYhfnMcpoAwrJEevh6-qNLhD1JHbqT7PPouEtqn-WgvWwaAitf2CxrWMoJ8xe9ejBf8gklERKIswslFsnQLoleO1_MSniQqCRSLvj1TMApe5l_jQprsHFcuhyBQFzUhHGv2yrmp1mIhnmGaMLGYXn3p1gp8DeO8uszF5XH4qRGxYzFgMCakcaoC2KcxjRCrlb2Cxr9Oj777HVD_AlI_GoQoM0j5dPv_59Ii-yyBozk1l7nGQZGHRM4vEbVk0wFpE5motAeFFM6yZ64T3DsHo-SgGBIG2hzSEaIrpgauD8LngksLeL9nYXpgIpqWe70e1G98eAsD17Lh5jCp_w

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:21 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3804679
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7EDD 2 KB
3 KB 32ms
32ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FI%2FlogoIntertek-Holding-Deutschland-GmbH-66445DE.gif%3Feb%3D1&v=3&w=400&s=EyAptVuEQJvCPfprWwzBlnmu&b=400

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

05808c39b0affa660efe7bd3d2fc943ce7843ffa1a0109977f411c3d66b8948c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=794991
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2334
expires: Wed, 29 Jun 2022 12:17:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=3472745739392403&bg=!9_Sl9LDNAAbASn8N4Eo7ACkAdvg8WjvIrI8OTJjYKyXKoq5E8F-ZrUNEbWY9SjWO5UeLnSoLpdnT8QIAAABNUgAAAAJoAQcKAPNUmqhk9_3CmTY6ugbO4FM2TvDdEbjg5HHbeyRVQON9D7Om5HAnFB6BV2Jeof3U1_KGNBMhzCpnySIRn9Enobrv6ZtWr9CNVvxJfqS5ICMr6N-GTX41GJCMg8OknSlp8di-x_gii6ZzzKnDKfpS2O82kIX03yuz0NOExKXx2PO2-NLzjipJkAxWml3ZUDZwIMT6-eNfMI82Q7cZImFWnAUwCfQTygajzF-1EnysJrfBGeouHqCDR27PL3J5tVzJrwCM7W3Rq2TCjHXT_nDDhpTxnVzOBd9UebLkgLoo6bwbp2wEYcqNL87xD6ZY0n2Megj3yjiZAohzNIJnqkusFlTlrin8ktWCuJ48OcZOnU_1HBCi7U34yC8fkyQVra0R8n5E7hS7yzJ2GhIQNDe4EENrSFVLPsi1ebfr_G37ffjfDWBQ6H3Sb5qsNI0TklfUsj1cLLwTd9GjsrDWPqRyz0HC_47Ro4JGZz6Hdq9m57CjBaMSYXKqcRUT36DhtRf77YfVQnTtyNARJMHPPaDs25l0SIer2NJFN5ol_3gqaHCdyHFK2PfJPJ5VXzRHWSgIamoBW2zm7nTOXMQ7yH0fT4xEK5vcREyYJEk8zLPTCHCCBgMrarFPv5Cu4nAfpuADKWRRqXV_4MtjNwtIGxycEAoRRRTf5w_IP2ENo1GqafY71GG_y5-efGvbi4itC8b-1t-MBsT2H0I1EOnwSy6DAS-DCSEUxjWeL5iGz0HUKS9RQ48iA45jv9wGcwxkjdzpQHbfPUczKUZgRZ56B8lGdTaVra1FCW4N946yPf4u-yfUbaqtPLTivekIjFcu9GkJdQYTgdg9VNLIH0fw2otYoMScjGCnqC7kpTUuR2gKbHMwPvo4-Sdi8eNgkHVQXhHGSHflSXzL_eXxdJAJOOYBGGD3wbT8WZv8Kyk-LmWA7jw2c67uKyk5VltTzRzky8pPE_bUXf4eyRdLce2eMZelieX8bOuNYjp66r478A7dExCkwEOOEsgOBbeqXYTlLoUr1GWptFKWM1y9MZu6mPdhBy7AVF0Qt924wZKAyYmmx4rc3anQd-R0nVSuqOI0-ZQGl3DNoLFPTX2-CtEbSRAP68ALlHl2pjtmicsVQ91VLPJUyOZoPZF9Zj1PwY43YhrruOEppQ4CSsLOHhyvDMTVcJ76bCkJLL_7o2l4DtTPtH4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6949 11 KB
11 KB 31ms
31ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28662876
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10911
expires: Thu, 18 May 2023 01:21:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6949 2 KB
2 KB 17ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

81e64f849a9e5f775a6aa490191f9b7cd04784e2dd4af7c8b43fbe4546f54d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=972134
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1754
expires: Fri, 01 Jul 2022 13:29:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6949 4 KB
4 KB 17ms
17ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5fccf1096034f0e911abb617de8c2e1bf39fda75bf1b1f4f69c24fae33d7269e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=1686265
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4002
expires: Sat, 09 Jul 2022 19:51:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7EDD 4 KB
4 KB 76ms
76ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5fccf1096034f0e911abb617de8c2e1bf39fda75bf1b1f4f69c24fae33d7269e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=1686265
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4002
expires: Sat, 09 Jul 2022 19:51:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7EDD 11 KB
11 KB 16ms
16ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28662876
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10911
expires: Thu, 18 May 2023 01:21:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7EDD 2 KB
2 KB 17ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

81e64f849a9e5f775a6aa490191f9b7cd04784e2dd4af7c8b43fbe4546f54d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:21 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=972134
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1754
expires: Fri, 01 Jul 2022 13:29:36 GMT

GET
H2 200 tp
ad.holmesmind.com/adserver/ Frame 6DE8 0
77 B 231ms
231ms Image
image/png 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/tp?tpid=div-criteo-1007257&tp=criteo&c=0.11307044327259064&p=de13a28f668785ac7e251058ce4eb5d9-13802&t=1655710040
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
content-type: image/png
server: nginx/1.14.0 (Ubuntu)

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2CDB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Co0WvyYRRBPXrpbalnXceMmhrZC0K9biDpKFxQ&google_cm&google_hm=ay1DbzBXdnlZUlJCUFhycGJhbG5YY2VNbWhyWkMwSzlia...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Co0WvyYRRBPXrpbalnXceMmhrZC0K9biDpKFxQ&google_gid=CAESEDW9u9AFKANkpa8QvGdt1rg&google_cver=1&google_ula=913071,0

43 B
370 B

172ms
16ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Co0WvyYRRBPXrpbalnXceMmhrZC0K9biDpKFxQ&google_gid=CAESEDW9u9AFKANkpa8QvGdt1rg&google_cver=1&google_ula=913071,0

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:22 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 956557
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Co0WvyYRRBPXrpbalnXceMmhrZC0K9biDpKFxQ&google_gid=CAESEDW9u9AFKANkpa8QvGdt1rg&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sync
ups.analytics.yahoo.com/ups/58301/ Frame 2CDB 0
0

GET v1
ads.yahoo.com/cms/ Frame 2CDB 0
0

GET pixel
adx.dable.io/ Frame 2CDB 0
0

GET seg
secure.adnxs.com/ Frame 2CDB 0
0

GET seg
ib.adnxs.com/ Frame 2CDB 0
0

GET tap.php
pixel.rubiconproject.com/ Frame 2CDB 0
0

GET cksync.php
contextual.media.net/ Frame 2CDB 0
0

GET xuid
eb2.3lift.com/ Frame 2CDB 0
0

GET cookie-sync
sync.outbrain.com/ Frame 2CDB 0
0

GET /
s.ad.smaato.net/c/ Frame 2CDB 0
0

GET /
sync.aralego.com/idSync/ Frame 2CDB 0
0

GET um
criteo-sync.teads.tv/ Frame 2CDB 0
0

GET sync
x.bidswitch.net/ Frame 2CDB 0
0

GET Pug
simage2.pubmatic.com/AdServer/ Frame 2CDB 0
0

GET /
rtb-csync.smartadserver.com/redir/ Frame 2CDB 0
0

GET match
ad.360yield.com/ Frame 2CDB 0
0

GET sync
sync-criteo.ads.yieldmo.com/ Frame 2CDB 0
0

GET /
cs.adingo.jp/sync/ Frame 2CDB 0
0

GET c.gif
c.bing.com/ Frame 2CDB 0
0

GET spp.pl
sp.analytics.yahoo.com/ Frame 2CDB 0
0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 75A6 975 B
882 B 24ms
14ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6664
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9DWgMYY0wusTYphE5RtnXq0wAbVOZjNvlM0COk%2FzooMxUDWwMAjweLhkxGsmZvVFxKqCXIbUyOo4U7GvftGpQRFYISBee%2FAraSxo2tD6FuPTGu8toGO%2FEPhzgRT6Fn25cgiTJJ5tHCMIISRcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 71e2c813ef6b9b8f-FRA
cf-bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 75A6 46 B
486 B 389ms
93ms XHR
text/html 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Catonsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 429432ae1f604701ee0a82b70cbdf778789f68955f40f3ba10ea1121ee743055

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 07:27:22 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 75A6 553 B
1 KB 343ms
152ms XHR
text/html 199.115.117.82
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&adid=ad-772A83DE72BEEAE6F2668A9E7A3B9AB&w=970&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.9936545257325211&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=970%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.115.117.82 Oakton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: d5bdbd2b5059b1b2f8c1f9ed994af05e0c97c9d55d30fcbde876229ab1492d11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 07:27:22 GMT
X-Width: 970
X-Height: 250
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource: PSA
X-Adtype: html
Connection: close
Access-Control-Allow-Credentials: true
Content-Length: 553
X-AdStyle: banner

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 9F51
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Co0WvyYRRBPXrpbalnXceMmhrZC0K9biDpKFxQ&google_cm&google_hm=ay1DbzBXdnlZUlJCUFhycGJhbG5YY2VNbWhyWkMwSzlia...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Co0WvyYRRBPXrpbalnXceMmhrZC0K9biDpKFxQ&google_gid=CAESEDW9u9AFKANkpa8QvGdt1rg&google_cver=1&google_ula=913071,0

43 B
370 B

183ms
17ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Co0WvyYRRBPXrpbalnXceMmhrZC0K9biDpKFxQ&google_gid=CAESEDW9u9AFKANkpa8QvGdt1rg&google_cver=1&google_ula=913071,0

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:21 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1334759
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Co0WvyYRRBPXrpbalnXceMmhrZC0K9biDpKFxQ&google_gid=CAESEDW9u9AFKANkpa8QvGdt1rg&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sync
ups.analytics.yahoo.com/ups/58301/ Frame 9F51 0
0

GET v1
ads.yahoo.com/cms/ Frame 9F51 0
0

GET pixel
adx.dable.io/ Frame 9F51 0
0

GET seg
secure.adnxs.com/ Frame 9F51 0
0

GET seg
ib.adnxs.com/ Frame 9F51 0
0

GET tap.php
pixel.rubiconproject.com/ Frame 9F51 0
0

GET cksync.php
contextual.media.net/ Frame 9F51 0
0

GET xuid
eb2.3lift.com/ Frame 9F51 0
0

GET cookie-sync
sync.outbrain.com/ Frame 9F51 0
0

GET /
s.ad.smaato.net/c/ Frame 9F51 0
0

GET /
sync.aralego.com/idSync/ Frame 9F51 0
0

GET um
criteo-sync.teads.tv/ Frame 9F51 0
0

GET sync
x.bidswitch.net/ Frame 9F51 0
0

GET Pug
simage2.pubmatic.com/AdServer/ Frame 9F51 0
0

GET /
rtb-csync.smartadserver.com/redir/ Frame 9F51 0
0

GET match
ad.360yield.com/ Frame 9F51 0
0

GET sync
sync-criteo.ads.yieldmo.com/ Frame 9F51 0
0

GET /
cs.adingo.jp/sync/ Frame 9F51 0
0

GET c.gif
c.bing.com/ Frame 9F51 0
0

GET spp.pl
sp.analytics.yahoo.com/ Frame 9F51 0
0

GET v1
ads.yahoo.com/cms/ Frame 2CDB 0
0

GET v1
ads.yahoo.com/cms/ Frame 9F51 0
0

GET
H2 200 tp
ad.holmesmind.com/adserver/ Frame DDC3 0
77 B 240ms
240ms Image
image/png 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/tp?tpid=div-criteo-1007257&tp=criteo&c=0.11774471402168274&p=a49316f9f56c065bdf1aeca90f26056b-13803&t=1655710041
Requested by: Host: reurl.cc
URL: https://reurl.cc/main/tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
content-type: image/png
server: nginx/1.14.0 (Ubuntu)

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 0B8D 117 KB
39 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aeaf412870e7cdb2c530807f5560acde2e1fcbd97332822ad4eee13946fc4f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39762
x-xss-protection: 0
server: cafe
etag: 4617726372091098334
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:27:22 GMT

GET spp.pl
sp.analytics.yahoo.com/ Frame 2CDB 0
0

GET spp.pl
sp.analytics.yahoo.com/ Frame 9F51 0
0

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206150101/ Frame 0B8D 340 KB
120 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31068062

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e73265552f1deeca1fb17f5bf9545dd3ea7e59204d9544ba6ceba6906abf51b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122718
x-xss-protection: 0
server: cafe
etag: 12883832275741164298
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 07:27:22 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 9151 714 B
844 B 14ms
14ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 5591
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71e2c8165bb89b8f-FRA
content-encoding: br
content-type: text/html
date: Mon, 20 Jun 2022 07:27:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUbqjUw6TJYLP2qzvJYwVkBKE8vtz6E4HhwVeqDoCBLTcMKEyw6V6WaWKYr2x%2FkulZM8RRX7YjiCDo1D4CLYYayU64qZgMitxnlkX%2FZxgFld%2FiH1ibQL0lfo%2FGWvh5KM2Q%2FIIGPok5iOyMUOIA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 75A6 35 B
384 B 281ms
96ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Catonsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 07:27:22 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 9151 81 KB
28 KB 44ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

6e0f46061c009a75898559222cd3712d89812a97628c4363eab0223d8d11cbb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27884
x-xss-protection: 0
server: sffe
etag: "1250 / 996 of 1000 / last-modified: 1655503484"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 20 Jun 2022 07:27:22 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 0B8D 12 B
53 B 29ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D52b8e7cecdccc2c1-22afdbc3b6cd0060%3AT%3D1655710039%3ART%3D1655710039%3AS%3DALNI_MY1kslgW7A91_hcKvkTrZ5Zdn2dpw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4485239425924787&plah=reurl.cc&bust=31068062

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0B8D 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=reurl.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0B8D 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 35B8 20 KB
10 KB 367ms
367ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12683&adk=2922729533&adf=2645242779&pi=t.ma~as.2784%2F12683&w=970&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655710042600&bpp=11&bdt=390&idt=75&shv=r20220615&mjsv=m202206150101&ptt=5&saldr=sa&cookie=ID%3D52b8e7cecdccc2c1-22afdbc3b6cd0060%3AT%3D1655710039%3ART%3D1655710039%3AS%3DALNI_MY1kslgW7A91_hcKvkTrZ5Zdn2dpw&correlator=158423130175&frm=23&ife=1&pv=2&ga_vid=373935847.1655710039&ga_sid=1655710043&ga_hid=1799351960&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=956&biw=1600&bih=1200&isw=970&ish=250&ifk=3294055689&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068062&oid=2&pvsid=1515047525666438&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sv1zl0mbtivo&fsb=1&dtd=89

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56abe56ede88bc850a5067cc8318bddcb361f49ccc7c795c559d534f5f55bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10025
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:27:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_2022061301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9151 370 KB
125 KB 22ms
7ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

aedd1b112e247314f7e990485858511f15d21e57885ee131e9e1a3fec0173d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 16:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128384
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 08:35:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 19 Jun 2023 16:35:23 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9151 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9151 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9151 307 B
157 B 48ms
48ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4186727608017631&correlator=1341626579059503&eid=42531607&output=ldjh&gdfp_req=1&vrg=2022061301&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&ecs=20220620&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1655710042779&lmt=1644386353&dlt=1655710042629&idt=126&biw=-12245933&bih=-12245933&adxs=-12245933&adys=-12245933&ucis=nb6y1un7mi8l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=200864745.1655710043&ga_sid=1655710043&ga_hid=260185924&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

4be1e5166335df4f2182f77ff1e088e0936f756b01d2da47e43a690bd046106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c4654169556448e66cc743b8ef973a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E06C 6 KB
4 KB 64ms
14ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c4654169556448e66cc743b8ef973a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:27:22 GMT
expires: Tue, 20 Jun 2023 07:27:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9151 14 KB
10 KB 20ms
20ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022061301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf06b6a45503587a395d08400daa66153045a9877a06a360cb8557e79995c804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10700
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9151 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Jun 2022 07:27:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8206 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:26:42 GMT
expires: Tue, 20 Jun 2023 07:26:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2964 783 B
534 B 18ms
18ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

65f6ab60d99743bc5739cd80bb2c2451e60dd276bd9479459aad95ce33c1463b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m2lcqbj6JEBrIr680SxEaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-m2lcqbj6JEBrIr680SxEaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:27:22 GMT
expires: Mon, 20 Jun 2022 07:27:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8206 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 17:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Jun 2023 17:35:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2964 0
0 72ms
72ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022061301&jk=4186727608017631&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 6949 0
127 B 18ms
18ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Jun 2022 07:27:22 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8206 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ag3TFQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 7EDD 0
127 B 18ms
18ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Jun 2022 07:27:22 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5E19 624 B
297 B 21ms
21ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiT6czLATAB&v=APEucNW7m-v77iU2uFOvt2cvsd55pJTc-5bOf7yQtkX5tDm8__LH4VlyGEAvu6UKAtc1EZFA03UqFacLaAoYfljPWRTUhMwICl0dGaeYBh5O1k8P5N19u1BrbKptgmZ86jxer65FiixGrt98BnVAS0l4hSwyn-rxxYH_aarasVeauy_fw-GYZI8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12683&adk=2922729533&adf=2645242779&pi=t.ma~as.2784%2F12683&w=970&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655710042600&bpp=11&bdt=390&idt=75&shv=r20220615&mjsv=m202206150101&ptt=5&saldr=sa&cookie=ID%3D52b8e7cecdccc2c1-22afdbc3b6cd0060%3AT%3D1655710039%3ART%3D1655710039%3AS%3DALNI_MY1kslgW7A91_hcKvkTrZ5Zdn2dpw&correlator=158423130175&frm=23&ife=1&pv=2&ga_vid=373935847.1655710039&ga_sid=1655710043&ga_hid=1799351960&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=956&biw=1600&bih=1200&isw=970&ish=250&ifk=3294055689&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068062&oid=2&pvsid=1515047525666438&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sv1zl0mbtivo&fsb=1&dtd=89

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12683&adk=2922729533&adf=2645242779&pi=t.ma~as.2784%2F12683&w=970&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655710042600&bpp=11&bdt=390&idt=75&shv=r20220615&mjsv=m202206150101&ptt=5&saldr=sa&cookie=ID%3D52b8e7cecdccc2c1-22afdbc3b6cd0060%3AT%3D1655710039%3ART%3D1655710039%3AS%3DALNI_MY1kslgW7A91_hcKvkTrZ5Zdn2dpw&correlator=158423130175&frm=23&ife=1&pv=2&ga_vid=373935847.1655710039&ga_sid=1655710043&ga_hid=1799351960&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=956&biw=1600&bih=1200&isw=970&ish=250&ifk=3294055689&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068062&oid=2&pvsid=1515047525666438&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sv1zl0mbtivo&fsb=1&dtd=89
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:27:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 928F 82 KB
33 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CSiqiupIjrUdUQfI9xRG25hQTpUefoe4l_3ifFod2qDFVwil4ouh0jsi6El0WklkI529la_4o9VY6ztFOembzn9mwxoKy3m63md4GgPgaTMukffV6A9bQnZxh8BgVndLE8zp6P-oyB1MlgbPViOXqu3pLggg&dbm_d=AKAmf-Cmowf7DCFRkCvQCdKhnEetsf2rVcOODTIXGOPopWXzmCxcs1-wHCfWG8dVVta_od8AcBJdSFTA0T2UtZK5h-dSweh38opOTPkfRyDhVI852bPDPoK4cIeuabCmj1MOkt5hYHDZcI24xoQkK44O7tb4DNZSiDnqtLPQc6K2LuODEq5UNOpcKuvbFCJyWIYOvL7nEIPe6_oXAxPRlHp20Y8DPIqF-mi6IGTela7sQ-A6cZQyUH7zucHy_I6RsZEeXPLnoZfEKinQVQNsoeYETr4wlvHMuenLXSUPubKTBuNsgKYrGKzoazXQgDY_nwpRjBNn1LKib9m0hAKH9Lisnk9ilR1DCfcAQQD-044PohY-V79cIiyYsU0Xscj2aif9vCcOlSYjX2vmaFHEKn_ikpa7FLjfBwhX_qywcUZq1lNiMtVjLC-M03RDo2JWPUCAl-nrPZDPT6n9QzGIWV7Y9olacLtXU7TYZVnum-hWwvadTE_qmjQUQHhTXk44Q7S4vLVswGMrS2cm_Drrx97Vj6GN4DwepcQk2eLSdt1q8Vh_gLbpX0tulm465zNBu7PWdGs6TBruLZK1vpoEsNCLP5VcjkzipXNp9tg1UMduKcJnRLCXNn_DXb4AysVuq1G7uGb-DjlYeWSBIYTSe36kSzTPA3tgm_VlJHkof8WQjjRMXuOVOQJAY-im5ZgtoCTkrrAwGrOlNQBn9-lW6imclkt6gGVB03pp1pRYXOnZVC_9bGH092vsUnCz8qt21guhqHHLhJN8Rxyk_bdco6TsH6o7MmyuZ_D8kn5zKPsFrI3-dUzlcgpaXOCnoHQBDfqtV53_Y-zq2u1Nq-Pi9lZ_vVaR0anlD9eIiG7YVp_EGBkT7jNDafpYfEHlT7wfwYMFBdWhWTOKpL5EIElfHFF5TPGOVYLfqVwZypMpjuGVlu5YY1emsT8mATqZ-asdDvYXmWXp7CDLBOqK5TYN3kunq4gJM6_s5DlpEmbdSdZSgiyB01W-Zplv4fbZQZbxKFZFUaWOdhlBMP2togQHKT1Cozv_GtVXh80BjpxPrscbv1f5w9N2BcIdihZxvSP5GoyJxkJ-Pe4fi_TztGt3mQcYIiys0cC9KrHjAB2fuwo8Zlr0QxT3wI37nlcsjF5g1_rxX_9WeYQ3Yfp2SOkGS0DaC6-Ml0vfGoFRzLfI75ClAxr2douOX3-P62DrW4UNvXdYYFdzL8mo2H5y-diSTo5DQGc61hktS2q0cYoWwKe22Icj-zt4jMbyvj7t1yWdPZQE2-pKXy9SBxTmsGjFi1MKOSbqvNmJ5paoeUeOeTYmt02dZ2r2JdUp_bV_-wPPidsVYbBnrimrRO8OPj-4ts0OvGQAzXZTtaZL8LF3msILXEVTXqExkWEqBz0KCSsYEd8VK34V8txP5VnEhL_64SXUvmbmaF0NmkwkUBfYeN-P-MFLxURu_X7lVm4ai5rtjH-WMhzJf27jvf42oAHfoAbuIN57s_Bmz1bpSUncx44_-M3naCaI1oT0hpfjAa32t_ayHqjroiezvH-nA4Zg29hPidX7_Olm-KbEi2NUTeANV1Wxidjt27ptuvq227dedOgpydaP8Lo_3yBBz1g5STjCLUAsSPhjQuOa3LlKQZEYF3gifRCDXXR-Yh7tkiDzQIVIlPfHvltrW6q3Hcz1tzn4etV6x3cWTaTX6pdFvM740hq1pvRh7_Ql_ofwd1wAmFwpB1l_e50N1bwx4_kADS4IFkY-Jeq361x-64xX5E28uScTWaE00RZW-QWKoZkkqPRSmaNlQ-p10KAbumBaUPHvyYOzjJNYtH8VuqrV_yYVFLzlhwoBxF1SzoHZXnTl5xUXSO5047a4BpeLI1d2EWRJ4liuKbc8JJcaUULNXEVjDzqDcCtfqqPDHITjoVc4sY0ad0XQq2giEad67a1L8jY5-i0UBMrXKZd3Q5k-AK0jrgH08wV0STYe7jk3x1rbM6jqo5y7djD0prj58XwpIz9y2mZ87KPL2K1IVB2UtPaIT-y7iADHp_8QcJBulrNSqR-CfBbkmdZyMrC4t6EQs-v_JZxIz5GEXkWC2is15A2YZaVxKJg5OF2b9zkiduGJwAbLWPjFOjD44Q6ios7cSH8-joyLMrlO-mdSVV5n2IY5pcaxbf-TjiX0fDugcHZjRoXxVIFQ58p7Xg9ttKBu90G2Hf0w8ZRWeo9Zg5O07XkZu9J3bS7DGJJ3Jlk8Taniik5bo01r0rmBAZ121f_e64X6DOF1KuLTA1Vaj7zLGmB8NU_gyGqKEAjdtzASxAisSBf6tlivBkc6DWxe_u0FB0BnKVkC_1z6K8BG4mYLMowcWN229OJ51DmvgpwIG30N1eeyZRP6hm3sKvXHZCLfZBLVVvx2nRFsUfpWEcEdtPe-R5oQQGJXy5215xwFMxMKrCUPB67F099foFvPB6m0DYIFGuUQjKO1HIm9t8tNDbuU6gUMNSkcVnxduOukYkGr0Nau3ySHXsoFIXF9HVyH3TdgGqSXyKo8lsdtem_lRAnpifzKnF_MbheMtwNIcWpzEyaRFPuSW5XITyMpnay8zRULLotCTfU3b5ZvjzZHYoqwsL1IMiTegxASZGyl6eELjmuf9ukGbWVZzw9UtMm6otNoyN4aEG0m3bu3qvOBW15TxCX20OFC4e5bMXtuonsZsG_hRSOoT093nHgT7qBAIgxaNkKH5hu8TwKJofKLmCCQkdHFwu9pe-yKZpJzMMQ8x0WUIiSzhedWRecM_PP-Qj0hN6ok8Y0gZ8aFxna0Os_Krw4UbXG3wR6Nk8H-Ar58S16ignKnWwmj16JE5Qv13zjj5ERD-kL-RIu4SRPGrT3TRWl05BVTpy1v7XTJpDQeK1mqWq5-6Z3XWoPBzutzAZpGbCLm0yLT0xZhQSUM13RWYDg4faXz3hcE4XWREhiM9jZcEdWbpyCtdC0QRWD1vDWNx-uOPWuxMQDVYMlP4npYZ8O7MPaWOrmbm1FkXIwVUzIOE3mVMrswyLu0ICKAoWNUlA43e1HTstlQjl2oRfQcgK8wa4Rgbqybzh3yJdRfWEWG6yPUz0DCguTUnienhebhh8mEW5BM4AyTTsWQCxN_jsjB1o5GPbUrKvK9guTocnUzusW2Pym14JAEUR8DyB9nzd0Y7OXI2JLkjQolXir8wLbMLmlZ5vTRti-7b48v3CxnjhrgIx0iJxrpHpIB4Jt7ZcVhmYHV9MbTv0FeAWtiTukIJAC8zV6KYavtASiALILJSg6BvN3yLcEZBgbFwcJI_OobDAiQzQ&cid=CAASJORoqf4umKhjYxKKoU4RZmGDBkcvA-wPd8-bEfH9eD2Zj4pfcQ&rfl=7%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73773840925293748cdbf794e0d346c6cb0163c213b751147e1fe6b4d3cec9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12683&adk=2922729533&adf=2645242779&pi=t.ma~as.2784%2F12683&w=970&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655710042600&bpp=11&bdt=390&idt=75&shv=r20220615&mjsv=m202206150101&ptt=5&saldr=sa&cookie=ID%3D52b8e7cecdccc2c1-22afdbc3b6cd0060%3AT%3D1655710039%3ART%3D1655710039%3AS%3DALNI_MY1kslgW7A91_hcKvkTrZ5Zdn2dpw&correlator=158423130175&frm=23&ife=1&pv=2&ga_vid=373935847.1655710039&ga_sid=1655710043&ga_hid=1799351960&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=956&biw=1600&bih=1200&isw=970&ish=250&ifk=3294055689&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068062&oid=2&pvsid=1515047525666438&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sv1zl0mbtivo&fsb=1&dtd=89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 928F 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:22:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 07:22:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 928F 137 KB
43 KB 152ms
119ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655318790223595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Jun 2022 07:27:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 928F 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 07:22:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 928F 0
0 14ms
14ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkRR60dxcN5zIAJh1nleNhMphRAFcsToa65_0nUru15pVhYePTXv3Wa5fDJlr8zgYDhO62X2ym9Zh4nijpCOJ4TBzeAw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12683&adk=2922729533&adf=2645242779&pi=t.ma~as.2784%2F12683&w=970&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655710042600&bpp=11&bdt=390&idt=75&shv=r20220615&mjsv=m202206150101&ptt=5&saldr=sa&cookie=ID%3D52b8e7cecdccc2c1-22afdbc3b6cd0060%3AT%3D1655710039%3ART%3D1655710039%3AS%3DALNI_MY1kslgW7A91_hcKvkTrZ5Zdn2dpw&correlator=158423130175&frm=23&ife=1&pv=2&ga_vid=373935847.1655710039&ga_sid=1655710043&ga_hid=1799351960&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=956&biw=1600&bih=1200&isw=970&ish=250&ifk=3294055689&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068062&oid=2&pvsid=1515047525666438&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sv1zl0mbtivo&fsb=1&dtd=89
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 928F 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ak3zPZ1fD9NLotvgRKGoGfSApXc9j83qTaURM8ekXYgZfw9bOiuxvp4EAtyqsefJJ13CJ2kwXdT4AVLMxIOncZAxJEH1Z6awxBRXofrp_SxURhvUk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5E19
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBY3tDtc6pTSkh7K7AKfIIA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBY3tDtc6pTSkh7K7AKfIIA&google_cver=1&C=1

43 B
783 B

16ms
16ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBY3tDtc6pTSkh7K7AKfIIA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiT6czLATAB&v=APEucNW7m-v77iU2uFOvt2cvsd55pJTc-5bOf7yQtkX5tDm8__LH4VlyGEAvu6UKAtc1EZFA03UqFacLaAoYfljPWRTUhMwICl0dGaeYBh5O1k8P5N19u1BrbKptgmZ86jxer65FiixGrt98BnVAS0l4hSwyn-rxxYH_aarasVeauy_fw-GYZI8
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 07:27:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 20 Jun 2022 07:27:23 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 07:27:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEBY3tDtc6pTSkh7K7AKfIIA&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Mon, 20 Jun 2022 07:27:23 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5E19
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YrAhW9IDRHAg1JafojdYaAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBY3tDtc6pTSkh7K7AKfIIA&google_cver=1

43 B
783 B

16ms
16ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBY3tDtc6pTSkh7K7AKfIIA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiT6czLATAB&v=APEucNW7m-v77iU2uFOvt2cvsd55pJTc-5bOf7yQtkX5tDm8__LH4VlyGEAvu6UKAtc1EZFA03UqFacLaAoYfljPWRTUhMwICl0dGaeYBh5O1k8P5N19u1BrbKptgmZ86jxer65FiixGrt98BnVAS0l4hSwyn-rxxYH_aarasVeauy_fw-GYZI8
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 07:27:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 20 Jun 2022 07:27:23 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBY3tDtc6pTSkh7K7AKfIIA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5E19
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBLwBXYofLPsyvxV97dQBos&google_cver=1

43 B
1 KB

15ms
15ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBLwBXYofLPsyvxV97dQBos&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiT6czLATAB&v=APEucNW7m-v77iU2uFOvt2cvsd55pJTc-5bOf7yQtkX5tDm8__LH4VlyGEAvu6UKAtc1EZFA03UqFacLaAoYfljPWRTUhMwICl0dGaeYBh5O1k8P5N19u1BrbKptgmZ86jxer65FiixGrt98BnVAS0l4hSwyn-rxxYH_aarasVeauy_fw-GYZI8

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 07:27:23 GMT
X-Proxy-Origin: 146.70.117.120; 146.70.117.120; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 58cc4fae-287b-4a4f-99f6-d61712c2c15d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBLwBXYofLPsyvxV97dQBos&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E19
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0OTg1NDg3NDczNTEzODk3OA%3D%3D

170 B
188 B

20ms
19ms

Image
image/png

142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0OTg1NDg3NDczNTEzODk3OA%3D%3D

Requested by

Protocol

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 20 Jun 2022 07:27:23 GMT
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 146.70.117.120; 146.70.117.120; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7bd7a78c-e48d-480e-95a0-19531b12f0e1
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0OTg1NDg3NDczNTEzODk3OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 928F 170 KB
59 KB 65ms
7ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 23:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Jun 2022 23:04:41 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/ Frame 928F 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CSiqiupIjrUdUQfI9xRG25hQTpUefoe4l_3ifFod2qDFVwil4ouh0jsi6El0WklkI529la_4o9VY6ztFOembzn9mwxoKy3m63md4GgPgaTMukffV6A9bQnZxh8BgVndLE8zp6P-oyB1MlgbPViOXqu3pLggg&dbm_d=AKAmf-Cmowf7DCFRkCvQCdKhnEetsf2rVcOODTIXGOPopWXzmCxcs1-wHCfWG8dVVta_od8AcBJdSFTA0T2UtZK5h-dSweh38opOTPkfRyDhVI852bPDPoK4cIeuabCmj1MOkt5hYHDZcI24xoQkK44O7tb4DNZSiDnqtLPQc6K2LuODEq5UNOpcKuvbFCJyWIYOvL7nEIPe6_oXAxPRlHp20Y8DPIqF-mi6IGTela7sQ-A6cZQyUH7zucHy_I6RsZEeXPLnoZfEKinQVQNsoeYETr4wlvHMuenLXSUPubKTBuNsgKYrGKzoazXQgDY_nwpRjBNn1LKib9m0hAKH9Lisnk9ilR1DCfcAQQD-044PohY-V79cIiyYsU0Xscj2aif9vCcOlSYjX2vmaFHEKn_ikpa7FLjfBwhX_qywcUZq1lNiMtVjLC-M03RDo2JWPUCAl-nrPZDPT6n9QzGIWV7Y9olacLtXU7TYZVnum-hWwvadTE_qmjQUQHhTXk44Q7S4vLVswGMrS2cm_Drrx97Vj6GN4DwepcQk2eLSdt1q8Vh_gLbpX0tulm465zNBu7PWdGs6TBruLZK1vpoEsNCLP5VcjkzipXNp9tg1UMduKcJnRLCXNn_DXb4AysVuq1G7uGb-DjlYeWSBIYTSe36kSzTPA3tgm_VlJHkof8WQjjRMXuOVOQJAY-im5ZgtoCTkrrAwGrOlNQBn9-lW6imclkt6gGVB03pp1pRYXOnZVC_9bGH092vsUnCz8qt21guhqHHLhJN8Rxyk_bdco6TsH6o7MmyuZ_D8kn5zKPsFrI3-dUzlcgpaXOCnoHQBDfqtV53_Y-zq2u1Nq-Pi9lZ_vVaR0anlD9eIiG7YVp_EGBkT7jNDafpYfEHlT7wfwYMFBdWhWTOKpL5EIElfHFF5TPGOVYLfqVwZypMpjuGVlu5YY1emsT8mATqZ-asdDvYXmWXp7CDLBOqK5TYN3kunq4gJM6_s5DlpEmbdSdZSgiyB01W-Zplv4fbZQZbxKFZFUaWOdhlBMP2togQHKT1Cozv_GtVXh80BjpxPrscbv1f5w9N2BcIdihZxvSP5GoyJxkJ-Pe4fi_TztGt3mQcYIiys0cC9KrHjAB2fuwo8Zlr0QxT3wI37nlcsjF5g1_rxX_9WeYQ3Yfp2SOkGS0DaC6-Ml0vfGoFRzLfI75ClAxr2douOX3-P62DrW4UNvXdYYFdzL8mo2H5y-diSTo5DQGc61hktS2q0cYoWwKe22Icj-zt4jMbyvj7t1yWdPZQE2-pKXy9SBxTmsGjFi1MKOSbqvNmJ5paoeUeOeTYmt02dZ2r2JdUp_bV_-wPPidsVYbBnrimrRO8OPj-4ts0OvGQAzXZTtaZL8LF3msILXEVTXqExkWEqBz0KCSsYEd8VK34V8txP5VnEhL_64SXUvmbmaF0NmkwkUBfYeN-P-MFLxURu_X7lVm4ai5rtjH-WMhzJf27jvf42oAHfoAbuIN57s_Bmz1bpSUncx44_-M3naCaI1oT0hpfjAa32t_ayHqjroiezvH-nA4Zg29hPidX7_Olm-KbEi2NUTeANV1Wxidjt27ptuvq227dedOgpydaP8Lo_3yBBz1g5STjCLUAsSPhjQuOa3LlKQZEYF3gifRCDXXR-Yh7tkiDzQIVIlPfHvltrW6q3Hcz1tzn4etV6x3cWTaTX6pdFvM740hq1pvRh7_Ql_ofwd1wAmFwpB1l_e50N1bwx4_kADS4IFkY-Jeq361x-64xX5E28uScTWaE00RZW-QWKoZkkqPRSmaNlQ-p10KAbumBaUPHvyYOzjJNYtH8VuqrV_yYVFLzlhwoBxF1SzoHZXnTl5xUXSO5047a4BpeLI1d2EWRJ4liuKbc8JJcaUULNXEVjDzqDcCtfqqPDHITjoVc4sY0ad0XQq2giEad67a1L8jY5-i0UBMrXKZd3Q5k-AK0jrgH08wV0STYe7jk3x1rbM6jqo5y7djD0prj58XwpIz9y2mZ87KPL2K1IVB2UtPaIT-y7iADHp_8QcJBulrNSqR-CfBbkmdZyMrC4t6EQs-v_JZxIz5GEXkWC2is15A2YZaVxKJg5OF2b9zkiduGJwAbLWPjFOjD44Q6ios7cSH8-joyLMrlO-mdSVV5n2IY5pcaxbf-TjiX0fDugcHZjRoXxVIFQ58p7Xg9ttKBu90G2Hf0w8ZRWeo9Zg5O07XkZu9J3bS7DGJJ3Jlk8Taniik5bo01r0rmBAZ121f_e64X6DOF1KuLTA1Vaj7zLGmB8NU_gyGqKEAjdtzASxAisSBf6tlivBkc6DWxe_u0FB0BnKVkC_1z6K8BG4mYLMowcWN229OJ51DmvgpwIG30N1eeyZRP6hm3sKvXHZCLfZBLVVvx2nRFsUfpWEcEdtPe-R5oQQGJXy5215xwFMxMKrCUPB67F099foFvPB6m0DYIFGuUQjKO1HIm9t8tNDbuU6gUMNSkcVnxduOukYkGr0Nau3ySHXsoFIXF9HVyH3TdgGqSXyKo8lsdtem_lRAnpifzKnF_MbheMtwNIcWpzEyaRFPuSW5XITyMpnay8zRULLotCTfU3b5ZvjzZHYoqwsL1IMiTegxASZGyl6eELjmuf9ukGbWVZzw9UtMm6otNoyN4aEG0m3bu3qvOBW15TxCX20OFC4e5bMXtuonsZsG_hRSOoT093nHgT7qBAIgxaNkKH5hu8TwKJofKLmCCQkdHFwu9pe-yKZpJzMMQ8x0WUIiSzhedWRecM_PP-Qj0hN6ok8Y0gZ8aFxna0Os_Krw4UbXG3wR6Nk8H-Ar58S16ignKnWwmj16JE5Qv13zjj5ERD-kL-RIu4SRPGrT3TRWl05BVTpy1v7XTJpDQeK1mqWq5-6Z3XWoPBzutzAZpGbCLm0yLT0xZhQSUM13RWYDg4faXz3hcE4XWREhiM9jZcEdWbpyCtdC0QRWD1vDWNx-uOPWuxMQDVYMlP4npYZ8O7MPaWOrmbm1FkXIwVUzIOE3mVMrswyLu0ICKAoWNUlA43e1HTstlQjl2oRfQcgK8wa4Rgbqybzh3yJdRfWEWG6yPUz0DCguTUnienhebhh8mEW5BM4AyTTsWQCxN_jsjB1o5GPbUrKvK9guTocnUzusW2Pym14JAEUR8DyB9nzd0Y7OXI2JLkjQolXir8wLbMLmlZ5vTRti-7b48v3CxnjhrgIx0iJxrpHpIB4Jt7ZcVhmYHV9MbTv0FeAWtiTukIJAC8zV6KYavtASiALILJSg6BvN3yLcEZBgbFwcJI_OobDAiQzQ&cid=CAASJORoqf4umKhjYxKKoU4RZmGDBkcvA-wPd8-bEfH9eD2Zj4pfcQ&rfl=7%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:26:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 07:26:42 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame 928F 27 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10546
x-xss-protection: 0
server: cafe
etag: 1672864604874404814
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 07:26:52 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 928F 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 13:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237333
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 13:31:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1347 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 21 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5777 22 KB
8 KB 18ms
17ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 430343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Jun 2022 07:55:00 GMT
expires: Thu, 15 Jun 2023 07:55:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1347
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAaez5iXEiUDaFJrj-UsvGE&google_push=ARnp8GBKgpRDy0b62pxXGPxCU3V4xoaELhiOAud4bcz1hQe-Ofe1K-Ycig...

170 B
188 B

19ms
19ms

Image
image/png

142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAaez5iXEiUDaFJrj-UsvGE&google_push=ARnp8GBKgpRDy0b62pxXGPxCU3V4xoaELhiOAud4bcz1hQe-Ofe1K-Ycige9Q-6ukkzrKiQHNbKksNTcs-Ry4oMt3SK-8vWRpHc

Requested by

Protocol

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1655710043.249555,VS0,VE90
x-served-by: cache-hhn4052-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAaez5iXEiUDaFJrj-UsvGE&google_push=ARnp8GBKgpRDy0b62pxXGPxCU3V4xoaELhiOAud4bcz1hQe-Ofe1K-Ycige9Q-6ukkzrKiQHNbKksNTcs-Ry4oMt3SK-8vWRpHc
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 1347 70 B
265 B 106ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEH0vK2KTihy7dhXBpx6Ky8M&google_cver=1&google_push=ARnp8GDFHkd3ia4uV4AS0j7DyEmhciJYL3IYOpXTJqV-4Q9iBMwBaZiQJZQlQUG7GKAaEmnCuVXnkWMU99VJeVYHoXYqKjVgoA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12683&adk=2922729533&adf=2645242779&pi=t.ma~as.2784%2F12683&w=970&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655710042600&bpp=11&bdt=390&idt=75&shv=r20220615&mjsv=m202206150101&ptt=5&saldr=sa&cookie=ID%3D52b8e7cecdccc2c1-22afdbc3b6cd0060%3AT%3D1655710039%3ART%3D1655710039%3AS%3DALNI_MY1kslgW7A91_hcKvkTrZ5Zdn2dpw&correlator=158423130175&frm=23&ife=1&pv=2&ga_vid=373935847.1655710039&ga_sid=1655710043&ga_hid=1799351960&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=956&biw=1600&bih=1200&isw=970&ish=250&ifk=3294055689&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068062&oid=2&pvsid=1515047525666438&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sv1zl0mbtivo&fsb=1&dtd=89
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1347
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ0Db72XHIYmsHNOyZBwAzk&google_cver=1&google_push=ARnp8GCQHuUETohN3CBHcaz_wAZj2zCVvUHQGnj5OoOeEQBujrig-w-_ecIxlRWnaKg1-kScRDUNvPuy...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ0Db72XHIYmsHNOyZBwAzk&google_cver=1&google_push=ARnp8GCQHuUETohN3CBHcaz_wAZj2zCVvUHQGnj5OoOeEQBujrig-w-_ecIxlRWnaKg1-kScRDU...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE2NzA3NjI0MzU4MTU2Mjc4Mw&google_push=ARnp8GCQHuUETohN3CBHcaz_wAZj2zCVvUHQGnj5OoOeEQBujrig-w-_ecIxlRWnaKg1-kScRDUNvP...

170 B
188 B

20ms
20ms

Image
image/png

142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE2NzA3NjI0MzU4MTU2Mjc4Mw&google_push=ARnp8GCQHuUETohN3CBHcaz_wAZj2zCVvUHQGnj5OoOeEQBujrig-w-_ecIxlRWnaKg1-kScRDUNvPuynvyOg4EWsNjQ3raWvg

Requested by

Protocol

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE2NzA3NjI0MzU4MTU2Mjc4Mw&google_push=ARnp8GCQHuUETohN3CBHcaz_wAZj2zCVvUHQGnj5OoOeEQBujrig-w-_ecIxlRWnaKg1-kScRDUNvPuynvyOg4EWsNjQ3raWvg
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1347
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ0Db72XHIYmsHNOyZBwAzk&google_cver=1&google_push=ARnp8GC94bYiIGf2H0kVBNpJeNeK0iHVhY34R0Pf-IMrlwc70Awmyds8mMuJeT45fQtfz03Dg8cHdS2B...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ0Db72XHIYmsHNOyZBwAzk&google_cver=1&google_push=ARnp8GC94bYiIGf2H0kVBNpJeNeK0iHVhY34R0Pf-IMrlwc70Awmyds8mMuJeT45fQtfz03Dg8c...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY3MDEzODc3MjMxMjc2ODc1Nw&google_push=ARnp8GC94bYiIGf2H0kVBNpJeNeK0iHVhY34R0Pf-IMrlwc70Awmyds8mMuJeT45fQtfz03Dg8cHdS...

170 B
188 B

20ms
19ms

Image
image/png

142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY3MDEzODc3MjMxMjc2ODc1Nw&google_push=ARnp8GC94bYiIGf2H0kVBNpJeNeK0iHVhY34R0Pf-IMrlwc70Awmyds8mMuJeT45fQtfz03Dg8cHdS2BCJgmD44zbuSSKIKnuw

Requested by

Protocol

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY3MDEzODc3MjMxMjc2ODc1Nw&google_push=ARnp8GC94bYiIGf2H0kVBNpJeNeK0iHVhY34R0Pf-IMrlwc70Awmyds8mMuJeT45fQtfz03Dg8cHdS2BCJgmD44zbuSSKIKnuw
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1347
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPdxISZGyIvjiD-d5gZjAPs&google_cver=1&google_push=ARnp8GCtLsclkaFWhndAF0UAvGhrcC_eIcgOMrNwVs3y3aaUHu2jleO56MMhIdRLKeZQvnpPNVGWDY7bSd9K...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCtLsclkaFWhndAF0UAvGhrcC_eIcgOMrNwVs3y3aaUHu2jleO56MMhIdRLKeZQvnpPNVGWDY7bSd9KdxcKnxvSeplYKWc

170 B
188 B

20ms
19ms

Image
image/png

142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCtLsclkaFWhndAF0UAvGhrcC_eIcgOMrNwVs3y3aaUHu2jleO56MMhIdRLKeZQvnpPNVGWDY7bSd9KdxcKnxvSeplYKWc

Requested by

Protocol

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCtLsclkaFWhndAF0UAvGhrcC_eIcgOMrNwVs3y3aaUHu2jleO56MMhIdRLKeZQvnpPNVGWDY7bSd9KdxcKnxvSeplYKWc
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1347
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHjbmJV1HzlvB_MkS-MAqMU&google_cver=1&google_push=ARnp8GCq7GpvOyRzGo8RGR9sNKp15K4eBehqZa4lWrOeniOrUKGFrnohbm8RNfwBy-WuSQpz-F6Kb1xTR34KaXYhd59HoRsrcg
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GCq7GpvOyRzGo8RGR9sNKp15K4eBehqZa4lWrOeniOrUKGFrnohbm8RNfwBy-WuSQpz-F6Kb1xTR34KaXYhd59HoRsrcg&...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQyMzkzNzQ1NTI0NTEyOTk3MzY2MA%3D%3D&google_push=ARnp8GCq7GpvOyRzGo8RGR9sNKp15K4eBehqZa4lWrOeniOrUKGFrnoh...

170 B
188 B

20ms
20ms

Image
image/png

142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQyMzkzNzQ1NTI0NTEyOTk3MzY2MA%3D%3D&google_push=ARnp8GCq7GpvOyRzGo8RGR9sNKp15K4eBehqZa4lWrOeniOrUKGFrnohbm8RNfwBy-WuSQpz-F6Kb1xTR34KaXYhd59HoRsrcg

Requested by

Protocol

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQyMzkzNzQ1NTI0NTEyOTk3MzY2MA%3D%3D&google_push=ARnp8GCq7GpvOyRzGo8RGR9sNKp15K4eBehqZa4lWrOeniOrUKGFrnohbm8RNfwBy-WuSQpz-F6Kb1xTR34KaXYhd59HoRsrcg
date: Mon, 20 Jun 2022 07:27:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 1347 0
75 B 115ms
24ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHTAdmrAxxor0L2NdjxyU58&google_cver=1&google_push=ARnp8GC5yTiqeuhoncYPwXugv3jvcm3j-jXo0Q1xXxo5dSDWKisTev7ji3XgApyTlUfpy5rq6cK-IRhyK-_tF2oAB5g3LIYbDQQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12683&adk=2922729533&adf=2645242779&pi=t.ma~as.2784%2F12683&w=970&url=https%3A%2F%2Freurl.cc%2Fmain%2Ftw&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655710042600&bpp=11&bdt=390&idt=75&shv=r20220615&mjsv=m202206150101&ptt=5&saldr=sa&cookie=ID%3D52b8e7cecdccc2c1-22afdbc3b6cd0060%3AT%3D1655710039%3ART%3D1655710039%3AS%3DALNI_MY1kslgW7A91_hcKvkTrZ5Zdn2dpw&correlator=158423130175&frm=23&ife=1&pv=2&ga_vid=373935847.1655710039&ga_sid=1655710043&ga_hid=1799351960&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=956&biw=1600&bih=1200&isw=970&ish=250&ifk=3294055689&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068062&oid=2&pvsid=1515047525666438&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sv1zl0mbtivo&fsb=1&dtd=89
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:22 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1347 0
12 B 18ms
17ms Image
text/html 142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lv6TjT-wVcW1-Md1JlBYkI75xIXSEyhinUO1hpwShTvQE8ko8CRVgpM_4Hidh0AVkoLEGT

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5777 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 17:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Jun 2023 17:35:00 GMT

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/1132308612429905920/ Frame 9DC7 47 KB
11 KB 30ms
16ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=4S1aVwg1sr&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5aaa8cf1bbdb357b02e2a5ad848ada5743e73e3be3a98dc8d62eb4c6c5ee955d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:27:23 GMT
expires: Tue, 20 Jun 2023 07:27:23 GMT
last-modified: Fri, 22 Apr 2022 08:43:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 928F 0
622 B 63ms
28ms Ping
image/gif 142.251.36.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8d7uNEU0wFj8bbkwGIaSRKUPnpoAJLRHbPo5h6E80YMxTNY_fFrXW6ps6n44zxnD6-tCbzMC1Lx9uVLfBAvK3Y2EvFODIYbN8QEDQvWoLai01giLBV9ISJ0wAdV_IMTfv33N1vyRpSA3SF50aUbhWw2UMlVqI0DBykUOEDtBVuTgp1A8HPgPCcch8Y_6VAi1mD-aBL1hycbqYKsgseSvYdwPG0S360Pj1oKFlEXKHXR6U_e2AOnCh2jHE8HTbWu-t88PuKpk67qiCm5CFfjSka8DMzNNqpjyXRisLOZe4xtDDOSkaP3FkNLQThnp_bsfn_N8Tg4v3LpTOcP-KxYJ_sXciuRExlYWw23Fpdb2O0hDVB9AXSZZOGyUA0goDCQqqGWxkB3uqicJ0KqpUzQb1mz2rc0b2OqBWmIysLCazOAudmPhF49KvS6nWMicxxx5w5V_wnuDJLWvNz8O1o9zbEWqGVqzTwVDB3WZUT0QbOUl3k3ebxTW0CGif_YG7WSov3F6Y94A3y8KgNfRyNuHq9D2PuFgvMRxSaaDZMXzTjBM5vtjZnCZg4QATFwaBxbNa9Mmh6TBmeVUG9HDDYUGwMYcGYantzQTmmeREIrOJRSNBb8cE-kRgGh0vwzBQezV-4lMlAwfJGes4t4Ce6CyIZ7XA1YgHOcANFbO4Ldr8cjawqWJbrFzute6IMrfQzjZa0VHhJH5dR1HmI3eQyPCrrhg1wRsbJSoyw3muekaV-eFqtt0C8M8gbnbcgL_ZgNs_FK-Xkge-aWLL3h-vkdY23xnWtJYnIcb3AEGi9TR5J_VTBC8JlkzMEkgTpj0uszNgrmOjk42rqo9SFEoi4QJj2z5YrbzO1Ag82k0L3QCJM6x5eZV-8sxrVR-nfIzPpBvJIhd1oVu9ogt3H8OjrhN7JsbRMe3VKeKfxdyuYBHiNxoJlhoElBne1L5nLQ1LsF20ptvLbGMmiv8MzYSh9KXVsnxoQQdOJjiiLCSMno1fILASPRjQk-I76ZcqKTIK3vBjBC-TaVOaaiAoP_4S74moSXjYoVbU9ewZ1j_m_Gqh6vEu1ehwbJv8JQbZ-4ndCGkqMzFsc8ACUQs9RKfWwNw5qH0bK4YBMtCx9gopl5iEyqxsblQE4hoCJUnHLjNjApl7YM_pM4xH8qDFWMh8reprBJDAEKqhkIMp0aKvo6cO9rzIrTiiPl_8LVaRuGE9Udic-vEbyDC6qYgzj6nSXbxbQQ&sai=AMfl-YTD4WAP9J8gQM6U7wnRRNBAu7QhuM1EFBOQtynrdK4VQ4GCNP5aKidEIKUgdyPyOaOhoXwHo4DIqNhBt_nNAfdgHvjXQKCC6TQkOQHEK_qJ_tGNEl0NwqZVTh7VGLfiRGkBvsHOQcGUfYp3KSUvE2q343RrkSIaXi3uSkER2WwpTzp7miErgG_rOU0VjQ11xwx2R8l5WqYEUTyno3k6zA&sig=Cg0ArKJSzD5EkAZCRS2fEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=111&cbvp=1&cstd=103&cisv=r20220615.37003&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s44-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 20 Jun 2022 07:27:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 928F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eca9e445cce114d59f73701824becff75de9ae24c713fb1b4b8415c301633c6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame 9DC7 118 KB
40 KB 480ms
480ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=4S1aVwg1sr&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=4S1aVwg1sr&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 21 Jun 2022 07:27:23 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9DC7 60 KB
24 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=4S1aVwg1sr&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=4S1aVwg1sr&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Jun 2022 07:27:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5777 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnjYRWyGwYsmyB-3Z7_UP6OeBoA4AAAAAOAHgBAI&bg=!q6ilqOzNAAbASn8N4Eo7ACkAdvg8WsLVa15XziRyMaih49kFwT7Je8462JhPO1LpFKjzpIRWwi6eXQIAAACCUgAAAAZoAQeZAz5LVGY5f1-lFm9YcExPEBR0UBPzmTXxNsUny13hU-pTfQeMj0xtFLvqu1mmXViFDeFw7aJc87NKhsFBV96d5NbRIytu0EvbBzW0lVuWhaaTylz6IVApgdp9T_ha8ZhOTF1_MoREniPSs4dXrc0Ga9NqaJ_QWlleKX6g6mMUKqwdtmDEm_nGYiF_J6OUWk37oXiqdCy8lCajqgU-H3KdYiL6UlA56-Jn4ZdXnpUNeMe_839N0TwapuqSgNlT2oLzEb4lQ8c0kkwnNNPBHSdBwV92a_DZLKZ5egQ8ytl45u-ZKDFed0meiLnFSksMs2gQCt7p1t5RhQlD93Jf87W-TojsG3pCfD64nE-i6FGv9h-KPzqwH3hBvW7fqV3yf6FB5bMSBFEb3CPMNqtIBKh6HnwFDszlQiWuDolLlw5QXthLqGNdcKIpjYyO-E1zH8PpJUWcw_ljhT393kDHqNPHYvs8DqwuYkZtrk08VM8A9np9Q_X3HJT8lzaCDuwkaXsSkQUs9sL7KL-2uLFO2E5JRykIKCnVVhWM74W8GnvJpkh0o8tiqoPEkT1D72TSN6wUrp0KrT_CizsBa8uN1QZRdT92dwBpDgfla9SrlQToIGpt1gObr5jClMUaGRzdf3DNE1p_K0yfYSdP0t4lql0pWdrwFx2Y1iiesi_sJ3mFuK9O28XlCxARS8lxjx2WiiYmvBnw0GANfKy7ylpi-kf6CgcUud_ExMVbrSQKgYpudHnJvzAF0hkcJC5uD0ann1l-rmVKnaSbic6DJiYbanfJKM_0tHjoD_za-1iahu7eoFg39XChTgBmQBSrZ6FHX-JeIg-aa6AYVPXwh4c40mikhOQVFdHBLhfCa4L1SfCt08HptKgV4we37c2bejrpvbDbH2929pWGyWx1nhW-cl2sv1kAZbdS8AnYyC8Qc5jnUZD8WYT1LsP2ulTWjY4teU5aIVfI_SlDHWqd3-Jk4kz-qfImmQ1HP45xCVmZT416QyqI-UG0Sh66p0ZuWF-Avkp8DRXrV_nVvEueMqK6x4pkQ1gj6acM1xJJaobG0DCUFbcJKw0mDXb9ImBlHMAIfXkUAmnCRFZOIDrxGcBo7fbVQg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9151 0
0 58ms
57ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022061301&jk=4186727608017631&bg=!CwilCEzNAAbASn8N4Eo7ACkAdvg8Wl9gBTvZe7CnY7ZImziK4BUlnPuvwxFe-e4fe7lkbTg9InwcrQIAAABMUgAAAAZoAQcKAIebpQqSvs_TSQ7JOKjdCsS4KrV935fCW1Oqzw8WsMrrNTuJWuFQq3JyAQXWhMjoEncKkJmNi8Ta7zkMk6hxr5tIYk0sKNbdnP1tkyFHCqadyI6SWarqrJkrLc_8nxZWXlIL9wK_KBsuNssJSIOkiYi0xPuY7HYwLkT31tzox9w2JSAcrWUrayqZAvjEU6vpbrPJZgZvx0A-RbZsASUmbpuuxE6ZeOZ6ZgdV6Jh7Xytubovwl0_6m9fcSudo4SRtN2e8-dG5OtHMuwJqP67W77fAkCTKKyJ3SBwQoGh4kkx48SeLRe6QDJpclsbQt2ZSn_3yfhpgAkwZdbEd1GJb_U4INw9mtaXRRAxialmZDFKZgOSfkCG8MN8ZB31DZ18uA5W1gfS210hbfdb1s2KY6sFPBOXVF-Ye7zGp0_IpMAB717NLDPSxlg6EPbB1UN6o_ZSs2aM5cV-sazJYVEPHEnkiKKul9wCKketY-eqSHoTZWCLa_N-CiHXBVtziDX0RDoztPjQHIw0lTd-KOPWhUKSE0ALOgKnWalWbC4NT8FcNM78VcgHsYgnYZXnNN2hOZCqavp6NFy1wIST_Rau6HhbYl3MAF29v2WQIA4Dgm-OydtRBU0TtdZ9datMSnlqIACbFAr5TlhUG-PQ7G0A1piIGf6oSAaGFkPoi4p-vOLmaAkiEOwGjlPMWsBgBusX7zJw9tj_gjxhQLIEptYXfetCAaGDquMmlsXObrBWzNFfpebbNSLORLgQTelR2U8fb3hGnPZQYVeEwhB8Sl4zdtpC5gwyvQnhoqJ4_U-Vnr6-mEGBB7blMGZ9FDlR791Abf3ihqTtgCK6arwzPo_WMbdiFrSfNdQUaHgP8kUqyyPbReDnz6q7PaFGhzAocukLL2aifYH4r-y3wzX79Vrd9JGY3wET0oYsif7eKYBo7XIBwW7ZaGGXOqc-T0XxKC-GNhEShFPD1OgLTjztKoktdYO0cpRk5GjtAXl3luw5__eYuWGiewv3R0uXUJGcesDM7fx9lSpCKmyUJYVWpH3QvspBVhbk1YU2kkqgTIil5MJoH2lNrhQ4vnG9ifEgPRjxcMd_ZcUtGJuXZXMuMCGwrZtIJpd962UdFVRQbGoC9ZNxPm5CvW4546UbIzzyV0ISpilygCyQIxzagDPQkv7f1ZdkUpK1SgFFXv7PNQPM6yAQbnvhb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 928F 0
26 B 69ms
36ms Ping
image/gif 142.251.36.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8d7uNEU0wFj8bbkwGIaSRKUPnpoAJLRHbPo5h6E80YMxTNY_fFrXW6ps6n44zxnD6-tCbzMC1Lx9uVLfBAvK3Y2EvFODIYbN8QEDQvWoLai01giLBV9ISJ0wAdV_IMTfv33N1vyRpSA3SF50aUbhWw2UMlVqI0DBykUOEDtBVuTgp1A8HPgPCcch8Y_6VAi1mD-aBL1hycbqYKsgseSvYdwPG0S360Pj1oKFlEXKHXR6U_e2AOnCh2jHE8HTbWu-t88PuKpk67qiCm5CFfjSka8DMzNNqpjyXRisLOZe4xtDDOSkaP3FkNLQThnp_bsfn_N8Tg4v3LpTOcP-KxYJ_sXciuRExlYWw23Fpdb2O0hDVB9AXSZZOGyUA0goDCQqqGWxkB3uqicJ0KqpUzQb1mz2rc0b2OqBWmIysLCazOAudmPhF49KvS6nWMicxxx5w5V_wnuDJLWvNz8O1o9zbEWqGVqzTwVDB3WZUT0QbOUl3k3ebxTW0CGif_YG7WSov3F6Y94A3y8KgNfRyNuHq9D2PuFgvMRxSaaDZMXzTjBM5vtjZnCZg4QATFwaBxbNa9Mmh6TBmeVUG9HDDYUGwMYcGYantzQTmmeREIrOJRSNBb8cE-kRgGh0vwzBQezV-4lMlAwfJGes4t4Ce6CyIZ7XA1YgHOcANFbO4Ldr8cjawqWJbrFzute6IMrfQzjZa0VHhJH5dR1HmI3eQyPCrrhg1wRsbJSoyw3muekaV-eFqtt0C8M8gbnbcgL_ZgNs_FK-Xkge-aWLL3h-vkdY23xnWtJYnIcb3AEGi9TR5J_VTBC8JlkzMEkgTpj0uszNgrmOjk42rqo9SFEoi4QJj2z5YrbzO1Ag82k0L3QCJM6x5eZV-8sxrVR-nfIzPpBvJIhd1oVu9ogt3H8OjrhN7JsbRMe3VKeKfxdyuYBHiNxoJlhoElBne1L5nLQ1LsF20ptvLbGMmiv8MzYSh9KXVsnxoQQdOJjiiLCSMno1fILASPRjQk-I76ZcqKTIK3vBjBC-TaVOaaiAoP_4S74moSXjYoVbU9ewZ1j_m_Gqh6vEu1ehwbJv8JQbZ-4ndCGkqMzFsc8ACUQs9RKfWwNw5qH0bK4YBMtCx9gopl5iEyqxsblQE4hoCJUnHLjNjApl7YM_pM4xH8qDFWMh8reprBJDAEKqhkIMp0aKvo6cO9rzIrTiiPl_8LVaRuGE9Udic-vEbyDC6qYgzj6nSXbxbQQ&sai=AMfl-YTD4WAP9J8gQM6U7wnRRNBAu7QhuM1EFBOQtynrdK4VQ4GCNP5aKidEIKUgdyPyOaOhoXwHo4DIqNhBt_nNAfdgHvjXQKCC6TQkOQHEK_qJ_tGNEl0NwqZVTh7VGLfiRGkBvsHOQcGUfYp3KSUvE2q343RrkSIaXi3uSkER2WwpTzp7miErgG_rOU0VjQ11xwx2R8l5WqYEUTyno3k6zA&sig=Cg0ArKJSzD5EkAZCRS2fEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=668&vt=11&dtpt=557&dett=3&cstd=103&cisv=r20220615.37003&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/main/tw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s44-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 07:27:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0B8D 14 KB
10 KB 24ms
24ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01a1008340b8a7c2f853f95b7eb73eb3f350c3975ce29e233e9ffd117df28fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 07:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10597
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0B8D 17 KB
6 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Jun 2022 07:27:23 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 9DC7 47 KB
47 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=4S1aVwg1sr&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:18:09 GMT
x-content-type-options: nosniff
age: 554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Jun 2022 07:33:09 GMT

GET
H3 200 OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 9DC7 47 KB
47 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=4S1aVwg1sr&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:19:44 GMT
x-content-type-options: nosniff
age: 459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Jun 2022 07:34:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9DC7 7 KB
6 KB 21ms
20ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac7693c2f0129f3a0cff51afe0379e2865b366c592b7f8172aeb979136fa8ae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Jun 2022 07:27:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0

GET
H3 200 60005582_20220527245333797_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9DC7 20 KB
20 KB 10ms
9ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220527245333797_728x090_LOOK-01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48cef9b185fda8e37aa74ebf35118048b91dd717c8e2835de1f03732b915a24d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=4S1aVwg1sr&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 08:59:20 GMT
x-content-type-options: nosniff
age: 80884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20044
x-xss-protection: 0
last-modified: Fri, 27 May 2022 07:53:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Jun 2022 08:59:20 GMT

GET
H3 200 60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9DC7 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=4S1aVwg1sr&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 08:08:22 GMT
x-content-type-options: nosniff
age: 83942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2040
x-xss-protection: 0
last-modified: Fri, 07 May 2021 13:08:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Jun 2022 08:08:22 GMT

GET
H3 200 60005582_20220527245330315_728x090_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9DC7 20 KB
20 KB 10ms
9ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220527245330315_728x090_INTRO.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb9839664fa9870db3cb1f926eace0777493a2a742d453027927e6752a9caa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=4S1aVwg1sr&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 08:59:20 GMT
x-content-type-options: nosniff
age: 80884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20767
x-xss-protection: 0
last-modified: Fri, 27 May 2022 07:53:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Jun 2022 08:59:20 GMT

GET
H3 200 60005582_20220527245337643_APP_iPhone-13-Pro_Green.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9DC7 25 KB
25 KB 13ms
12ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220527245337643_APP_iPhone-13-Pro_Green.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e2e661e9bdd91cafdd5a98cc1006b66458b76ef23a4ed86e2e6527895931e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1132308612429905920/728x090.html?e=69&leftOffset=0&topOffset=0&c=4S1aVwg1sr&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 08:58:36 GMT
x-content-type-options: nosniff
age: 80928
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25677
x-xss-protection: 0
last-modified: Fri, 27 May 2022 07:53:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Jun 2022 08:58:36 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 9DC7 43 B
639 B 34ms
9ms Image
image/gif 82.113.101.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27880537_4307561_337689928_170181287_QTYP0403A20220601&ref=27880537_4307561_337689928_170181287_QTYP0403A20220601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 07:27:24 GMT
Last-Modified: Wed, 11 May 2022 05:12:26 GMT
Server: Apache
ETag: "2b-5deb57cb16280"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9DC7 17 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Jun 2022 07:27:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6E6C 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:26:42 GMT
expires: Tue, 20 Jun 2023 07:26:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3B91 783 B
533 B 17ms
17ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7618a39e03f0ce1df4ae0d633d1d39aea590ce581c7e5d21b2c61e55db284260

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VzcCoTuHaSBB0GmfnFOYlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-VzcCoTuHaSBB0GmfnFOYlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 07:27:24 GMT
expires: Mon, 20 Jun 2022 07:27:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E6C 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 17:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Jun 2023 17:35:00 GMT

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame 20EB 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 17:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Jun 2023 17:35:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3B91 0
0 48ms
47ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=1515047525666438&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6E6C 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7vl98g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 928F 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNAgeAbCBHxvBuFtB77q2R1FvnD_Vpj9B52fqEStx5MZklom9CFemU2fgxrlRr5r0DHMnJac89DHcFiPdlmi7-lX6rlgLw2p6dklI5G6Pym_SxSyQH2XnQ1tJEH0lj1ZsZtrupGQ&sai=AMfl-YR7uInxPO9uL0dFzrgngvJQxtqtwBFbmhUX8TQTMonAoMrVPzjI4qTHyWT_mWorqW7rBhInAzibC68lJ74ILPkkRyMtzoEi0KaWIRT6WdKEORh1JAX-n36d9mk&sig=Cg0ArKJSzI95Mom9rtC7EAE&cid=CAASJORoqf4umKhjYxKKoU4RZmGDBkcvA-wPd8-bEfH9eD2Zj4pfcQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2922729533&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655710043092&rpt=258&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 07:27:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0B8D 0
0 51ms
50ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=1515047525666438&bg=!5Oel56PNAAbASn8N4Eo7ACkAdvg8WhuKDltw9a8coe8A8lesqs5cDo30mRjxrGsNXMO9CzxCw7BWJgIAAAByUgAAAAFoAQeZAuPbiE2jjwME6Bw0irIzGobJx1I5_V-LhTfnPF-Cz2sjuYdRHHBItBpFLGEpRkBXtHqLqz1lwP34E6kbHPvOgWX7ARe1JQyxm5hG-o-gpPUf8ECaW3sgQYW3axUzI8uVkf8I2L3sVxqqHUcQGYY-pbyYzd4_4Cki_jMeKiYlnmEg5B3NadjLPNbv1OHjsWRbXh1QZuhvQXJCKSEG55r4DhBF8TZae2_RqD-Tu67u4waUiJiOWeNj6TLIViJB68ivt-kxJj4EE4x8RYKq8WztQtsWH85S7SptiIGBNcHePPk89o9CNjsPKwHKNpzSUc9CKn1_dntUB7FjChJefdWrUgp4wGBnZdGl_NPSg4_4_7xhl1iU4NxswmPWpgE5RapSiImQGyQ1lb_l67_D2gVsPWRc5QyGLP6YjTq7D09shiGeyq8jia7-AJZIySF1XOj8-Imobtygb0EoS-g3c3khPlZ3XISv9Yvlk9AxK0tHCodK7ynN1i5trVSLl397AE8c8PDuS6SZ0Dy-e-VfnNl26j_LbXcpwiNdXYd6sY3Ph8IOeFIkrbhaAhr2pIeIhVsi1aUfozU6lQ5h24LiSolesVMqtcHKjL8Z7G5Z3ig3l9XeJkCyVRLV22SubGlu_jf5Ndcj8UcY0DF360rvgVwfIE_oJoIpQmHf1KRLZCiZUksL2Hgc0W_A6WarwYfBypCj0naPtT7kr1EwrJxVIgNEhty9hyQXgfumCe77eb-P7sgOvx4km1PDZmCsXuWW2eK8pu1EWdsddwywrvj8FpmZLMMmSnokxgKjuuTYw2i-1dFGN6DsFGofncadQ99IKP2IE4lPjt2E8ldVvLxuhZOPxO9rq-EnCaP-UMzyv0W0xHg0WcHhCNPYYXIC9tzCTqEabSJpsmorxDnbzN9NfoeAE6mGDmrJwGEZzJh5Ku9j7F6Ct0-fcSZyl8ZK2WyrmOxRBAvjDa-A4NFU_7vUln8XyVsEvMCj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7EDD 4 KB
4 KB 17ms
17ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5fccf1096034f0e911abb617de8c2e1bf39fda75bf1b1f4f69c24fae33d7269e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:27:24 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=1686262
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4002
expires: Sat, 09 Jul 2022 19:51:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-66UntSYRRBPXrpbalnXceMmhrZCPI22RqgLE_g

Domain: ads.yahoo.com
URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Domain: adx.dable.io
URL: https://adx.dable.io/pixel?dsp_id=6&uid=k-d8iQgiYRRBPXrpbalnXceMmhrZDSFrqYjFQDoQ

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ZuJCxyYRRBPXrpbalnXceMmhrZC_T5z8Vo10yA&expires=30

Domain: contextual.media.net
URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KHcsQiYRRBPXrpbalnXceMmhrZAfBDrMlzWKig

Domain: eb2.3lift.com
URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Kc4iziYRRBPXrpbalnXceMmhrZC25QOJtJDFSA&dongle=013b

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-7T_jTyYRRBPXrpbalnXceMmhrZBj2Xv9U1drsw

Domain: s.ad.smaato.net
URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-zJl6oCYRRBPXrpbalnXceMmhrZBwjeDy_uq2Eg

Domain: sync.aralego.com
URL: https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-a6PShCYRRBPXrpbalnXceMmhrZA3CDahqwJO2Q

Domain: criteo-sync.teads.tv
URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-3GoqSCYRRBPXrpbalnXceMmhrZCFKzXlnVuu5w

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-5OwFsCYRRBPXrpbalnXceMmhrZA7WxTd9nXwDw&expires=30

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMxNTEmdGw9MTI5NjAw&piggybackCookie=uid:k-EsXRTyYRRBPXrpbalnXceMmhrZA1TkOAik0VyQ

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-xjZD8SYRRBPXrpbalnXceMmhrZDLTsnUHYoxJw

Domain: ad.360yield.com
URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-SifK4SYRRBPXrpbalnXceMmhrZDyxdgQieDZCg

Domain: sync-criteo.ads.yieldmo.com
URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-F9vL9iYRRBPXrpbalnXceMmhrZCD_GgXGcpwjQ&pn_id=criteo&ext=1

Domain: cs.adingo.jp
URL: https://cs.adingo.jp/sync/?from=criteo&id=k-NgPGSSYRRBPXrpbalnXceMmhrZCCd4CQ1TrKVw

Domain: c.bing.com
URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-psPVHCYRRBPXrpbalnXceMmhrZABFnVOP5UwDQ

Domain: sp.analytics.yahoo.com
URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438920

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-66UntSYRRBPXrpbalnXceMmhrZCPI22RqgLE_g

Domain: ads.yahoo.com
URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Domain: adx.dable.io
URL: https://adx.dable.io/pixel?dsp_id=6&uid=k-d8iQgiYRRBPXrpbalnXceMmhrZDSFrqYjFQDoQ

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ZuJCxyYRRBPXrpbalnXceMmhrZC_T5z8Vo10yA&expires=30

Domain: contextual.media.net
URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KHcsQiYRRBPXrpbalnXceMmhrZAfBDrMlzWKig

Domain: eb2.3lift.com
URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Kc4iziYRRBPXrpbalnXceMmhrZC25QOJtJDFSA&dongle=013b

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-7T_jTyYRRBPXrpbalnXceMmhrZBj2Xv9U1drsw

Domain: s.ad.smaato.net
URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-zJl6oCYRRBPXrpbalnXceMmhrZBwjeDy_uq2Eg

Domain: sync.aralego.com
URL: https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-a6PShCYRRBPXrpbalnXceMmhrZA3CDahqwJO2Q

Domain: criteo-sync.teads.tv
URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-3GoqSCYRRBPXrpbalnXceMmhrZCFKzXlnVuu5w

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-5OwFsCYRRBPXrpbalnXceMmhrZA7WxTd9nXwDw&expires=30

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMxNTEmdGw9MTI5NjAw&piggybackCookie=uid:k-EsXRTyYRRBPXrpbalnXceMmhrZA1TkOAik0VyQ

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-xjZD8SYRRBPXrpbalnXceMmhrZDLTsnUHYoxJw

Domain: ad.360yield.com
URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-SifK4SYRRBPXrpbalnXceMmhrZDyxdgQieDZCg

Domain: sync-criteo.ads.yieldmo.com
URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-F9vL9iYRRBPXrpbalnXceMmhrZCD_GgXGcpwjQ&pn_id=criteo&ext=1

Domain: cs.adingo.jp
URL: https://cs.adingo.jp/sync/?from=criteo&id=k-NgPGSSYRRBPXrpbalnXceMmhrZCCd4CQ1TrKVw

Domain: c.bing.com
URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-psPVHCYRRBPXrpbalnXceMmhrZABFnVOP5UwDQ

Domain: sp.analytics.yahoo.com
URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438920

Domain: ads.yahoo.com
URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1

Domain: ads.yahoo.com
URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1

Domain: sp.analytics.yahoo.com
URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438920

Domain: sp.analytics.yahoo.com
URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438920

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
reurl.cc/	1970-01-20 12:40:46	Name: clientIdV2 Value: cffba54ebbd5e8cf93ab7eac0b76c934f36aa19738f820239805212d563f098d984c773c827f1be0138c7b65742d54b0c953ffef00d0dd2f64fb826ac1c15c26d74dc1cf3c6472598d734371
reurl.cc/	1970-01-20 12:40:46	Name: clientId Value: cffba54ebbd5e8cf93ab7eac0b76c934f36aa19738f820239805212d563f098d984c773c827f1be0138c7b65742d54b0c953ffef00d0dd2f64fb826ac1c15c26d74dc1cf3c6472598d734371
reurl.cc/	1970-01-20 12:40:46	Name: lang Value: tw
.reurl.cc/	1970-01-20 21:26:22	Name: _ga Value: GA1.2.373935847.1655710039
.reurl.cc/	1970-01-20 03:56:36	Name: _gid Value: GA1.2.1134839914.1655710039
.reurl.cc/	1970-01-20 03:55:10	Name: _gat Value: 1
.reurl.cc/	1970-01-20 06:04:46	Name: _fbp Value: fb.1.1655710039277.1124418615
.facebook.com/	1970-01-20 06:04:46	Name: fr Value: 06OujXbUa0NSH4kDC..BisCFX...1.0.BisCFX.
reurl.cc/	1970-01-20 04:38:22	Name: CFFPCKUUID Value: 3926-9qPVchj1LciBQVrucbyTWY4MAJufTYYs
.reurl.cc/	1970-01-20 04:38:22	Name: CFFPCKUUIDMAIN Value: 9157-YtKkfQUqbD8Vtn3HiC9WCnQ6JODRySFL
.reurl.cc/	1970-01-20 13:16:46	Name: __gads Value: ID=52b8e7cecdccc2c1-22afdbc3b6cd0060:T=1655710039:RT=1655710039:S=ALNI_MY1kslgW7A91_hcKvkTrZ5Zdn2dpw
.holmesmind.com/	1970-01-20 04:16:17	Name: Vision Value: 20220620-23:59,20220620-18,20220620-18,20220620-23:59
.holmesmind.com/	1970-01-20 04:16:17	Name: C Value: null
.holmesmind.com/	1970-01-20 06:20:07	Name: RK Value: null
.holmesmind.com/	1970-01-23 19:32:07	Name: P Value: 659335-SAFDNW6KVKFXELwO9Jq3PriGQJ8GwRsO
.mookie1.com/	1970-01-20 13:23:58	Name: id Value: 10525193806389428968
.mookie1.com/	1970-01-20 13:23:58	Name: mdata Value: 1\|10525193806389428968\|1655710039418
.mookie1.com/	1970-01-20 13:23:58	Name: ov Value: 72e97b15862db53c1e7868a54d8ec065
.c.appier.net/	1970-01-20 12:40:46	Name: _auid Value: dGAtrr63Dq6LyDwBWCGwYg
.criteo.com/	1970-01-20 13:16:46	Name: uid Value: b53e8236-e8b4-4a0d-8b5a-64a8b6c668ae
.reurl.cc/	1970-01-20 03:56:36	Name: _ht_50ef57 Value: 1
.doubleclick.net/	1970-01-20 13:16:46	Name: IDE Value: AHWqTUn2AbiPROBpO5tVmgtCB8SVHNeg2mdIP3OhGe_vubdrupy_CAuFGc53B7hd054
.hinet.net/	1970-01-20 21:26:22	Name: uuid Value: c23fe1b8-4f6b-4d64-bb52-0e56731edff0
.reurl.cc/	1970-01-20 03:55:13	Name: _ht_em Value: 1
.holmesmind.com/	1970-01-20 03:56:36	Name: fcm Value: 1
.reurl.cc/	1970-01-20 13:16:46	Name: cto_bundle Value: JKG4rV9UcWpjVG52VExiak5qZHg3dzJ3ZEtUNXAwTm5SdWw0M0QxN1A0WXFod1RFR2NKV1BSV3hYRUxNN29lV0Y2UGhsbk5LQiUyRk11eiUyQmVSNU1udXpzQTlkeUh4V3p4aXVLMDZyY0dKdzJUS0ZxZFZtNWJITVBlbWk0cHYxTjYxbjNtWERNTGQ5ZUl6YnY5aEFZbGI0Mm1JOUp3JTNEJTNE
.holmesmind.com/	1970-01-20 04:16:17	Name: R Value: null
.holmesmind.com/	1970-01-20 06:20:07	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-23 19:32:07	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.reurl.cc/	1970-01-20 03:56:36	Name: _ht_hi Value: 1
.reurl.cc/	1970-01-20 12:40:46	Name: __htid Value: c23fe1b8-4f6b-4d64-bb52-0e56731edff0
.lndata.com/	1970-01-20 12:41:14	Name: admckid Value: 2206201527211974033
.yahoo.com/	1970-01-20 12:41:07	Name: A3 Value: d=AQABBFohsGICEIhDURVYta8b4FwbvQScrlsFEgEBAQFysWK6YgAAAAAA_eMAAA&S=AQAAAtsS_g3LmoXU-DLdMP3XhXk
.adnxs.com/	1970-01-20 06:04:46	Name: uuid2 Value: 4949854874735138978
.360yield.com/	1970-01-20 06:04:46	Name: tuuid_lu Value: 1655710042
.360yield.com/	1970-01-20 06:04:46	Name: tuuid Value: 792a598b-aec9-4b10-851b-3ff599d48d81
.bidswitch.net/	1970-01-20 12:40:46	Name: c Value: 1655710042
.bidswitch.net/	1970-01-20 12:40:46	Name: tuuid_lu Value: 1655710042
.bidswitch.net/	1970-01-20 12:40:46	Name: tuuid Value: ed1a3d8a-83d7-4bbb-9848-2b02573e688d
.bing.com/	1970-01-20 13:16:46	Name: MUID Value: 08D333C8B164616723732201B00F60A2
.media.net/	1970-01-20 04:38:22	Name: data-c-ts Value: 1655710042
.media.net/	1970-01-20 04:38:22	Name: data-c Value: k-KHcsQiYRRBPXrpbalnXceMmhrZAfBDrMlzWKig~~3
.media.net/	1970-01-20 12:40:46	Name: visitor-id Value: 2987116429112837000V10
.outbrain.com/	1970-01-20 04:15:19	Name: criteo Value: k-7T_jTyYRRBPXrpbalnXceMmhrZBj2Xv9U1drsw
.outbrain.com/	1970-01-20 06:04:46	Name: obuid Value: ecd2f212-93ef-4a7e-b16d-1cc8acbe34e8
.aralego.com/	1970-01-20 12:40:46	Name: gdpr Value: 1
.aralego.com/	1970-01-20 12:40:46	Name: sspid Value: dee938f5-e6a6-34cd-86d0-c069c9b72272
.aralego.com/	1970-01-20 12:40:46	Name: euconsent-v2 Value:
.dable.io/	1970-01-20 06:19:10	Name: uid Value: 62098127.1655710042845
.adnxs.com/	1970-01-20 06:04:46	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUb`?j)g!2(6N(<j<dINiYhTyXnfi8FW/fk!tG.z5G00dVzX]@Tr>7A2C)cOFJkXea9L/X%W#.wL4W1Qw0u?ELsK
.3lift.com/	1970-01-20 06:04:46	Name: tluid Value: 2423937455245129973660
.casalemedia.com/	1970-01-20 06:04:46	Name: CMPS Value: 3277
.casalemedia.com/	1970-01-20 03:56:36	Name: CMST Value: YrAhW2KwIVsA
.casalemedia.com/	1970-01-20 12:40:46	Name: CMRUM3 Value: 2d62b0215b2760
.casalemedia.com/	1970-01-20 12:40:46	Name: CMID Value: YrAhWwY8CCo-hvKGT3so4gAA
.casalemedia.com/	1970-01-20 06:04:46	Name: CMPRO Value: 3277
.adform.net/	1970-01-20 04:38:22	Name: C Value: 1
.everesttech.net/	1970-01-20 12:40:46	Name: everest_g_v2 Value: g_surferid~YrAhWwAKLNjgwAAj
.adform.net/	1970-01-20 05:21:34	Name: uid Value: 9167076243581562783
.o2online.de/	1970-01-20 04:05:14	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27880537_4307561_337689928_170181287_QTYP0403A20220601&ref=27880537_4307561_337689928_170181287_QTYP0403A20220601

44 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Kc4iziYRRBPXrpbalnXceMmhrZC25QOJtJDFSA&dongle=013b Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-Kc4iziYRRBPXrpbalnXceMmhrZC25QOJtJDFSA&dongle=013b Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-66UntSYRRBPXrpbalnXceMmhrZCPI22RqgLE_g Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-zJl6oCYRRBPXrpbalnXceMmhrZBwjeDy_uq2Eg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-zJl6oCYRRBPXrpbalnXceMmhrZBwjeDy_uq2Eg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-66UntSYRRBPXrpbalnXceMmhrZCPI22RqgLE_g Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ZuJCxyYRRBPXrpbalnXceMmhrZC_T5z8Vo10yA&expires=30 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ZuJCxyYRRBPXrpbalnXceMmhrZC_T5z8Vo10yA&expires=30 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-xjZD8SYRRBPXrpbalnXceMmhrZDLTsnUHYoxJw Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-xjZD8SYRRBPXrpbalnXceMmhrZDLTsnUHYoxJw Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-SifK4SYRRBPXrpbalnXceMmhrZDyxdgQieDZCg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-SifK4SYRRBPXrpbalnXceMmhrZDyxdgQieDZCg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-3GoqSCYRRBPXrpbalnXceMmhrZCFKzXlnVuu5w Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-5OwFsCYRRBPXrpbalnXceMmhrZA7WxTd9nXwDw&expires=30 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-5OwFsCYRRBPXrpbalnXceMmhrZA7WxTd9nXwDw&expires=30 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-3GoqSCYRRBPXrpbalnXceMmhrZCFKzXlnVuu5w Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-F9vL9iYRRBPXrpbalnXceMmhrZCD_GgXGcpwjQ&pn_id=criteo&ext=1 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-F9vL9iYRRBPXrpbalnXceMmhrZCD_GgXGcpwjQ&pn_id=criteo&ext=1 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-psPVHCYRRBPXrpbalnXceMmhrZABFnVOP5UwDQ Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-psPVHCYRRBPXrpbalnXceMmhrZABFnVOP5UwDQ Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KHcsQiYRRBPXrpbalnXceMmhrZAfBDrMlzWKig Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KHcsQiYRRBPXrpbalnXceMmhrZAfBDrMlzWKig Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438920 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438920 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-7T_jTyYRRBPXrpbalnXceMmhrZBj2Xv9U1drsw Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-7T_jTyYRRBPXrpbalnXceMmhrZBj2Xv9U1drsw Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-a6PShCYRRBPXrpbalnXceMmhrZA3CDahqwJO2Q Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438920 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438920 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-a6PShCYRRBPXrpbalnXceMmhrZA3CDahqwJO2Q Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMxNTEmdGw9MTI5NjAw&piggybackCookie=uid:k-EsXRTyYRRBPXrpbalnXceMmhrZA1TkOAik0VyQ Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMxNTEmdGw9MTI5NjAw&piggybackCookie=uid:k-EsXRTyYRRBPXrpbalnXceMmhrZA1TkOAik0VyQ Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://adx.dable.io/pixel?dsp_id=6&uid=k-d8iQgiYRRBPXrpbalnXceMmhrZDSFrqYjFQDoQ Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://adx.dable.io/pixel?dsp_id=6&uid=k-d8iQgiYRRBPXrpbalnXceMmhrZDSFrqYjFQDoQ Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://cs.adingo.jp/sync/?from=criteo&id=k-NgPGSSYRRBPXrpbalnXceMmhrZCCd4CQ1TrKVw Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://cs.adingo.jp/sync/?from=criteo&id=k-NgPGSSYRRBPXrpbalnXceMmhrZCCd4CQ1TrKVw Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5ab4284c-7222-4470-8b2e-ddb7b5817a6c.t.ssp.hinet.net
ad.360yield.com
ad.holmesmind.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
ads.eu.criteo.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.dable.io
bidder.criteo.com
blog.alphaloan.co
c.bing.com
c.holmesmind.com
c1.adform.net
c23fe1b8-4f6b-4d64-bb52-0e56731edff0.t.ssp.hinet.net
c4654169556448e66cc743b8ef973a26.safeframe.googlesyndication.com
cat.fr.eu.criteo.com
ccm.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cdn.rawgit.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.lndata.com
connect.facebook.net
contextual.media.net
creditcards.com.tw
criteo-sync.teads.tv
cs.adingo.jp
csm.eu.criteo.net
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
fcm.holmesmind.com
fp.holmesmind.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i0.wp.com
ib.adnxs.com
img.gbyhn.com.tw
img.racingcharger.tw
m.holmesmind.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
portal.o2online.de
prebid-asia.creativecdn.com
prebid.scupio.com
reurl.cc
rtb-csync.smartadserver.com
s.ad.smaato.net
s0.2mdn.net
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sp.analytics.yahoo.com
ssbsync.smartadserver.com
static-tagr.gd1.mookie1.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
sync-criteo.ads.yieldmo.com
sync-tm.everesttech.net
sync.aralego.com
sync.outbrain.com
t.ssp.hinet.net
tpc.googlesyndication.com
tw-gmtdmp.mookie1.com
ups.analytics.yahoo.com
widget.fr.eu.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
ad.360yield.com
ads.yahoo.com
adx.dable.io
c.bing.com
contextual.media.net
criteo-sync.teads.tv
cs.adingo.jp
eb2.3lift.com
ib.adnxs.com
pixel.rubiconproject.com
rtb-csync.smartadserver.com
s.ad.smaato.net
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sync-criteo.ads.yieldmo.com
sync.aralego.com
sync.outbrain.com
ups.analytics.yahoo.com
x.bidswitch.net
103.132.192.30
103.3.63.48
116.50.36.71
142.250.179.162
142.250.184.194
142.251.36.2
15.197.193.217
151.101.66.49
178.250.0.139
178.250.0.157
178.250.0.160
178.250.0.162
178.250.0.163
178.250.0.165
185.33.221.87
185.86.139.104
192.0.77.2
192.0.78.187
192.0.78.244
192.96.200.41
199.115.117.82
203.75.214.136
210.59.219.181
23.35.236.247
23.75.245.170
2600:9000:206f:4a00:0:e06c:e940:93a1
2600:9000:224a:9c00:1e:a43d:b640:93a1
2600:9000:2250:2400:3:1794:2540:93a1
2606:4700:20::681a:467
2606:4700::6810:5614
2606:4700::6811:180e
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:801::2004
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c07::9b
2a02:2638:1::13
2a02:2638:1::3
2a02:2638::b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3120::3
34.102.176.152
34.117.219.39
34.149.98.30
34.95.67.231
34.96.119.68
35.185.130.121
35.201.76.93
35.227.202.26
35.227.249.156
35.244.196.223
37.157.5.142
51.38.120.206
52.197.44.129
54.95.78.196
76.223.111.18
82.113.101.132
84.17.46.53
003c6c7476d2158d18f48473e7071c87f48e8e1cf957343020a148c97ba30482
006540e915dc85d811f239faa16acd17cd7b1f6c426538501988494d93d64739
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00fc5eede87ce2644e673193b3ffce854cad06f548d8a6057acce9c0dbef3b2d
01997c1d0ecece819f707984fc5a5dce6b5632245746998b3a8b7d22b1994a38
01a1008340b8a7c2f853f95b7eb73eb3f350c3975ce29e233e9ffd117df28fb7
020cf5d9ba2fb76463eb4884990e15e4cbaeafc7290944979f094a947c610c98
051141599f128f399f2cd53514ee1c28ba9d269ce1b065ba81dcc4b11a5d3b02
05808c39b0affa660efe7bd3d2fc943ce7843ffa1a0109977f411c3d66b8948c
05dd9110137391e1666d1a42f023b9d1885247fce3ab7e3981d2823b0fb772a9
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
10407b8212733e00354b330f4e4790764e6bc187a9d2b6b62b27aeb387bc268b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935
13ace3000c230275163af5eb27c262bc3788baa569bd5f4ebf8acdbc9b368650
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
14497ab03c2d2361d93afed4285910b166b548de6fdf1c23967c2b2d027d2d1b
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
20745e277afb374d4cb9753d5297a70358278885026bdaf225b961dd5d4a7712
21f132eacc2adf061517872fad22e205bf15966adb0376edae16617736d6f64c
24bc6c6c448a9a78eb0f0f9e43f3cc07b70ff435ab8963aaefb8b98cafb8a5e4
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2950bc3fd628cb8a8c6b1367f664e31353a6ff9edd99c3f2831ce548610a05b0
2e2e661e9bdd91cafdd5a98cc1006b66458b76ef23a4ed86e2e6527895931e0e
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
417c42f2898e8d6308a7a50aceec81456a6df6fa1807abb1972d22753ef30824
417dbce419383072377a955804304271ad17feb16889c06d05023898df3b6a49
42176dd8bba6d2b3043429bc0f0401f069e2c8e3e2642fa3f2cfef58cad0071b
429432ae1f604701ee0a82b70cbdf778789f68955f40f3ba10ea1121ee743055
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
48cef9b185fda8e37aa74ebf35118048b91dd717c8e2835de1f03732b915a24d
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be1e5166335df4f2182f77ff1e088e0936f756b01d2da47e43a690bd046106b
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5279558a5bf3ca716e08f221777e788f941780427bb3a537122ec4eb9a1778ae
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56abe56ede88bc850a5067cc8318bddcb361f49ccc7c795c559d534f5f55bef3
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5aaa8cf1bbdb357b02e2a5ad848ada5743e73e3be3a98dc8d62eb4c6c5ee955d
5c9b0652899d3687ea14076efe8f4144d1317fe1073dd7f1e87af7413408339a
5fccf1096034f0e911abb617de8c2e1bf39fda75bf1b1f4f69c24fae33d7269e
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a62225a4e6e5ea098b9ed6aa19c2149880cbd6d3e0314f2b875a32b1f8ce25
65f6ab60d99743bc5739cd80bb2c2451e60dd276bd9479459aad95ce33c1463b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e0f46061c009a75898559222cd3712d89812a97628c4363eab0223d8d11cbb8
6e73265552f1deeca1fb17f5bf9545dd3ea7e59204d9544ba6ceba6906abf51b
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73773840925293748cdbf794e0d346c6cb0163c213b751147e1fe6b4d3cec9c3
7425ddfd92670868e11419c944b64876cfcb7e0cfd95b163dc0edd4e5923718c
7618a39e03f0ce1df4ae0d633d1d39aea590ce581c7e5d21b2c61e55db284260
7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58
81e64f849a9e5f775a6aa490191f9b7cd04784e2dd4af7c8b43fbe4546f54d40
827ff17fe2fe5ba8bf91ae0ff74dfdccc6ecf4200179f9a1ec4b06b1fe1b6457
82b3482a538a502cbc1010f6af2b197b5a76741c6e782d5d12576c52eaa035ff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
88d6186158aa86ad27a42670df6fc398ee30ba19f7c8542e6989aa51289f245f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
921d14b76eb8113a677cbc8d538cc7591b3fc79336d97c4f5ac7a84a4c5472cb
9507c82f63728034db45af7acd453276bfa6185dc77051a1c9ba4e832768decf
965cb4f40ad635f5200ed561d7d69f41621c5d7a8515e163f7b08361f8c77b68
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9796d180e66645b4bd08c077e0f6d68cd37bdb408f8fd9e11c3c0d6cdc8ddd46
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b78e53c08e957d3c108aca00801eb75b820eb311cc7882c8a7905fba96aeda7
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2016ceddd3f0e2cfbfd6668d66581c01fae2caff09bd5b7c8df392eb03df1bc
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6ba582790415c2e2c41fb37172b8120116735af5b1766aa867f8f1e52878726
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7623bc840dc27f6134d8ae05c4abfca6a33bd7f94b33344f38c34f02ea6a93c
a7914f46e3ccfbe8ae813f09c71f9ff2bf87d3109605cc271bdd35ed91de7c2a
a801f509980cd5d4664fa7286b038ed2218bf86ed18764e0b888754c802c6a3c
a8b93883b32af13d20ef712bbc193aabcb0a63a092f8e1877843cca9ee2876a2
ac7693c2f0129f3a0cff51afe0379e2865b366c592b7f8172aeb979136fa8ae6
aeaf412870e7cdb2c530807f5560acde2e1fcbd97332822ad4eee13946fc4f1d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aedd1b112e247314f7e990485858511f15d21e57885ee131e9e1a3fec0173d61
afc3261eac9e8f5606c513fa7c62f5add4200b8d171d1972f11abe2ec1a0ac41
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
bee532affd04afa339e8a6cd51c6efac9776300f5d9f2850ceffe6f25ad3b26d
bf06b6a45503587a395d08400daa66153045a9877a06a360cb8557e79995c804
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d
cdb9839664fa9870db3cb1f926eace0777493a2a742d453027927e6752a9caa6
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d5bdbd2b5059b1b2f8c1f9ed994af05e0c97c9d55d30fcbde876229ab1492d11
d7bb7265b11dc7a034cdb8e62fec5f1f3dc2174b98e3e5dd00db79e64b6fb7b8
d834e40dd69bca9cade844f9b6b0b9c577cd80fbabc11c74dfb1ef62636a70d4
d84f83bf8f6b1c7840c91680eab9faeed0291e9ceb273f1a92a34dd6f45032f1
da97bbc559f8872e9d65cc78f36b414be8f187a67948de066794a2ffbb1d8f9f
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc2547cdda57dbb415e747b977f626150c74dc82c8995c1abdf48925546184c7
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e32272da242ceb6ecfad754975bc09782c6229a7a46c58e46cec347aab22be64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e754c73ba1ce92fc14a6d0e18fccb7b509b128e4c93d820e1afba7f31aed63e0
e830fb2cd84ed7cc6eb54b4f7b682ddc8bf7dfe2bc02c3662631f0ee9abda2b7
e8a4d4a06c605d883eda60c7f1b48a4152d0cf6b5be8f1f3c2fdf76ec38720ce
eaea8ddb719a53bc859375a2c3374863235dda6ea282e88c0fb44485a4c1f84f
eca9e445cce114d59f73701824becff75de9ae24c713fb1b4b8415c301633c6b
edc243be592bbbcd2ac21c33edcdd7ef487e41c99469c4dc5f557c6b09b7c123
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f124e272ae420a6131fdbbf258f7f0d985579b70bc1ed18e3180d0e088d64e69
f286ee2ad5013b97e2c50ef239f0aa3f379d6fb2cb1246be680571740bc01dc5
f3481bf12191837d5e19d9526f18fd20fc88395a403c1a0b098eeef10a7f56ab
f383cc0edd288e856898ee96b33d5a77464462ecd954bfa0e0452d9527e2d5d8
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fb2b243a4c105e30f1a8a0ba603238f0d06ff0253268c66be2e4d8b7a57c7bbf
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

398 Requests

80 %HTTPS

37 %IPv6

56 Domains

89 Subdomains

62 IPs

9 Countries

3909 kBTransfer

6697 kBSize

60 Cookies

19 Outgoing links

Page URL History

Redirected requests

398 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

398
Requests

80 %
HTTPS

37 %
IPv6

56
Domains

89
Subdomains

62
IPs

9
Countries

3909 kB
Transfer

6697 kB
Size

60
Cookies

398 HTTP transactions
1 data transactions