urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/Qz7Rv0
Submission: On September 13 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 59 IPs in 7 countries across 51 domains to perform 272 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 302454.
TLS certificate: Issued by R3 on July 21st 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 35.185.130.121 15169 (GOOGLE)
2 151.101.1.229 54113 (FASTLY)
1 151.101.129.55 54113 (FASTLY)
10 203.75.214.136 3462 (HINET Dat...)
1 172.217.167.104 15169 (GOOGLE)
4 24 142.250.66.226 15169 (GOOGLE)
26 157.240.8.23 32934 (FACEBOOK)
5 157.240.8.35 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
7 142.250.76.110 15169 (GOOGLE)
1 104.21.96.9 13335 (CLOUDFLAR...)
1 104.17.238.194 13335 (CLOUDFLAR...)
1 35.185.136.122 396982 (GOOGLE-CL...)
1 192.0.77.2 2635 (AUTOMATTIC)
1 18.67.93.66 16509 (AMAZON-02)
1 192.0.78.187 2635 (AUTOMATTIC)
1 34.120.190.48 396982 (GOOGLE-CL...)
2 216.239.32.181 15169 (GOOGLE)
2 74.125.200.154 15169 (GOOGLE)
2 142.251.221.67 15169 (GOOGLE)
4 182.161.73.129 55569 (CRITEO-AS...)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 13.35.147.90 16509 (AMAZON-02)
1 34 142.251.221.65 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 13.251.250.53 16509 (AMAZON-02)
5 34.98.64.218 396982 (GOOGLE-CL...)
1 18.67.93.65 16509 (AMAZON-02)
7 142.250.71.66 15169 (GOOGLE)
1 18.67.111.67 16509 (AMAZON-02)
2 18.67.111.18 16509 (AMAZON-02)
2 2 35.71.131.137 16509 (AMAZON-02)
1 1 124.146.153.160 2514 (INFOSPHER...)
2 2 13.35.147.94 16509 (AMAZON-02)
1 9 142.250.204.2 15169 (GOOGLE)
1 5 142.250.67.4 15169 (GOOGLE)
1 18.67.111.78 16509 (AMAZON-02)
1 35.208.216.174 19527 (GOOGLE-2)
5 142.250.71.74 15169 (GOOGLE)
28 172.217.167.66 15169 (GOOGLE)
4 142.250.204.3 15169 (GOOGLE)
7 142.250.204.14 15169 (GOOGLE)
5 172.217.167.78 15169 (GOOGLE)
14 13.35.147.51 16509 (AMAZON-02)
2 182.161.73.136 55569 (CRITEO-AS...)
6 172.217.167.67 15169 (GOOGLE)
2 116.50.36.71 18046 (DONGFONG-...)
4 52.198.231.167 16509 (AMAZON-02)
2 54.95.87.91 16509 (AMAZON-02)
2 4 35.201.76.93 396982 (GOOGLE-CL...)
1 34.95.67.231 396982 (GOOGLE-CL...)
4 54.249.186.83 16509 (AMAZON-02)
1 103.132.192.30 138552 (RTBHOUSE-...)
1 210.59.219.34 3462 (HINET Dat...)
4 8 35.190.36.98 15169 (GOOGLE)
4 4 139.162.58.205 63949 (AKAMAI-LI...)
2 182.161.73.145 55569 (CRITEO-AS...)
5 142.250.204.1 15169 (GOOGLE)
1 2 104.18.25.173 13335 (CLOUDFLAR...)
1 1 202.232.238.37 2497 (IIJ Inter...)
3 3 74.118.186.107 6336 (TURN-US-ASN)
1 1 13.115.74.94 16509 (AMAZON-02)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 70.42.32.95 22075 (AS-OUTBRAIN)
1 35.213.12.39 15169 (GOOGLE)
272 59
6    35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    151.101.1.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    151.101.129.55 (United States)

ASN54113 (FASTLY, US)
anymind360.com
10    203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
43be7e26-d680-4a57-a5c1-d579318138c0.t.ssp.hinet.net
1    172.217.167.104 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f8.1e100.net
www.googletagmanager.com
24    142.250.66.226 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net
securepubads.g.doubleclick.net
26    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
scontent-syd2-1.xx.fbcdn.net
5    157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
7    142.250.76.110 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f14.1e100.net
www.google-analytics.com
encrypted-tbn1.gstatic.com
encrypted-tbn0.gstatic.com
1    104.21.96.9 (None, )

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    104.17.238.194 (None, )

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    35.185.136.122 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 122.136.185.35.bc.googleusercontent.com
re-news.tw
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
1    18.67.93.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-66.syd62.r.cloudfront.net
static.wixstatic.com
1    192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
1    34.120.190.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.190.120.34.bc.googleusercontent.com
www.rayskyinvest.com
2    216.239.32.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net
stats.g.doubleclick.net
2    142.251.221.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net
www.google.com.au
4    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    13.35.147.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-90.syd1.r.cloudfront.net
tags.crwdcntrl.net
34    142.251.221.65 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f1.1e100.net
a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
tpc.googlesyndication.com
9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
23d84046b8eacbd6e001adca02bfba47.safeframe.googlesyndication.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    13.251.250.53 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-250-53.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
1    18.67.93.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-65.syd62.r.cloudfront.net
cnt.trvdp.com
7    142.250.71.66 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f2.1e100.net
www.googletagservices.com
1    18.67.111.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-67.syd62.r.cloudfront.net
go.trvdp.com
2    18.67.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-18.syd62.r.cloudfront.net
stg.truvidplayer.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    124.146.153.160 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.35.147.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-94.syd1.r.cloudfront.net
cr-p3.ladsp.com
9    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
5    142.250.67.4 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f4.1e100.net
www.google.com
1    18.67.111.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-78.syd62.r.cloudfront.net
s.trvdp.com
1    35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com
rt.ad-score.com
5    142.250.71.74 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f10.1e100.net
fonts.googleapis.com
28    172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net
www.googleadservices.com
pagead2.googlesyndication.com
4    142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net
www.gstatic.com
7    142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net
encrypted-tbn3.gstatic.com
5    172.217.167.78 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f14.1e100.net
encrypted-tbn2.gstatic.com
14    13.35.147.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-51.syd1.r.cloudfront.net
cdn.holmesmind.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
6    172.217.167.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f3.1e100.net
fonts.gstatic.com
2    116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)
cm.lndata.com
4    52.198.231.167 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-231-167.ap-northeast-1.compute.amazonaws.com
cm-dev-poc.holmesmind.com
2    54.95.87.91 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-87-91.ap-northeast-1.compute.amazonaws.com
fcm2.holmesmind.com
4    35.201.76.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
1    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
4    54.249.186.83 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-186-83.ap-northeast-1.compute.amazonaws.com
adcdn.holmesmind.com
ad.holmesmind.com
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
1    210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net
prebid.scupio.com
8    35.190.36.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com
ad2.apx.appier.net
4    139.162.58.205 (Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1471-205.members.linode.com
gocm.c.appier.net
2    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
5    142.250.204.1 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f1.1e100.net
cdn.ampproject.org
2    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    202.232.238.37 (Tokyo, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
3    74.118.186.107 (Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    13.115.74.94 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-74-94.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
Apex Domain
Subdomains		 Transfer
54 googlesyndication.com
a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 152
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
23d84046b8eacbd6e001adca02bfba47.safeframe.googlesyndication.com
246 KB
35 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads.g.doubleclick.net — Cisco Umbrella Rank: 47
613 KB
29 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 147525
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 144636
fcm.holmesmind.com — Cisco Umbrella Rank: 167163 Failed
fcm2.holmesmind.com — Cisco Umbrella Rank: 173804
c.holmesmind.com — Cisco Umbrella Rank: 113739
adcdn.holmesmind.com — Cisco Umbrella Rank: 150729
ad.holmesmind.com — Cisco Umbrella Rank: 108902
101 KB
26 gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn0.gstatic.com
fonts.gstatic.com
542 KB
22 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 942
scontent-syd2-1.xx.fbcdn.net — Cisco Umbrella Rank: 224451
556 KB
12 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 38432
gocm.c.appier.net — Cisco Umbrella Rank: 2674
3 KB
10 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 70918
43be7e26-d680-4a57-a5c1-d579318138c0.t.ssp.hinet.net
12 KB
8 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 151
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
397 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1430
google-bidout-d.openx.net — Cisco Umbrella Rank: 1435
us-u.openx.net — Cisco Umbrella Rank: 532
jp-u.openx.net — Cisco Umbrella Rank: 12041
2 KB
7 google.com
analytics.google.com — Cisco Umbrella Rank: 180
www.google.com — Cisco Umbrella Rank: 2
3 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 302454
6 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 389
110 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
4 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 117
29 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 450
bidder.criteo.com — Cisco Umbrella Rank: 891
7 KB
4 criteo.net
static.criteo.net — Cisco Umbrella Rank: 660
56 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 186
211 KB
3 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 32305
go.trvdp.com — Cisco Umbrella Rank: 29634
s.trvdp.com — Cisco Umbrella Rank: 27314
147 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 44
21 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 604
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 630
2 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 980
s.tribalfusion.com — Cisco Umbrella Rank: 2310
1 KB
2 lndata.com
cm.lndata.com — Cisco Umbrella Rank: 132876
940 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 20680
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 406
715 B
2 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 24779
3 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 946
bcp.crwdcntrl.net — Cisco Umbrella Rank: 963
13 KB
2 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1583
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 19038
2 KB
2 google.com.au
www.google.com.au — Cisco Umbrella Rank: 23575
515 B
2 re-news.tw
storage.re-news.tw
re-news.tw
31 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 364
58 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
235 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1649
709 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 8330
454 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
618 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 44651
707 B
1 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 84862
2 KB
1 ad-score.com
rt.ad-score.com — Cisco Umbrella Rank: 21010
595 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1227
848 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1597
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1107
9 KB
1 rayskyinvest.com
www.rayskyinvest.com
31 KB
1 alphaloan.co
blog.alphaloan.co
181 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 6154
177 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3945
6 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 737223
66 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
66 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 63
91 KB
1 anymind360.com
anymind360.com — Cisco Umbrella Rank: 19100
39 KB
0 creditcards.com.tw Failed
creditcards.com.tw Failed
272 51
Domain Requested by
27 tpc.googlesyndication.com 1 redirects a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
reurl.cc
9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
cdn.ampproject.org
24 securepubads.g.doubleclick.net 4 redirects reurl.cc
securepubads.g.doubleclick.net
www.googletagservices.com
20 pagead2.googlesyndication.com reurl.cc
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
20 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
14 cdn.holmesmind.com securepubads.g.doubleclick.net
cdn.holmesmind.com
ad.holmesmind.com
9 t.ssp.hinet.net reurl.cc
t.ssp.hinet.net
cdn.holmesmind.com
8 ad2.apx.appier.net 4 redirects reurl.cc
8 www.googleadservices.com reurl.cc
a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
8 cm.g.doubleclick.net 1 redirects google-bidout-d.openx.net
reurl.cc
9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
7 encrypted-tbn3.gstatic.com a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
7 www.googletagservices.com securepubads.g.doubleclick.net
a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
6 reurl.cc reurl.cc
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 encrypted-tbn2.gstatic.com a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
5 fonts.googleapis.com a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
5 www.google.com 1 redirects reurl.cc
tpc.googlesyndication.com
9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
5 www.facebook.com reurl.cc
static.xx.fbcdn.net
4 gocm.c.appier.net 4 redirects
4 c.holmesmind.com 2 redirects cdn.holmesmind.com
4 cm-dev-poc.holmesmind.com cdn.holmesmind.com
4 www.gstatic.com a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
4 a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 static.criteo.net securepubads.g.doubleclick.net
cdn.holmesmind.com
reurl.cc
4 connect.facebook.net reurl.cc
connect.facebook.net
fcm2.holmesmind.com
3 encrypted-tbn1.gstatic.com a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
3 www.google-analytics.com reurl.cc
www.google-analytics.com
2 b1sync.zemanta.com 2 redirects
2 sync.1rx.io 2 redirects
2 9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 bidder.criteo.com static.criteo.net
2 ad.holmesmind.com cdn.holmesmind.com
2 adcdn.holmesmind.com cdn.holmesmind.com
2 fcm2.holmesmind.com cdn.holmesmind.com
2 cm.lndata.com cdn.holmesmind.com
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net google-bidout-d.openx.net
2 us-u.openx.net google-bidout-d.openx.net
2 match.adsrvr.org 2 redirects
2 stg.truvidplayer.com go.trvdp.com
s.trvdp.com
2 oajs.openx.net 1 redirects reurl.cc
2 www.google.com.au reurl.cc
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 scontent-syd2-1.xx.fbcdn.net www.facebook.com
2 cdn.jsdelivr.net reurl.cc
1 googleads.g.doubleclick.net reurl.cc
1 x.bidswitch.net 9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
1 t.adx.opera.com 1 redirects
1 cc.adingo.jp 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.fout.jp 1 redirects
1 s.tribalfusion.com reurl.cc
1 a.tribalfusion.com 1 redirects
1 23d84046b8eacbd6e001adca02bfba47.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 prebid.scupio.com cdn.holmesmind.com
1 prebid-asia.creativecdn.com cdn.holmesmind.com
1 fcm.holmesmind.com cdn.holmesmind.com
1 encrypted-tbn0.gstatic.com a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
1 rt.ad-score.com s.trvdp.com
1 s.trvdp.com go.trvdp.com
1 43be7e26-d680-4a57-a5c1-d579318138c0.t.ssp.hinet.net reurl.cc
1 tg.socdm.com 1 redirects
1 go.trvdp.com cnt.trvdp.com
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 www.rayskyinvest.com reurl.cc
1 blog.alphaloan.co reurl.cc
1 static.wixstatic.com reurl.cc
1 i0.wp.com reurl.cc
1 re-news.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 storage.re-news.tw reurl.cc
1 www.googletagmanager.com reurl.cc
1 anymind360.com reurl.cc
0 creditcards.com.tw Failed reurl.cc
272 83

This site contains links to these domains. Also see Links.

Domain
pcnews.cc
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2023-07-21 -
2023-10-19		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
anymind360.com
R3		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.t.ssp.hinet.net
 2023-04-06 -
2024-04-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-23 -
2023-09-21		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2023-08-10 -
2023-11-08		 3 months crt.sh
gbyhn.com.tw
GTS CA 1P5		 2023-07-25 -
2023-10-23		 3 months crt.sh
*.prnasia.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-08 -
2023-12-08		 a year crt.sh
re-news.tw
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-03 -
2024-01-30		 6 months crt.sh
tls.automattic.com
R3		 2023-07-17 -
2023-10-15		 3 months crt.sh
*.rayskyinvest.com
R3		 2023-09-05 -
2023-12-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.trvdp.com
Amazon RSA 2048 M01		 2023-07-26 -
2024-08-23		 a year crt.sh
*.truvidplayer.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-20		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2023-09-02 -
2024-10-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.lndata.com
GeoTrust RSA CA 2018		 2022-11-23 -
2023-12-24		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-27		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh

This page contains 35 frames:

Primary Page: https://reurl.cc/Qz7Rv0
Frame ID: FAFA069F9F43567D4E5DD40FCECD94AD
Requests: 52 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: C6E2457F26BD47390AC2BD3EE48683C1
Requests: 30 HTTP requests in this frame

Frame: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 42BE227B3D29302F32DF644AB51C31C0
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: EDB6077F7B21F132DAACE3D1C1C54E3A
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSKENrj5Y14UDvcqRgO889mgBuHfFTmZQ2jrmGIBHFbpwHCVPX5Eq_xZBd4WcdFiLkJhpPQFV6Kzg6kZ1DNzIBHMidF8RcASSrMpX3HEWZap4zpLUcOnLZxpg6HyW1HZOGDireCjk6M7DBtSH721vHDJXYgHlnPUdrPU9FbwZaPHAh3OBzebD-Ecv1Kt-G5owl19wy5jDj7AC4MEAOXlZFwF1Ru-LrUWU4frkAkui2WxY0eVCQvi2brG8bC1cCoHszzyH00vTolUtEvL1IEcsIDekYfL_SdkPuHG8cmdsBKSz2f8FeoZjkrEx5uRlcZMcHeNvE1lPHrZ3HeCGeq77WAObqzQ&sai=AMfl-YTW7xoIv0xGzWF-TU7bApOYG0bLcCXRYqEja5Kvc5maQa9Idx3sjzkIpbkiG44Dg_fMkB4o-9oO3-hVa3A1b2xdV8P4k5Pzu3dyGXCBm6VBxM9MRNtkM3NSIPL0HmflBXFv1Rn65Bd_phWgZu1R&sig=Cg0ArKJSzFCdpsJhgygwEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 94CD4DBB77890ED558491A91F79D6561
Requests: 6 HTTP requests in this frame

Frame: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 549C7C7ADDB10A50A9016435346A3805
Requests: 21 HTTP requests in this frame

Frame: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6BB289472D71F9D791E94C22CC3C1F86
Requests: 15 HTTP requests in this frame

Frame: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B911A643F766ACF1A216201816762C9F
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbYdo6HQblDWX444qygH9qGSMoU5pXmufSHcD69T8HuyTVOeaHUC_M7aBjrjulOFyF7zm7X-wPRhJnkrpTVVsZftBvtgG9ja0xqmlhgdDo9Ul_smOFqQnW4Zn9o0jUbn-VvYtzceL0W48FBKyfmI0vuI_DC0h-XBS-ipRZBULcg5CrryWNgoRBzISqdRS0BHHmBRAtYvnGX5i9kMERZsuQfqk9D3Nnljmj-gJixLQsfJsf7OUijLz6bGcsNNRFKCqyAGvNW2sGCSaZ-a3XJtAJnWTy9WpEix3ysNpfr02GjrXZ4XrWgIIvjSEItntOvOX2RltT705X63FVsSiWeijOE0uD5AM0qYo&sai=AMfl-YRqRFqimeutwxTyg9ZzpGlj3yQw0LSuUlzCDyK3n6jd4MFEXELw3qAEuHaDoH0bAQiBh2Kaw4O7a5lNbeTcJW_-jBdCpzd2jw4lh7yHkH5F3-SV55-NXgJcNzL145c8DuBNiQ-kGYFu7fKgzbk&sig=Cg0ArKJSzBeTYxYRZV8uEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9CC937E3120DD7F205AA98D32D9841BF
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEzx3Rsv9BnR8ykaOieEx3Vtj0NxCNBRdRpfirJ0vjzVcMYjSBm9ci5ZsDvWCbnQ7WCqDnoaZr9S1bdvKoGWdTusZWc766IjR70cPs_IggkdapBF4rVx29hUef2e1V4IfOypizpvISek4HsMhGn8W5f843juSLvXix8hVZX0uqZ_Tb4tmgC2Hp1O9jwS2nxG2_47NpJnFsxYKh2ocrFyyOys1KxKqmuuTagQx8zfrhaOqMoLihX_Utv4aUpR11BeyjEsK-A9RHLbJxEZOIxHcVs5Jba5MWKZ1favfOiKDXMK39PBGFnSJR-EBrMtsDsYFEhFMk223CSBeTYOngh8oKbihuPj6ipC8&sai=AMfl-YRtDMAxers6lSTE6yPyILtjaWhh8ML3DUTAZGQey27JbEIhaE_aX7iqmeExTSgA6WGBGiF30PJxgyVfnV8WRHyWjQOccNsB6sljKun3raZeFdPZZFT4c2p4kf87tg3la7_cc5xk8HpQeJkfuNk&sig=Cg0ArKJSzNJE9pMQWr-NEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4B273AF8F23CCEC0699CC8A2337CA96A
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: AB07584533603CF0A411A33F75DEBB5D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: A0FAF22D434BCBA94024BA67C5240727
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20230627
Frame ID: 732D3BA916DBCEE90714DDA275CA96CE
Requests: 20 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: FA9D99B4FF79D187DBC58AD5EBCE1BC1
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20230627
Frame ID: 236C47E2B20D8FCFD3FFE3F2AE9BA1B0
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Frame ID: 9B4C061AD9D08435A4ABD4D402C81CC3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Frame ID: 079F042450F3099938FCBBC7578067EF
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 6F910CCED09BAEC86D668C0E859D3EDC
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 0CDE9F734191D9BB10BA3168130D08BC
Requests: 1 HTTP requests in this frame

Frame: https://stg.truvidplayer.com/v5.827/prtct.php?val=f&geo=AU&timestamp=1694644680&level=0
Frame ID: 41F307158C8E01EE552C909A268151CA
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 0DEC9268FA0D359889966F79C268AA78
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 3DC2D7D9A2728C4C6BBB532486862D9C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Frame ID: 8B910785BA630F6E9D9A2659F29129CF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 5083A368C5DFCC0ABF1349DC19DBCA6A
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 6F8C3FBAE285A036477CD58272FFE84B
Requests: 6 HTTP requests in this frame

Frame: https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 79636EED192551395C261A15CFED4027
Requests: 1 HTTP requests in this frame

Frame: https://23d84046b8eacbd6e001adca02bfba47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 182EED013853C48D6BD808A65CE0C881
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 13D5C97E3D87D3F3D3DE9783458BF988
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1DB5E0F47BACE6503F74A1BB4B7181C1
Requests: 2 HTTP requests in this frame

Frame: https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: EDFB4677DF6CE48B99E713C237E80F1D
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A8C83AC8400762748E8DE27CF1CBAC29
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A57B2AEDBAAE80BDF6D443068BA5D856
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2C13FFD20A7160A00289E4AD49B9218D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Frame ID: 2570946C7464C13CC4D0E3462D63BFEC
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Frame ID: 0C0E8CF05D1751796E5450434DEC62F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

URL Shortener - reurl

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

272
Requests

89 %
HTTPS

0 %
IPv6

51
Domains

83
Subdomains

59
IPs

7
Countries

3844 kB
Transfer

10216 kB
Size

51
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FQz7Rv0&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FQz7Rv0&rid=esp&cc=1
Request Chain 77
  • https://match.adsrvr.org/track/cmf/openx?oxid=f7688949-0e80-7d1a-c5f5-afa7234320cf&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=f7688949-0e80-7d1a-c5f5-afa7234320cf&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=dbeeddfc-dd45-4152-99fa-6c60c8ca3638&ttd_puid=f7688949-0e80-7d1a-c5f5-afa7234320cf&gdpr=0&gdpr_consent=
Request Chain 78
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZQI5x8Co8YUAAJJpySwAAAAA
Request Chain 79
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWzehHGWKiznks8AD7P3vIEX1s8AAAGKkLGw3g
Request Chain 81
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC_P0Xrs_SLxD7clsxMvDXE&google_cver=1
Request Chain 94
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CyZCZxjkCZaylEaO09fwPxNyGuAKj8Yn5cr_chq7dEMPmx5D4NhABINLMgRpgpdiTgJABoAHW77n2A8gBCeACAKgDAcgDywSqBL4CT9BlE7ichz3eUbDZefUYx78MgVzz1ycvBt7YmA0pmSrsfp-YJeK-HET1daSWDejZI2Qfag7rCeASfiIoNOXiPWQvV6OIes7fuYYPQLIJBq8B3-McwQzj0GUM0BywEpLqfB-mpNFTBZO8gTSTm08hnp3pT6DPFhGiftG_5hkc1Ar-9GKNPaHFX6lUShoWhzGLvrNnZp51ZSUsQdlc2wFa2jFavWjmU9DUop_LxObe-gMvMVSrLdnQnZEupXom5bqMcLGl5j09MFhxmEsj_b_DdKLkwFlrBpaauq_FnQBJRb1fEg_GL4I7KUrBf5I8aITjeRg9jM2ZHlDKdffSP0X8THue_ORoETmAo6gvd5GayBzwkV-d94glc1JWYVKf3GV6_xBInoTsuaiWL3uoqw_PKh-c9Cnrn2LXzb_kfDCwwATV0siXlQTgBAGIBc3x2aRGkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5KQxgmoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQh4MK0ggUCIBhEAEYHTICigI6AoBASL39wTqaCRhodHRwczovL3d3dy5hbGliYWJhLmNvbS-ACgPICwHaDBEKCxDQ7Kvb_pan59ABEgIBA9gTC9AVAZgWAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=eSruRY_Lbu0&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJW4rvqCkH197sZKBOJlEOwyE1CMQKFWJROUFEDrMuXHu0riC9M5klRfjnCH-7zlvXuVzzoqDu9umqAr-bNyL-YQo0Ve97rMhgB&template_id=494&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2edde4f3904c1390000000000000000%22,%222%22:%220x2cc33334daeb3f870000000000000000%22,%223%22:%220xa832eb733f33b6430000000000000000%22,%224%22:%220xf0d70dbf5d2c067c0000000000000000%22,%225%22:%220xfa5dd99bfd52d56f0000000000000000%22},%22debug_key%22:%222685474578863752314%22,%22debug_reporting%22:true,%22destination%22:%22https://alibaba.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221053718486%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229760589039714486753%22}&andc=true
Request Chain 121
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CVlIAxjkCZa2lEaO09fwPxNyGuAKj8Yn5cr_chq7dEMPmx5D4NhABINLMgRpgpdiTgJABoAHW77n2A8gBCeACAKgDAcgDywSqBMUCT9DaozwGwGaS55KsE-g4EJ9BYpNjXYrHdBxb806kq6aOhtJ7r16kVBAnf7jBkwqz9WnteiRdJb-TTm2seO5YO8XKAzFB12LB6eZeY6oFyIn-ZvwYzt_FP0qMlyFhKc8E5HrFVDiC8oNASMr24WJElqkSdqUHHf5bDTx06dn3v-bwWN8ZxnxmeO-jyNjAb6Oya66jOuinlU-YduaPI3Smqxxi8uMRyWcN0sab4g4IIiOZPom8-vkA-hcIQ93w4In8nK7KKwLbE9xpLaW9p-rRO9W8sPgPDO7Oz2I-UONClB3QhwSxdSJki6aIxtkgoFIXtWiIO4eG02BA1_2icUxyzJhb0HSPl2H0tW-4S1yg7rqC0B5n4LLwJqUisKbv7niR_js3iWUTKyteMi3HzEb86jnDnTqdjpPxbnidziP7J7hIiXRizcAE1dLIl5UE4AQBiAXN8dmkRpIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeSkMYJqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEIKRAdIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkYaHR0cHM6Ly93d3cuYWxpYmFiYS5jb20vgAoDyAsB2gwRCgsQgN6A6PL415DQARICAQPYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=Dlkq81WhOuU&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJW4rvqCkH197sZKBOJlEOwyE1CMQKFWJROUFEDrMuXHu0riC9M5klRfjnCH-7zlvXuVzzoqDu9umqAr-bNyL-YQo0Ve97rMhgB&template_id=494&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2edde4f3904c1390000000000000000%22,%222%22:%220x2cc33334daeb3f870000000000000000%22,%223%22:%220xa832eb733f33b6430000000000000000%22,%224%22:%220xf0d70dbf5d2c067c0000000000000000%22,%225%22:%220xfa5dd99bfd52d56f0000000000000000%22},%22debug_key%22:%221116328419291835565%22,%22debug_reporting%22:true,%22destination%22:%22https://alibaba.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221053718486%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229684307829924590961%22}&andc=true
Request Chain 133
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CIV4_xjkCZa6lEaO09fwPxNyGuAKj8Yn5cr_chq7dEMPmx5D4NhABINLMgRpgpdiTgJABoAHW77n2A8gBCeACAKgDAcgDywSqBMUCT9Ci_xV2nnjPvUveqA20zGNoK-YGhtzrh--CwYmL5QkIW7xGm_yyqr7YWrrwlYLM4AmZKYQWeyB2God-_m4lOJdxeTNDqJqoK2Cnyhbj3O7hb77Zvugs41yn-OaOGg3jFxQnvTax7Bbcu74TxK_hIs5KwiTQOML0015uyDaHN7GFyLWF2TAuXtB6FPK_YnGTgGoN0PrumglYj8nSoaMXWZeuMd8W72saQIdzN34uEh6uRken-uqIPoT5-f0ekBYPydpbELVf6_8ifLKJXO6xW7gxYKCR1mZ7dh8N_wiAcDHpQ_eVVlzOR3OVr39no2nfLCp3ufYNdcYzwwrb3_Xcw2hWv9ozckEvmo7usLO7DHWJH74wavs1g8ZN5G0kE8f0JiEjhdpNDoG0ZG4CsDeWlfIwes5ewsG7c8yBfbyMy1xF5ZGDpMAE1dLIl5UE4AQBiAXN8dmkRpIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeSkMYJqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEK_eD9IIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkYaHR0cHM6Ly93d3cuYWxpYmFiYS5jb20vgAoDyAsB2gwQCgoQ8PSRgITmi8lHEgIBA9gTC9AVAZgWAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=DrCz_7qxZVk&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJW4rvqCkH197sZKBOJlEOwyE1CMQKFWJROUFEDrMuXHu0riC9M5klRfjnCH-7zlvXuVzzoqDu9umqAr-bNyL-YQo0Ve97rMhgB&template_id=494&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2edde4f3904c1390000000000000000%22,%222%22:%220x2cc33334daeb3f870000000000000000%22,%223%22:%220xa832eb733f33b6430000000000000000%22,%224%22:%220xf0d70dbf5d2c067c0000000000000000%22,%225%22:%220xfa5dd99bfd52d56f0000000000000000%22},%22debug_key%22:%227147018001218390677%22,%22debug_reporting%22:true,%22destination%22:%22https://alibaba.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221053718486%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213535001571018700625%22}&andc=true
Request Chain 165
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 169
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 190
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=MJZHirCoARejLUH7yDkCZQ
Request Chain 191
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=6KtNIYRKDHC4tBbcyDkCZQ
Request Chain 192
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Jp1iD6wqDm6Pws0ByDkCZQ
Request Chain 193
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=O0RysTGPC-2-9UVJyDkCZQ
Request Chain 231
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C8-OzyTkCZe6zGq-B9fwP88ytsA7WlJGrcYKl--OLDP_Ror3AARABINLMgRpgpdiTgJABoAGwuqHXA8gBCakCKtx0aBMBsj7gAgCoAwHIA8sEqgS-Ak_QVBPIPk86lMHt_Rfd3Lwplr8ZKk4s23SdbPviLKqkIkPU9meM1nm6RpnI9E5qcZ-qLyofKcZHvGacb_3qUeK3sIwKMOfF6EYnHm3By-cz0LfhZkuylOKNqEsd_fD2rJYCmX3TA1UiAq8ns8t2xb9kafUif6hqWAJh6b7lMhX-Weg8VjVsFBs8TA1KyebMN2Gk0ysp4U7BoCyWGE9sGJ4OhKuEzO0JmTb6EYUp7MA27knZDeMqgd01sDFJlAa38fa34doQvUzOIWSw1atUAxT7NtsEdF48A_TJI1drX7yT0irbD7lpLc3EaZQ4T_E0azvDpTgku04kb_ETUn7Qs-wblZIuLePAg78b2rAS4Md7asjxg9dIfq763oAbvb6AbUtJZ5fzdS_Lns5znZlD0LitHmRSdonEmg1PgEtXNcAEvd_TuqMD4AQBiAW6y5mWK5IFBAgEGAGSBQQIBRgEoAYugAfK2ptlqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEOCbDtIIFAiAYRABGB0yAooCOgKAQEi9_cE6mglAaHR0cHM6Ly93d3cua2F5YWsuY29tLmF1L3NlbWkvZ2RudGV4dC9mbGlnaHRfZ2VuZXJhbC9hbnkvZW4uaHRtbIAKA8gLAaIMDCoKCgjktLEC7rWxAtoMEAoKEJCVydby7Jq5CRICAQPYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=Bu76rNeu2Dk&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWUCJj8hjsBvZ0Xu6ScUhlqYTjSwQcxbBzkHKKvPgxrhPHuXWbfrwIRaEjFolojFHkp80xX4vOGAE&template_id=494&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb0ae2bfeaa4f68a0000000000000000%22,%222%22:%220x2ce036c6a37d3310000000000000000%22,%223%22:%220x352650b29767329b0000000000000000%22,%224%22:%220x303ad3662a978d850000000000000000%22,%225%22:%220x8c2308b0460ebf2e0000000000000000%22},%22debug_key%22:%223806709610108942994%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.com.au%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224888067813414182913%22}&andc=true
Request Chain 250
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr6bKiUhCACBiACDIIJYu_i1lmA0E HTTP 301
  • https://tpc.googlesyndication.com/simgad/562616355818907787
Request Chain 252
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFdN5sfXMuOiYqYylM4O8Oo&google_cver=1&google_push=AXcoOmS2c4E37KLc72QNBNkr-YDaCc9LSxwXvYzAPilvO9p7beSb0wDTMo9LSxmksuzd7CB8CnJ__JvRUQWhapp9n0ZM6gCFdmsVw4D3NADhXLjfEHVHXIVDDQDhkLJTT7dAJuPbeyz85E6v&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS2c4E37KLc72QNBNkr-YDaCc9LSxwXvYzAPilvO9p7beSb0wDTMo9LSxmksuzd7CB8CnJ__JvRUQWhapp9n0ZM6gCFdmsVw4D3NADhXLjfEHVHXIVDDQDhkLJTT7dAJuPbeyz85E6v%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFdN5sfXMuOiYqYylM4O8Oo&google_cver=1&google_push=AXcoOmS2c4E37KLc72QNBNkr-YDaCc9LSxwXvYzAPilvO9p7beSb0wDTMo9LSxmksuzd7CB8CnJ__JvRUQWhapp9n0ZM6gCFdmsVw4D3NADhXLjfEHVHXIVDDQDhkLJTT7dAJuPbeyz85E6v&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS2c4E37KLc72QNBNkr-YDaCc9LSxwXvYzAPilvO9p7beSb0wDTMo9LSxmksuzd7CB8CnJ__JvRUQWhapp9n0ZM6gCFdmsVw4D3NADhXLjfEHVHXIVDDQDhkLJTT7dAJuPbeyz85E6v%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 253
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEEJ7U_ShT1Y6IeOnz2Vc354&google_cver=1&google_push=AXcoOmTHUy75jLNiWdeue7TN9cskVfrlgX6tyT_FXxr8wRiUV6I-LdB0a82DWdHtUpcwKRgZMUqkOl-CFVXO0CJi6mMguljujlOS7zqv_keaUJ9BXB2V01b4mAt1UlekAtBQhlZsKsgi2u1X-w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTHUy75jLNiWdeue7TN9cskVfrlgX6tyT_FXxr8wRiUV6I-LdB0a82DWdHtUpcwKRgZMUqkOl-CFVXO0CJi6mMguljujlOS7zqv_keaUJ9BXB2V01b4mAt1UlekAtBQhlZsKsgi2u1X-w&google_hm=Qld3TGlYZVJuVFM2Q2RialM2M3VLaHZDbHpz&from_google=pc1
Request Chain 254
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELrNk4RY2-62HY8iPpa-QFY&google_cver=1&google_push=AXcoOmSLwm_iqH2ixwW7_KAVeE97vkvFaVq-UcNSgpr0zVX4_rO8gMqBbwKtkijrBfQMrGxybfqk1BKrgFbEucrirSzXy_B6mnUdp56Y8cPGoxGgCNZejYJi1nuup5Gz4tbv08Jx3vniLtuf HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSLwm_iqH2ixwW7_KAVeE97vkvFaVq-UcNSgpr0zVX4_rO8gMqBbwKtkijrBfQMrGxybfqk1BKrgFbEucrirSzXy_B6mnUdp56Y8cPGoxGgCNZejYJi1nuup5Gz4tbv08Jx3vniLtuf&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1694644682643 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-925e8914-b45f-4f06-ac03-295ed6e0c661-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSLwm_iqH2ixwW7_KAVeE97vkvFaVq-UcNSgpr0zVX4_rO8gMqBbwKtkijrBfQMrGxybfqk1BKrgFbEucrirSzXy_B6mnUdp56Y8cPGoxGgCNZejYJi1nuup5Gz4tbv08Jx3vniLtuf%26google_hm%3DBJJeiRS0X08GrAMpXtbgxmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSLwm_iqH2ixwW7_KAVeE97vkvFaVq-UcNSgpr0zVX4_rO8gMqBbwKtkijrBfQMrGxybfqk1BKrgFbEucrirSzXy_B6mnUdp56Y8cPGoxGgCNZejYJi1nuup5Gz4tbv08Jx3vniLtuf&google_hm=BJJeiRS0X08GrAMpXtbgxmE
Request Chain 255
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEJBg-CrpDRFpgjpd3c7qmNQ&google_cver=1&google_push=AXcoOmSgl9VWHX6LF1rQTK8diYZAWUiIFgdc4p0UCVKxdIgBIEgFbluCGm8U3uSjSGkZGlcV9g9pxd8Sg6De3CZK6lYsJafRXTGRfnAf3hHPfCxw-JfkZsUQXXL1X-sJ83DLpeS02E8t9tPwkA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmSgl9VWHX6LF1rQTK8diYZAWUiIFgdc4p0UCVKxdIgBIEgFbluCGm8U3uSjSGkZGlcV9g9pxd8Sg6De3CZK6lYsJafRXTGRfnAf3hHPfCxw-JfkZsUQXXL1X-sJ83DLpeS02E8t9tPwkA&google_hm=23dc696e583e10ca72a1fc35fea6112e
Request Chain 256
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmS0bcoPF19KurO4S2mlMeHTuJCvAYW8rY5UYtJwiXk35yxWycI1zBhtJhOL03SVS0u7nq9zD_sdhMhvaItM0DJjj9IxUaZeeIDmwaReTCEaRnHhQCm1zStwkV2cjZpt4awLKINs8HvWl-4&google_gid=CAESEHgeTBYoR3T5CHq3oWWZux8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHgeTBYoR3T5CHq3oWWZux8&google_hm=T1BVMDJhMjNiOTlkMWE4NDFmZTg5MzBlMmEwZGRmNmYyOTU&google_nid=opera_norway_as&google_push=AXcoOmS0bcoPF19KurO4S2mlMeHTuJCvAYW8rY5UYtJwiXk35yxWycI1zBhtJhOL03SVS0u7nq9zD_sdhMhvaItM0DJjj9IxUaZeeIDmwaReTCEaRnHhQCm1zStwkV2cjZpt4awLKINs8HvWl-4
Request Chain 257
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEJXB-SxMnSTq9A1YrmEnLno&google_cver=1&google_push=AXcoOmTMajdT9547wEFS7y-WEUrP_Q8h5DRwI61EZ6hN3iVlmeHEcWrds3MrvQ-MYNEbkerm_SCQ0oCvh6T-Utd0HnzsZGQ8moIt1MJ00_oNSeU3P-cf-cR4yCMzIZnpxkoqY75-XwnxWEezQ8g HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEJXB-SxMnSTq9A1YrmEnLno&google_push=AXcoOmTMajdT9547wEFS7y-WEUrP_Q8h5DRwI61EZ6hN3iVlmeHEcWrds3MrvQ-MYNEbkerm_SCQ0oCvh6T-Utd0HnzsZGQ8moIt1MJ00_oNSeU3P-cf-cR4yCMzIZnpxkoqY75-XwnxWEezQ8g&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTMajdT9547wEFS7y-WEUrP_Q8h5DRwI61EZ6hN3iVlmeHEcWrds3MrvQ-MYNEbkerm_SCQ0oCvh6T-Utd0HnzsZGQ8moIt1MJ00_oNSeU3P-cf-cR4yCMzIZnpxkoqY75-XwnxWEezQ8g&google_hm=c2M0M0d0aWszZUY3ZVI2R1pFUDk=
Request Chain 270
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

272 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Qz7Rv0
reurl.cc/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
27df82ac2cee597ecea9711540b9d4e19db689397ba2832d21aa2eb552c10a3f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 22:37:56 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Sep 2023 22:37:57 GMT
x-content-type-options
nosniff
content-encoding
br
age
5261218
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25648
x-served-by
cache-fra-eddf8230028-FRA, cache-bfi-kbfi7400037-BFI
x-jsd-version-type
version
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/Qz7Rv0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:56 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-9f6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Thu, 12 Sep 2024 22:37:56 GMT
ats.js
anymind360.com/js/9479/ 		164 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/9479/ats.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
469d4d0f83b5f36bbf22241eff44e58a8a1c54ed9e64f246fab82c8f9a19e8a9
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

expires
Tue, 12 Sep 2023 09:35:31 GMT
date
Wed, 13 Sep 2023 22:37:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
133345
x-guploader-uploadid
ADPycdsrW4ky9r0EUey_ZYL-xrGjm2bHiSVADQyxcaI4D8jg_tGvhbabX-weVjWwQMa_wTlbovwZXF5C1Wl5lH7VALij2RBssl_2
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
39127
x-served-by
cache-tyo11954-TYO, cache-bfi-kbfi7400064-BFI
last-modified
Tue, 15 Aug 2023 07:32:57 GMT
server
UploadServer
x-timer
S1694644677.064763,VS0,VE1
etag
"a251cd6d6d1d7b8a30fd3b078f2341e2"
vary
Accept-Encoding
x-goog-generation
1692084777439942
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=nyYt0Q==, md5=olHNbW0de4ow/TsHjyNB4g==
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
39127
accept-ranges
bytes
x-cache-hits
1414, 1
pixel.js
reurl.cc/javascripts/ 		429 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/Qz7Rv0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:56 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-1ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Thu, 12 Sep 2024 22:37:56 GMT
utag.js
t.ssp.hinet.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 13 Sep 2023 22:47:58 GMT
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
47f779c7c5965819dac2b7aea9a67f6727fa77e0581c1697f9362f68de452bad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93267
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Sep 2023 22:37:57 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
b101c1db54288fd49bd8f58a6e2c94eb465ab50b6ffd4ecb6cb730f16b4520f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29220
x-xss-protection
0
server
cafe
etag
448 / 19613 / m202309070101 / config-hash: 14951070581302255047
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 22:37:57 GMT
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Sep 2023 22:37:57 GMT
x-content-type-options
nosniff
content-encoding
br
age
1342359
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33184
x-served-by
cache-fra-eddf8230020-FRA, cache-bfi-kbfi7400037-BFI
x-jsd-version-type
version
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
reurl.cc/javascripts/ 		412 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/Qz7Rv0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:56 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-19c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Thu, 12 Sep 2024 22:37:56 GMT
loading.js
reurl.cc/javascripts/ 		134 B
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/Qz7Rv0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:56 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-86"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Thu, 12 Sep 2024 22:37:56 GMT
ga2.js
reurl.cc/javascripts/ 		536 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/Qz7Rv0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:56 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-218"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Thu, 12 Sep 2024 22:37:56 GMT
fbevents.js
connect.facebook.net/en_US/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
1e67ae65bdc6df3d474fb6c5636258e6d130fb30a3b526578c7c12188c1e6b6f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 13 Sep 2023 22:37:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52125
x-xss-protection
0
pragma
public
x-fb-debug
AWQHg5l9h1jMGwLHoD8KGPpc9LqD4YrRrkTAM9vYgexHXidBPGb/c8Wo/BssD6zwkB2AQG+mefGUH7gCj6Rh9Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
page.php
www.facebook.com/plugins/ Frame C6E2 		94 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
53dc3aed8964878f7a76010938a889d9cc9f47cd86dcbcc43511c2c4f0b299e5
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 22:37:57 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
ATJ7aNV2uHxm2VK2NOxVLw6fLZ1K/p7T86c6NdLPfwIM2CirfjOoPMPQFCTfry7urhjx5XLjnPw9jIXysyM4hA==
x-xss-protection
0
feeds
storage.re-news.tw/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
464ca7deadef21ab57506517cdfd0898062c4736181e112a1cf4480337482fee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:57 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1ca9-lyCa6VRv8nNsrH9aY+c5cfm/MJ8"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7337
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 13 Sep 2023 21:07:25 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5433
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 13 Sep 2023 23:07:25 GMT
1694622634-29b2710b398d2f605d2cd437c9e75497-721x525.jpg
img.gbyhn.com.tw/2023/09/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2023/09/1694622634-29b2710b398d2f605d2cd437c9e75497-721x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.96.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a51a33a8c3b83a167c83a13478243994ea66125ef756101405928389f5d6f79

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8249
alt-svc
h3=":443"; ma=86400
content-length
66661
last-modified
Wed, 13 Sep 2023 16:30:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x47abpmzexO3f0KZbXTArNJUVyj%2BXqXP%2FwCocUmWBeAbW2IzLmVrRgm4npj9e58XyRdu9nH%2BMocoYdOx1JaFc4tah6neF9iu4PSyLr8jqTryzYN96bpoWqMou1lo5uSSvYrB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8063e0b63f3faae1-SYD
expires
Wed, 20 Sep 2023 16:34:46 GMT
%E6%96%B0%E5%85%89%E6%97%A5%E8%88%AA%E8%81%AF%E5%90%8D%E5%8D%A1%EF%BC%8C%E5%9C%8B%E5%A4%96%E6%B6%88%E8%B2%BB%E5%92%8C%E6%97%A5%E8%88%AA%E5%AE%98%E7%B6%B2%E6%9C%80%E9%AB%98-NT40-1-%E5%93%A9-1080x630...
creditcards.com.tw/wp-content/uploads/2023/09/ 		0
0
image_5025566_40972072.jpg
mma.prnasia.com/media2/2208417/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/2208417/image_5025566_40972072.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.238.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
86535cc2caf75bac3415ae716f14ecc90df2d41224e3c4b9f33cf6b730e8c255

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
cf-cache-status
HIT
age
31259
x-powered-by
ASP.NET
server-timing
intid;desc=9f3bd94f404cb525
content-length
66704
cf-bgj
h2pri
last-modified
Wed, 13 Sep 2023 13:50:06 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8063e0b62a7e54f7-SYD
access-control-allow-headers
Content-Type
expires
Wed, 13 Sep 2023 13:50:07 GMT
renews-title1.png
re-news.tw/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.136.122 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
122.136.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
last-modified
Sun, 28 Nov 2021 04:19:19 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"61a30347-5fad"
content-length
24493
content-type
image/png
2023090215043533.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2023/09/2023090215043533.jpg?resize=150%2C150&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
717097102d91fa2f9c7122d387fb7f8c25bc9c7dda56c1b1cde19f0b26e2acf2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-nc
HIT syd 1
date
Wed, 13 Sep 2023 22:37:57 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Sep 2023 14:36:31 GMT
server
nginx
etag
"318df09f51d0979b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2023/09/2023090215043533.jpg>; rel="canonical"
content-length
6114
expires
Mon, 08 Sep 2025 02:36:31 GMT
file.png
static.wixstatic.com/media/8d2acb_9168c505dbaf42eab957c535a2c39aa3~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/8d2acb_9168c505dbaf42eab957c535a2c39aa3~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-66.syd62.r.cloudfront.net
Software
openresty/1.21.4.1 /
Resource Hash
1418f2ac3ffc9157e260a4b35e6253c80142817520c07ed6e933c5ae9580e846

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-seen-by
image-manipulator-6b469b496d-qnz5x
date
Wed, 30 Aug 2023 15:20:20 GMT
via
1.1 google, 1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
SYD62-P1
age
1235858
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
CKmNv76yGPzSgURVgzV0SzrDMZl2sgJiGaUvIxXAWxbGrqbb902hmg==
content-length
181097
wix-tracer
2Ui3xXc8MDUmCpJNB8VKEJRaxMD
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
strict-transport-security
max-age=31536000
x-ac
2.syd _atomic_bur BYPASS
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
184823
expires
Wed, 20 Sep 2023 22:37:57 GMT
ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94...
www.rayskyinvest.com/wp-content/uploads/2023/03/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/2023/03/ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94%A2%E5%93%81-750x375.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.120.190.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.190.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Wed, 13 Sep 2023 22:37:57 GMT
expires
Thu, 12 Sep 2024 21:30:27 GMT
last-modified
Thu, 30 Mar 2023 16:44:53 GMT
server
nginx
etag
"6425bc85-7a08"
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
31240
x-cdn-c
all
x-sg-cdn
1
1675200226052423
connect.facebook.net/signals/config/ 		212 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.126&r=stable&domain=reurl.cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
6b09e44a969207b0ea3bc45ad72da4261acc92859f1606bca1d9b55341fec29b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 13 Sep 2023 22:37:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58010
x-xss-protection
0
pragma
public
x-fb-debug
sBCtRcYevcsibApYTewfXI6Vwo/878yz3KusqvO8SiTnvzvw9h6csPR/Zt2uPiuSYdTVFu2le6HjosRfXft7Kg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1694644677869&sw=1600&sh=1200&v=2.9.126&r=stable&ec=0&o=28&fbp=fb.1.1694644677866.376816815&cs_est=true&pm=1&hrl=29680f&it=1694644677844&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 13 Sep 2023 22:37:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
1h3Sp4JgmPY.css
static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/ Frame C6E2 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/1h3Sp4JgmPY.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
48c5c53db7bb6b4b9c393ab98701ba3c03398470c1110678a09d50ec31ad9db9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4KBK0CE4Ztb99WTkY5RAbw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5290
x-fb-debug
KhuNIHY93jjp6CaAmQ96yGI4STMwcwyA64RAo9AY5qiwTCnQ86oILTMM6t8v02U4Pha84Lisl/CdyVPED1KjfQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 10 Sep 2024 17:46:32 GMT
LqjT5yr2aiX.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/ Frame C6E2 		61 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/LqjT5yr2aiX.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
2c2e3ecf33f22d3afb5e42ea8c90d721bae4496c24bbbc2bc7d446a5a75a25d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q/YjW/cJPTIHh8HfKZcHtw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12345
x-fb-debug
mxGLNeiQckKkthT44naociPpI4VP1rb+ykerZMH1k7cRcgFJVqvtA7aVFFubwVmuZ4sPFJimQ7WIOs6sc/8W/Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 12 Sep 2024 16:24:16 GMT
ZYdYOlMC7CT.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame C6E2 		315 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/ZYdYOlMC7CT.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
9634e751ba4540ee9129631b8cc0ce43e568beb8ee008d4c6a3d088b2255ab59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mSrNNKGNBzjDaGrB0761XA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
85894
x-fb-debug
5K4bSc2J7nU2xK1b/JvAV105UdxNHDOA8erLDiGmRBlcXTMmN8peagPcBRXkeu77iUW2UPJq9TqUkD/BlKx/Ew==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 12 Sep 2024 01:45:36 GMT
wWRM6M0Ji16.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame C6E2 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/wWRM6M0Ji16.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
bda989a7ce240730a0713822b28be9c7a529bc69f15514dfd925f0e650664709
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cSvC7dgP+IAKNygEiYlecw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27717
x-fb-debug
HWLT4sKlLyvvnA2DwA2OPT95ORzil7oDEfJvMQRuX4kLPJuaWa6Cyr+xA3RdPTLreB1jeDHIeC0aHlsAOjY0DA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 10 Sep 2024 01:26:50 GMT
Qto6lZB1h_E.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame C6E2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/Qto6lZB1h_E.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
894f2e66ace52b5a7cd7a21e26ccb40b7507bbd8d70fbad0e9f3e51039ad9481
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fzNYTRpcsZeVNcWDrqrE9Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1689
x-fb-debug
aSNyA5DU7jky1BmzjUOxBwNWocXevVTiJZxiYV7fc0Knw8QYOPncG6gXRNsAqly85QSCoZmckPvzapW9hFM7fw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 12 Sep 2024 11:10:59 GMT
x-J4GW9p3-K.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ Frame C6E2 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/x-J4GW9p3-K.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
9f91b41b85237749c20e054caad339d8ec0cfd1e4c5b5ac129d0f2618e319200
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
JZH9N8wokVrg9JyKrlxXVw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14066
x-fb-debug
0pWV4ajTUDXzUhKX187hKa0TJsLbXpN+87teK0mu98L7M8gsLYnVG4HTL5apksgjzHlGY3EezbgkfNxY10babw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 07 Sep 2024 19:09:00 GMT
k_3JxT-AW1I.js
static.xx.fbcdn.net/rsrc.php/v3iLl54/yt/l/en_GB/ Frame C6E2 		235 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yt/l/en_GB/k_3JxT-AW1I.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
9a3fa7683f5a44d88ea848846175cc72f566df54ab401df83df3b296beb28a6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/SaEY0Zj9pNhb9bThbHAaw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
67138
x-fb-debug
aecnsZ38vD0bmJ6KmdPv+7oSq/udsM7EiPV6AckK466Y4aieDu2k5aAKSvR4EtE9e12iw8l7+sIlwqsCmGW2lw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 10 Sep 2024 08:42:07 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame C6E2 		507 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-debug
DaL2XkqB2+fGuIGmtetOF3n94/5pG7U1+mYLCbFyE8NiQL6UNfrnym14IDhVSkIPOLkz4zxmEx2zo2Z9zu7Pqw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 12 Sep 2024 01:27:58 GMT
SN-C8KZE0Ll.js
static.xx.fbcdn.net/rsrc.php/v3i7244/yA/l/en_GB/ Frame C6E2 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7244/yA/l/en_GB/SN-C8KZE0Ll.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
6a7e35c9c839ed3385442506b695930bb76874bca93be694fd2ce9b8f108ab4a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZrL0yLhzx2PI7GERGFNQIg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
29942
x-fb-debug
Nimz0eQhiYv57KB9ho49wtF93VnyYCwAkzvnOYSfpARTAeoO1gkqVXGOZPiBne+XS0qA26ubxkw92VmIISMMYw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 11 Sep 2024 21:19:49 GMT
WMsZOCMa-Lc.js
static.xx.fbcdn.net/rsrc.php/v3ixGJ4/yk/l/en_GB/ Frame C6E2 		340 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ixGJ4/yk/l/en_GB/WMsZOCMa-Lc.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
95bc3b64bd85d6732c31fc5a61becdb11de8ef9fc6fa0f55761397a4144d9639
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qfxM0FnfiG0C5ixVUE2omQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
81941
x-fb-debug
0ie6aE59MkUH2fLvksTXHQwJ6kKHSGO71IRLJk/ZSB2xWwtK0doc+huas6EV4VhsxBKSp7ZmlqVkb3nIOQuoRw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 07 Sep 2024 01:39:54 GMT
OxO2OOLWD4a.js
static.xx.fbcdn.net/rsrc.php/v3iac54/yf/l/en_GB/ Frame C6E2 		394 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iac54/yf/l/en_GB/OxO2OOLWD4a.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
5f6e0bce5c9dd54ac1057dbf990b22e8e2e601bcc67244a1c7abbcc1199fce2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/jyEp8WmyMvGCP9DjHC5zw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
95072
x-fb-debug
MzZ0esUUQ5GYny/JKuUYL1PLZw77koQQAQcllr1hJzt5YtN+HguiTiAGplTc1gdguoF/eS+2crYfHPiMzQDt2w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 12 Sep 2024 01:28:04 GMT
irX8PSIfYqy.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame C6E2 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/irX8PSIfYqy.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
9f0bc12855454bf37b26e71b2052fac720d6095b4da5639de8f17d150ee6afe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
IYRj+09SfXx2ymyO7xZtDA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4252
x-fb-debug
KVYC+D2wBSq2as13QN3Rjx0uqC5dpcC+QknmoPOPoVInfq1KW81plc+xrmOMVegCMQz/Gj+0grhgQW/yGpghXA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 10 Sep 2024 17:46:32 GMT
_TD-JJIWHWN.js
static.xx.fbcdn.net/rsrc.php/v3ibcU4/yY/l/en_GB/ Frame C6E2 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ibcU4/yY/l/en_GB/_TD-JJIWHWN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
172f222cc4695fcaafb44cf1805be610b1b29e1ef50a18488a8f3f368754975c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
U+AayL0ghdaNt/ZcwMUZhA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13068
x-fb-debug
SWn5RBXFMhpIQwcp1qbCFa2IAUFG4dY/Os0rNVwXxOM9Un0AWo4FYUiNKJh8clggcROeZbiI/vilaK2s3FkhnA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 12 Sep 2024 02:41:07 GMT
HzxD9aAXSyD.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame C6E2 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oRcNmPqvdkv3ysBSBC5rSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15157
x-fb-debug
ZocjrEGYJF7WxjS51+DbPQ1bNbc7JM53o8dFdLnHl3iR6gfc2UtDj+4E0L+E2OWq8ooHp7uft4ZlQR5iXpry3A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 04 Sep 2024 17:48:42 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent-syd2-1.xx.fbcdn.net/v/t39.30808-6/ Frame C6E2 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-syd2-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=649c01&_nc_ohc=z-Ea_f9djBQAX9-WXJv&_nc_ht=scontent-syd2-1.xx&edm=ADwHzz8EAAAA&oh=00_AfBIT9484dpibwymSZppPzoheilz-Tz_Q0dnAXDDN2nuxQ&oe=6506D305
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Fri, 13 Jan 2023 04:15:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1433450679
thrift_fmhk
GBA6WTqD1dPMq66N2SslPPP9FfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2910780274
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
16853
305964663_450890893727816_1742559653774706626_n.jpg
scontent-syd2-1.xx.fbcdn.net/v/t39.30808-1/ Frame C6E2 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-syd2-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=5fac6f&_nc_ohc=_pYxk2z6lEoAX9DYnei&_nc_ht=scontent-syd2-1.xx&edm=ADwHzz8EAAAA&oh=00_AfBLTIylnrMR0gOdxzWiMPGv31dVncrnrgK3beH0FJT4Uw&oe=65078CD5
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2540016234
thrift_fmhk
GBDRXhaRoyOr3yYBfObUSJgvFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1345
collect
www.google-analytics.com/j/ 		4 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1692201647&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FQz7Rv0&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1535993018&gjid=1931366808&cid=1598782723.1694644678&tid=UA-102456694-1&_gid=1818783863.1694644678&_r=1&_slc=1&z=1850932818
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:37:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1692201647&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FQz7Rv0&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=&el=&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1598782723.1694644678&tid=UA-102456694-1&_gid=1818783863.1694644678&z=1766535864
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 01:56:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74501
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/ 		407 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
cdfaa72b458fb25ea103ecf2d40e5e253f76bda53575d8ff1fa3cc74be9188d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 11:13:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
41055
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131482
x-xss-protection
0
server
cafe
etag
16108570608941028100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 12 Sep 2024 11:13:43 GMT
collect
analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je39b0&_p=1692201647&_gaz=1&cid=1598782723.1694644678&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694644678&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FQz7Rv0&dt=URL%20Shortener%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:37:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=1598782723.1694644678&gtm=45je39b0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:37:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=1598782723.1694644678&gtm=45je39b0&aip=1&z=1135166675
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:37:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-ab99"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 14 Sep 2023 22:37:59 GMT
ob.js
cdn-ima.33across.com/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 04 Aug 2023 18:38:49 GMT
server
cloudflare
age
532515
etag
W/"64cd45b9-a13f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8063e0b6cad0a93b-SYD
expires
Sat, 16 Sep 2023 22:37:58 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 23:22:34 GMT
content-encoding
gzip
age
1898124
x-guploader-uploadid
ADPycduruLX3CkRCvjM4D44BJwbJMdkXirVGl_ZIKT7D8F6JxxeJwBTkUWv34758RtnE9Wk3QelmsLsDnwrBMePD-zM0Cw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 21 Aug 2024 23:22:34 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
db1deb5e22ea5efd98be1b77fa39df5e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-90.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 16:57:09 GMT
content-encoding
gzip
via
1.1 49a6e32d0e77764a9e697970808fdae8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
20450
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
0s152aX_KxZUpox3Zxr7X5Sc5QpC4eIA4f6drjd1cQJPH3ocRj-5AA==
ads
securepubads.g.doubleclick.net/gampad/ 		453 KB
71 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2651025660211419&correlator=1164277159809755&eid=31077483%2C31077696%2C20222282%2C21065725&output=ldjh&gdfp_req=1&vrg=202309070101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210%2C14209&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250%2C1x1%7C320x50%7C300x100%7C320x100&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694644678173&lmt=1694615878&adxs=245%2C1005%2C245%2C625%2C245&adys=548%2C108%2C108%2C108%2C358&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Freurl.cc%2FQz7Rv0&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250%7C1140x50&msz=1110x90%7C350x250%7C350x250%7C350x250%7C1110x50&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1598782723.1694644678&ga_sid=1694644678&ga_hid=1692201647&ga_fc=true&dlt=1694644676695&idt=1450&cust_params=url%3D%252FQz7Rv0%26ref%3Dnull&adks=81851380%2C1451399479%2C827794272%2C3242553145%2C3271617715&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
968764c98a1c96d98c665926905742035414ba3d611a95f04f7d4558885db021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:59 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72267
x-xss-protection
0
google-lineitem-id
-1,-1,-1,6297900949,6297899953
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,138432357881,138432362607
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2651025660211419&correlator=1164277159809755&eid=31077483%2C31077696%2C20222282%2C21065725&output=ldjh&gdfp_req=1&vrg=202309070101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694644678182&lmt=1694615878&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Freurl.cc%2FQz7Rv0&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=1598782723.1694644678&ga_sid=1694644678&ga_hid=1692201647&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmtzGhakxSABSAghkEhsKDDMzYWNyb3NzLmNvbRia3MaFqTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YmtzGhakxSABSAghkEhcKCHJ0YmhvdXNlGJrcxoWpMUgAUgIIZBIUCgVvcGVueBia3MaFqTFIAFICCGQ.&dlt=1694644676695&idt=1450&cust_params=url%3D%252FQz7Rv0%26ref%3Dnull&adks=3261691140&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
2c54d1d941892b04f991723aa500f94e73b925618258b631d2cb9b096b0f5870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12135
x-xss-protection
0
google-lineitem-id
6263003938
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138428653768
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 42BE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 22:37:58 GMT
expires
Thu, 12 Sep 2024 22:37:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		8 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=1598782723.1694644678&jid=1535993018&gjid=1931366808&_gid=1818783863.1694644678&_u=IEBAAEAAAAAAACAAI~&z=1778570884
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 13 Sep 2023 22:37:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FQz7Rv0&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FQz7Rv0&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FQz7Rv0&rid=esp&cc=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
a5e8070ff2fbd251cf7ea20bc66ab0067bcf65ef15acc10a19acf1b28f310d8d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-yozD1sidfGXt+I3bdD/kHpQyYCM"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 13 Sep 2023 22:37:58 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://reurl.cc
location
/esp?url=https%3A%2F%2Freurl.cc%2FQz7Rv0&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
t.ssp.hinet.net/ 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
26fc2025d1cf7cab66516991b351dc91b296a72b0b63953556026898cb608884
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
map
bcp.crwdcntrl.net/6/ 		235 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.250.53 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-250-53.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b88385fcaa220254cf2b6400d71d84af2c84544674b31711f2c815f66d3c7b59

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:37:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://reurl.cc
cache-control
no-cache
x-server
10.42.20.145
access-control-allow-credentials
true
content-length
235
expires
0
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame C6E2 		573 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/1h3Sp4JgmPY.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/1h3Sp4JgmPY.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-debug
e9pjvSnbonqRRM/+tHtz2y/KC26iumClHte3wAUY7Am01h3M+CDy7Aa/pj+7vgvIslvr9l2dMM34honL9RPcGQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 12 Sep 2024 18:18:27 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame C6E2 		0
0
/
www.facebook.com/platform/plugin/page/logging/ Frame C6E2 		907 B
829 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yA/l/en_GB/SN-C8KZE0Ll.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
1178ad40da093040499e1066fa9f4fb8fe9e3b8023efc29e94dd83fe389c73c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
T3bD3-iX_OAwc2AheTbodu
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 13 Sep 2023 22:37:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-fb-debug
v3X2lmSimW8vtsXhBl4QM8qMst7y4nCR+SS2N9N9QM7vI90kRI7U/tdubbKhnje/Tg3TqaLl9UXNzLBIOn7TSw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame C6E2 		907 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yA/l/en_GB/SN-C8KZE0Ll.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
39df275e8da264770b285db6e0735133fbac27e821f8a0ad978e2ff63b5ab2f3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
T3bD3-iX_OAwc2AheTbodu
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 13 Sep 2023 22:37:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
pragma
no-cache
x-fb-debug
OQhuFLBHSkenkvXlBngsH/IG1cxSg8sRQwA22lARx61RAJEjjXanPxZDEz8GtD9dH8kpyJjTyvgWhzRiUdbpoQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
emome2
t.ssp.hinet.net/ 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=43be7e26-d680-4a57-a5c1-d579318138c0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
Zj4GuFghQl4.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame C6E2 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/Zj4GuFghQl4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/ZYdYOlMC7CT.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dBSAisRg2e2k/EbKxbTt7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3450
x-fb-debug
RF63zXL2iBshUmCrBy5qi0kUr0SiUcptS+mQ+f02tCi3NfKc1LROnsw/7/yLLSwdmEfZlQyPWTsmT7CukVDycQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 10 Sep 2024 08:41:45 GMT
InF7QPIKAxe.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame C6E2 		338 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/InF7QPIKAxe.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/ZYdYOlMC7CT.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
c2e5878ccb3c79ee989e7ff4667123dc7435b54579f14093a597f7d4a8d06d83
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
TBJ4FwfN4knXLfxQCDACLQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74733
x-fb-debug
x41p664zFHB49J2rSpv47SHF8hmzOO1/5M5TtVAYMnuryQ2Va+St2heg+tpXZm5UxpPI3zfGgiadfdflNBY1NA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 12 Sep 2024 02:38:12 GMT
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame C6E2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/LqjT5yr2aiX.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/LqjT5yr2aiX.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
x-fb-debug
ff3fxw7YoAdPhyQ/na0WyusBBQVET2ELxdMOmw2DjufN1GxVy27a9PrsPWInIGka/kowpuvsju6WGhCoggU4SA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 29 Aug 2024 23:05:26 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame C6E2 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/1h3Sp4JgmPY.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/1h3Sp4JgmPY.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
x-fb-debug
wNFmSauE9d4x1j3xfnZlHyio1EKm2gCfK0iwrbIevveRK1IoK7Fao0pNW9IG+/TsGctsvDIRzPkcwuljtEYHQA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 10 Sep 2024 02:46:32 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame EDB6 		484 B
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
fb3355776c8def8fbbb0aca3d3b1c6e812196a8683e11565249cecf12c06ce92

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
310
content-type
text/html
date
Wed, 13 Sep 2023 22:37:58 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame C6E2 		198 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/ZYdYOlMC7CT.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
x-content-type-options
nosniff
content-md5
gixzAcHA/hBBjzjO9Ez8tQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
198
x-fb-debug
+JyeBfkNzqQtNMjzHXGor5Ty65uNjukOFB1sIJVfQF6o/AXXnpD4QatlqQHhqHUp1zviZxHaCGWc6+xdvEBzsg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 12 Sep 2024 03:14:44 GMT
/
www.facebook.com/login/ Frame C6E2 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 94CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSKENrj5Y14UDvcqRgO889mgBuHfFTmZQ2jrmGIBHFbpwHCVPX5Eq_xZBd4WcdFiLkJhpPQFV6Kzg6kZ1DNzIBHMidF8RcASSrMpX3HEWZap4zpLUcOnLZxpg6HyW1HZOGDireCjk6M7DBtSH721vHDJXYgHlnPUdrPU9FbwZaPHAh3OBzebD-Ecv1Kt-G5owl19wy5jDj7AC4MEAOXlZFwF1Ru-LrUWU4frkAkui2WxY0eVCQvi2brG8bC1cCoHszzyH00vTolUtEvL1IEcsIDekYfL_SdkPuHG8cmdsBKSz2f8FeoZjkrEx5uRlcZMcHeNvE1lPHrZ3HeCGeq77WAObqzQ&sai=AMfl-YTW7xoIv0xGzWF-TU7bApOYG0bLcCXRYqEja5Kvc5maQa9Idx3sjzkIpbkiG44Dg_fMkB4o-9oO3-hVa3A1b2xdV8P4k5Pzu3dyGXCBm6VBxM9MRNtkM3NSIPL0HmflBXFv1Rn65Bd_phWgZu1R&sig=Cg0ArKJSzFCdpsJhgygwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 22:37:58 GMT
7942.js
cnt.trvdp.com/js/1250/ Frame 94CD 		535 B
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/1250/7942.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-65.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 06:43:33 GMT
via
1.1 a8d63eee2fd456f0e1e6772e38461220.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 15:54:16 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
12671666
etag
"f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
535
x-amz-cf-id
EKHsuCy4y4kyf-AKUTbtnGIqAqdIKMW6cauN6qsCU01rUPWNpgheBw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 94CD 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 22:37:59 GMT
/
www.facebook.com/login/ Frame C6E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/ZYdYOlMC7CT.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 13 Sep 2023 22:37:58 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
VMkw4CIaecQuDx1q4wSMXhyGy0x64baZCDbqj5n6wDEly7ZLDWovmML0aGy/ipR6lkQ5cQindRnkJubedxGKXg==
x-frame-options
DENY
x-xss-protection
0
7942.js
go.trvdp.com/init/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/7942.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-67.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:30:28 GMT
via
1.1 74ae22067fef6f6228fb9f864f22f58a.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 08:02:02 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
1818450
etag
"cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5845
x-amz-cf-id
MCACvZwIGvgOdItmVpExYdWiVh30lTes-i9mTehH5iF0SSpqPuhE3g==
p.php
stg.truvidplayer.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=9106.74741613466&pid=5434&url=https%3A%2F%2Freurl.cc%2FQz7Rv0
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-18.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
85d8da28d874dbd74e5513e5dea377b088aba0b5bcc8ffe63965e1359e7fd3e0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
content-encoding
gzip
via
1.1 5e473a5e64c6a2f7bc916721cc188252.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
Dk_hQqfIWXOGHo2TzjIHtpL9kwyq1DvEXjqk78RrtdK03Jf-ZUa3Sg==
sd
us-u.openx.net/w/1.0/ Frame EDB6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=f7688949-0e80-7d1a-c5f5-afa7234320cf&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=f7688949-0e80-7d1a-c5f5-afa7234320cf&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=dbeeddfc-dd45-4152-99fa-6c60c8ca3638&ttd_puid=f7688949-0e80-7d1a-c5f5-afa7234320cf&gdpr=0&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=dbeeddfc-dd45-4152-99fa-6c60c8ca3638&ttd_puid=f7688949-0e80-7d1a-c5f5-afa7234320cf&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:37:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=dbeeddfc-dd45-4152-99fa-6c60c8ca3638&ttd_puid=f7688949-0e80-7d1a-c5f5-afa7234320cf&gdpr=0&gdpr_consent=
date
Wed, 13 Sep 2023 22:37:58 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame EDB6
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZQI5x8Co8YUAAJJpySwAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZQI5x8Co8YUAAJJpySwAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:37:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Wed, 13 Sep 2023 22:37:59 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.163","key":"ZQI5x8Co8YUAAJJpySwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad54"}
X-SO-Key
ZQI5x8Co8YUAAJJpySwAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad54
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZQI5x8Co8YUAAJJpySwAAAAA
Cache-Control
private
X-SO-HostName
m-ad54.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-IP
66.203.112.163
sd
jp-u.openx.net/w/1.0/ Frame EDB6
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWzehHGWKiznks8AD7P3vIEX1s8AAAGKkLGw3g
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWzehHGWKiznks8AD7P3vIEX1s8AAAGKkLGw3g
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:37:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:37:58 GMT
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWzehHGWKiznks8AD7P3vIEX1s8AAAGKkLGw3g
cache-control
no-cache
content-length
0
x-amz-cf-id
gSyrwtxolM5kUrVqlWznFsUR0XYiJmo9xXeUuuHcRw8VkmyXqWlWew==
expires
-1
pixel
cm.g.doubleclick.net/ Frame EDB6 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGIwNzVhODMtYzdmNy0yM2JlLWQwMTUtZjUxZWU5YTFlZWFm
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:37:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EDB6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC_P0Xrs_SLxD7clsxMvDXE&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC_P0Xrs_SLxD7clsxMvDXE&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:37:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:37:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC_P0Xrs_SLxD7clsxMvDXE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1598782723.1694644678&jid=1535993018&_u=IEBAAEAAAAAAACAAI~&z=2046934213
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.4 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:37:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1598782723.1694644678&jid=1535993018&_u=IEBAAEAAAAAAACAAI~&z=2046934213
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:37:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
t.ssp.hinet.net/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=43be7e26-d680-4a57-a5c1-d579318138c0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:58 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
43be7e26-d680-4a57-a5c1-d579318138c0.t.ssp.hinet.net/ 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://43be7e26-d680-4a57-a5c1-d579318138c0.t.ssp.hinet.net/pixel?bd=43be7e26-d680-4a57-a5c1-d579318138c0&t=a546ca&referrer=%25%25%20referrer%20%25%25
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:59 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
bz
www.facebook.com/ajax/ Frame C6E2 		0
0
bz
www.facebook.com/ajax/ Frame C6E2 		0
0
float.js
s.trvdp.com/scripts/v5.827/ 		469 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.827/float.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-78.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
947ea0259f58d0d3fa8f9d6f87ba299d4cc4379be52886936c56f358da9a5787

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 16:29:00 GMT
content-encoding
gzip
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jul 2023 12:00:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
367739
etag
W/"6d4b82c5e77085c209494ce7e5eca2fa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
i1sbwIe6ONk_eVLVMuAb9mnRugN6iJGS7xJhW-lm0qYi_Jhu7QScfQ==
cors
rt.ad-score.com/score/ 		52 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=AU&l4=desktop&l5=5.827&cb=0.8521361980067248
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.827/float.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
174.216.208.35.bc.googleusercontent.com
Software
/
Resource Hash
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Sep 2023 22:37:59 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://reurl.cc
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
52
container.html
a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 549C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 22:37:58 GMT
expires
Thu, 12 Sep 2024 22:37:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CyZCZxjkCZaylEaO09fwPxNyGuAKj8Yn5cr_chq7dEMPmx5D4NhABINLMgRpgpdiTgJABoAHW77n2A8gBCeACAKgDAcgDywSqBL4CT9BlE7ichz3eUbDZefUYx78MgVzz1ycvBt7YmA0pmSrsfp-YJeK-HET1daSWDejZI2Qfag7rCeASfiIoNOXiPWQvV6OIes7fuYYPQLIJBq8B3-McwQzj0GUM0BywEpLqfB-mpNFTBZO8gTSTm08hnp3pT6DPFhGiftG_5hkc1Ar-9GKNPaHFX6lUShoWhzGLvrNnZp51ZSUsQdlc2wFa2jFavWjmU9DUop_LxObe-gMvMVSrLdnQnZEupXom5bqMcLGl5j09MFhxmEsj_b_DdKLkwFlrBpaauq_FnQBJRb1fEg_GL4I7KUrBf5I8aITjeRg9jM2ZHlDKdffSP0X8THue_ORoETmAo6gvd5GayBzwkV-d94glc1JWYVKf3GV6_xBInoTsuaiWL3uoqw_PKh-c9Cnrn2LXzb_kfDCwwATV0siXlQTgBAGIBc3x2aRGkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5KQxgmoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQh4MK0ggUCIBhEAEYHTICigI6AoBASL39wTqaCRhodHRwczovL3d3dy5hbGliYWJhLmNvbS-ACgPICwHaDBEKCxDQ7Kvb_pan59ABEgIBA9gTC9AVAZgWAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=eSruRY_Lbu0&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJW4rvqCkH197sZKBOJlEOwyE1CMQKFWJROUFEDrMuXHu0riC9M5klRfjnCH-7zlvXuVzzoqDu9umqAr-bNyL-YQo0Ve97rMhgB&template_id=494&nis=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 22:37:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 549C 		2 KB
975 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.74 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
ESF /
Resource Hash
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Sep 2023 22:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 20:52:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Sep 2023 22:37:59 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame 549C 		2 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 549C
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CyZCZxjkCZaylEaO09fwPxNyGuAKj8Yn5cr_chq7dEMPmx5D4NhABINLMgRpgpdiTgJABoAHW77n2A8gBCeACAKgDAcgDywSqBL4CT9BlE7ichz3eUbDZefUYx78MgVzz1ycvBt7YmA0p...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2edde4f3904c1390000000000000000%22,%222%22:%220x2cc33334daeb3f870000000000000000%22,%223%22:%220xa832eb7...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2edde4f3904c1390000000000000000%22,%222%22:%220x2cc33334daeb3f870000000000000000%22,%223%22:%220xa832eb733f33b6430000000000000000%22,%224%22:%220xf0d70dbf5d2c067c0000000000000000%22,%225%22:%220xfa5dd99bfd52d56f0000000000000000%22},%22debug_key%22:%222685474578863752314%22,%22debug_reporting%22:true,%22destination%22:%22https://alibaba.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221053718486%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229760589039714486753%22}&andc=true
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H3
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:00 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x2edde4f3904c1390000000000000000","2":"0x2cc33334daeb3f870000000000000000","3":"0xa832eb733f33b6430000000000000000","4":"0xf0d70dbf5d2c067c0000000000000000","5":"0xfa5dd99bfd52d56f0000000000000000"},"debug_key":"2685474578863752314","debug_reporting":true,"destination":"https://alibaba.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1053718486"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"9760589039714486753"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 22:38:00 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 13 Sep 2023 22:37:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2edde4f3904c1390000000000000000","2":"0x2cc33334daeb3f870000000000000000","3":"0xa832eb733f33b6430000000000000000","4":"0xf0d70dbf5d2c067c0000000000000000","5":"0xfa5dd99bfd52d56f0000000000000000"},"debug_key":"2685474578863752314","debug_reporting":true,"destination":"https://alibaba.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1053718486"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"9760589039714486753"}&andc=true
access-control-allow-origin
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/ Frame 549C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/abg_lite_fy2021.js
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame 549C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/window_focus_fy2021.js
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame 549C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 549C 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 22:37:59 GMT
1c0c92110fea9bdf1302b7cf16d857ac.js
www.gstatic.com/mysidia/ Frame 549C 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15112
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 00:15:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 19:43:15 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 549C 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQtTvDLjyecQnuM7E4ji_TkWZ7o4Y__whqTHPFH4__L_oMs9KE28-ua9E1ElQ&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
a45a9b5f85cf37148358c9c59f1a61fddd5626d493e20ab4074b27e1f614b88e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 15:56:56 GMT
x-content-type-options
nosniff
age
110463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36094
x-xss-protection
0
last-modified
Sat, 30 Sep 2023 03:43:02 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 11 Sep 2024 15:56:56 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 549C 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS_Bj2clIYNRMZzGjQ1TsGrqmWO7OHyucT2G9KlrhGnzx-Eu8dEwLvBtOsy6A&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
effd2fcad6c850f8a795002e4635fcb96c4ddc28737f41c8d5c931d33bc105e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 18:07:00 GMT
x-content-type-options
nosniff
age
361859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24348
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 01:26:47 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 08 Sep 2024 18:07:00 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 549C 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRrFUkqUhw4ELw5OcWuvZAATSaagGBJkz5JoXYchLChdnJdkz_qw5w9JKMWZA&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
b80219a642dcc8046dafaa546df0257ff089d96c3e240f1d00b520e019d20c5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 12:12:27 GMT
x-content-type-options
nosniff
age
469532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23753
x-xss-protection
0
last-modified
Fri, 27 Sep 2019 07:22:16 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 07 Sep 2024 12:12:27 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 549C 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSAKi0tuqFALektY2Hy04OKQVoW0v93uJ5mCOL1Xu36yN0sQVAwP4uvbDTMRw&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
sffe /
Resource Hash
3d7a4c1f3001c103fe0498e091be41cbbd42715796be427ed307d53ad5c46233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 19:27:14 GMT
x-content-type-options
nosniff
age
529845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15132
x-xss-protection
0
last-modified
Sun, 24 Sep 2023 03:52:08 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 06 Sep 2024 19:27:14 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 549C 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT0IBYTgSQIBgYLMc7HwReJ9u1I25ZwNXIF4HTU-KjA56uN-omnPWxTqXAJ2cM&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
69ed201ea565fbfb6b8667a25451afa638187a1e9953f1b2556df0b843c79372
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 17:50:20 GMT
x-content-type-options
nosniff
age
17259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21685
x-xss-protection
0
last-modified
Wed, 06 Sep 2023 03:30:57 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 12 Sep 2024 17:50:20 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 549C 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQGSFnJLyvqhEZ38a4LgkJK-gBLbiKdpDH283davIJrESU5ucFyL8nj1n9oag&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
548eb8ba3d9a0c8060d3a664683c05dabfca2fe127b148bbe1a5e15710c1fd7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 14:22:34 GMT
x-content-type-options
nosniff
age
461725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27150
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 02:31:25 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 07 Sep 2024 14:22:34 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 549C 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRtgCN-eb4AlimjNpZg3rKOorCrG6pr1E-LnF8zBsE0VQnlCKLoBLLfl3P0sw&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
32d01faca01fcddf8e4dc2c781b1c1b2ad2253288bc3f69dbcf655b09074e3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 01:59:20 GMT
x-content-type-options
nosniff
age
592719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34061
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 03:53:09 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 06 Sep 2024 01:59:20 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 549C 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTXHsp8j7s0d2eqCYQpa41V4Xx3DiMzMlo7_90wsjagS7is5yvaZDq9-p9cdA&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
sffe /
Resource Hash
f9a204f2807c0a6b602121827f675658aeb79379f60a144aff095fce04e066bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 22:34:44 GMT
x-content-type-options
nosniff
age
345795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20836
x-xss-protection
0
last-modified
Fri, 10 Dec 2021 01:31:52 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 08 Sep 2024 22:34:44 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 549C 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQMzno35dCud-qq3pVafGSKbvZQfsyHysbMQS5408HvWxeABig&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
300cd678581c1f04ad918b185f5e75f1b67944339b7e52b008dc8aea9f9f1dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 11:45:25 GMT
x-content-type-options
nosniff
age
384754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18500
x-xss-protection
0
last-modified
Wed, 17 Apr 2019 09:55:38 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 08 Sep 2024 11:45:25 GMT
truncated
/ Frame 549C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cfb4cc6a48948db13a4e89f69cd440da8fef4e4e1bbd6fc8d4b0d18a9599bb5b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
container.html
a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6BB2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 22:37:58 GMT
expires
Thu, 12 Sep 2024 22:37:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B911 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 22:37:58 GMT
expires
Thu, 12 Sep 2024 22:37:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9CC9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbYdo6HQblDWX444qygH9qGSMoU5pXmufSHcD69T8HuyTVOeaHUC_M7aBjrjulOFyF7zm7X-wPRhJnkrpTVVsZftBvtgG9ja0xqmlhgdDo9Ul_smOFqQnW4Zn9o0jUbn-VvYtzceL0W48FBKyfmI0vuI_DC0h-XBS-ipRZBULcg5CrryWNgoRBzISqdRS0BHHmBRAtYvnGX5i9kMERZsuQfqk9D3Nnljmj-gJixLQsfJsf7OUijLz6bGcsNNRFKCqyAGvNW2sGCSaZ-a3XJtAJnWTy9WpEix3ysNpfr02GjrXZ4XrWgIIvjSEItntOvOX2RltT705X63FVsSiWeijOE0uD5AM0qYo&sai=AMfl-YRqRFqimeutwxTyg9ZzpGlj3yQw0LSuUlzCDyK3n6jd4MFEXELw3qAEuHaDoH0bAQiBh2Kaw4O7a5lNbeTcJW_-jBdCpzd2jw4lh7yHkH5F3-SV55-NXgJcNzL145c8DuBNiQ-kGYFu7fKgzbk&sig=Cg0ArKJSzBeTYxYRZV8uEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 9CC9 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
deee99d9237a62175dd73f926937b73b43ff2d299162d4d3f8cae02296a8f885

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
HQWMcGU6N9KrfwUZpeJoaEhU8hyygoVL
date
Wed, 13 Sep 2023 22:37:26 GMT
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
last-modified
Fri, 18 Aug 2023 00:37:14 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
34
x-amz-server-side-encryption
AES256
etag
"765bc7e6ddd2b07161d6312a6db8df41"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6175
x-amz-cf-id
AfSW9lah8Mkwp8V59qCRFVC5F0E1NdIYAjJojSO3C6fEILND9lDoBg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9CC9 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 22:37:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4B27 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEzx3Rsv9BnR8ykaOieEx3Vtj0NxCNBRdRpfirJ0vjzVcMYjSBm9ci5ZsDvWCbnQ7WCqDnoaZr9S1bdvKoGWdTusZWc766IjR70cPs_IggkdapBF4rVx29hUef2e1V4IfOypizpvISek4HsMhGn8W5f843juSLvXix8hVZX0uqZ_Tb4tmgC2Hp1O9jwS2nxG2_47NpJnFsxYKh2ocrFyyOys1KxKqmuuTagQx8zfrhaOqMoLihX_Utv4aUpR11BeyjEsK-A9RHLbJxEZOIxHcVs5Jba5MWKZ1favfOiKDXMK39PBGFnSJR-EBrMtsDsYFEhFMk223CSBeTYOngh8oKbihuPj6ipC8&sai=AMfl-YRtDMAxers6lSTE6yPyILtjaWhh8ML3DUTAZGQey27JbEIhaE_aX7iqmeExTSgA6WGBGiF30PJxgyVfnV8WRHyWjQOccNsB6sljKun3raZeFdPZZFT4c2p4kf87tg3la7_cc5xk8HpQeJkfuNk&sig=Cg0ArKJSzNJE9pMQWr-NEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 4B27 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
deee99d9237a62175dd73f926937b73b43ff2d299162d4d3f8cae02296a8f885

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
HQWMcGU6N9KrfwUZpeJoaEhU8hyygoVL
date
Wed, 13 Sep 2023 22:37:26 GMT
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
last-modified
Fri, 18 Aug 2023 00:37:14 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
34
x-amz-server-side-encryption
AES256
etag
"765bc7e6ddd2b07161d6312a6db8df41"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6175
x-amz-cf-id
xMlLUWEEhmKS2_5HPx2S2ZLMPlbJaR9PEIp7eBCX2oSXClztp0lUgw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B27 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 22:37:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVlIAxjkCZa2lEaO09fwPxNyGuAKj8Yn5cr_chq7dEMPmx5D4NhABINLMgRpgpdiTgJABoAHW77n2A8gBCeACAKgDAcgDywSqBMUCT9DaozwGwGaS55KsE-g4EJ9BYpNjXYrHdBxb806kq6aOhtJ7r16kVBAnf7jBkwqz9WnteiRdJb-TTm2seO5YO8XKAzFB12LB6eZeY6oFyIn-ZvwYzt_FP0qMlyFhKc8E5HrFVDiC8oNASMr24WJElqkSdqUHHf5bDTx06dn3v-bwWN8ZxnxmeO-jyNjAb6Oya66jOuinlU-YduaPI3Smqxxi8uMRyWcN0sab4g4IIiOZPom8-vkA-hcIQ93w4In8nK7KKwLbE9xpLaW9p-rRO9W8sPgPDO7Oz2I-UONClB3QhwSxdSJki6aIxtkgoFIXtWiIO4eG02BA1_2icUxyzJhb0HSPl2H0tW-4S1yg7rqC0B5n4LLwJqUisKbv7niR_js3iWUTKyteMi3HzEb86jnDnTqdjpPxbnidziP7J7hIiXRizcAE1dLIl5UE4AQBiAXN8dmkRpIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeSkMYJqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEIKRAdIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkYaHR0cHM6Ly93d3cuYWxpYmFiYS5jb20vgAoDyAsB2gwRCgsQgN6A6PL415DQARICAQPYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=Dlkq81WhOuU&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJW4rvqCkH197sZKBOJlEOwyE1CMQKFWJROUFEDrMuXHu0riC9M5klRfjnCH-7zlvXuVzzoqDu9umqAr-bNyL-YQo0Ve97rMhgB&template_id=494&nis=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 22:37:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 6BB2 		2 KB
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.74 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
ESF /
Resource Hash
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Sep 2023 22:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 20:53:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Sep 2023 22:37:59 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame 6BB2 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 6BB2
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CVlIAxjkCZa2lEaO09fwPxNyGuAKj8Yn5cr_chq7dEMPmx5D4NhABINLMgRpgpdiTgJABoAHW77n2A8gBCeACAKgDAcgDywSqBMUCT9DaozwGwGaS55KsE-g4EJ9BYpNjXYrHdBxb806k...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2edde4f3904c1390000000000000000%22,%222%22:%220x2cc33334daeb3f870000000000000000%22,%223%22:%220xa832eb7...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2edde4f3904c1390000000000000000%22,%222%22:%220x2cc33334daeb3f870000000000000000%22,%223%22:%220xa832eb733f33b6430000000000000000%22,%224%22:%220xf0d70dbf5d2c067c0000000000000000%22,%225%22:%220xfa5dd99bfd52d56f0000000000000000%22},%22debug_key%22:%221116328419291835565%22,%22debug_reporting%22:true,%22destination%22:%22https://alibaba.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221053718486%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229684307829924590961%22}&andc=true
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H3
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:00 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x2edde4f3904c1390000000000000000","2":"0x2cc33334daeb3f870000000000000000","3":"0xa832eb733f33b6430000000000000000","4":"0xf0d70dbf5d2c067c0000000000000000","5":"0xfa5dd99bfd52d56f0000000000000000"},"debug_key":"1116328419291835565","debug_reporting":true,"destination":"https://alibaba.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1053718486"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"9684307829924590961"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 22:38:00 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 13 Sep 2023 22:37:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2edde4f3904c1390000000000000000","2":"0x2cc33334daeb3f870000000000000000","3":"0xa832eb733f33b6430000000000000000","4":"0xf0d70dbf5d2c067c0000000000000000","5":"0xfa5dd99bfd52d56f0000000000000000"},"debug_key":"1116328419291835565","debug_reporting":true,"destination":"https://alibaba.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1053718486"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"9684307829924590961"}&andc=true
access-control-allow-origin
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/ Frame 6BB2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/abg_lite_fy2021.js
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame 6BB2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/window_focus_fy2021.js
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame 6BB2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6BB2 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 22:37:59 GMT
1c0c92110fea9bdf1302b7cf16d857ac.js
www.gstatic.com/mysidia/ Frame 6BB2 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15112
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 00:15:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 19:43:15 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 6BB2 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS_Bj2clIYNRMZzGjQ1TsGrqmWO7OHyucT2G9KlrhGnzx-Eu8dEwLvBtOsy6A&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
effd2fcad6c850f8a795002e4635fcb96c4ddc28737f41c8d5c931d33bc105e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 18:07:00 GMT
x-content-type-options
nosniff
age
361859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24348
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 01:26:47 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 08 Sep 2024 18:07:00 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 6BB2 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQGSFnJLyvqhEZ38a4LgkJK-gBLbiKdpDH283davIJrESU5ucFyL8nj1n9oag&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
548eb8ba3d9a0c8060d3a664683c05dabfca2fe127b148bbe1a5e15710c1fd7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 14:22:34 GMT
x-content-type-options
nosniff
age
461725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27150
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 02:31:25 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 07 Sep 2024 14:22:34 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 6BB2 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQMzno35dCud-qq3pVafGSKbvZQfsyHysbMQS5408HvWxeABig&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
300cd678581c1f04ad918b185f5e75f1b67944339b7e52b008dc8aea9f9f1dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 11:45:25 GMT
x-content-type-options
nosniff
age
384754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18500
x-xss-protection
0
last-modified
Wed, 17 Apr 2019 09:55:38 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 08 Sep 2024 11:45:25 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIV4_xjkCZa6lEaO09fwPxNyGuAKj8Yn5cr_chq7dEMPmx5D4NhABINLMgRpgpdiTgJABoAHW77n2A8gBCeACAKgDAcgDywSqBMUCT9Ci_xV2nnjPvUveqA20zGNoK-YGhtzrh--CwYmL5QkIW7xGm_yyqr7YWrrwlYLM4AmZKYQWeyB2God-_m4lOJdxeTNDqJqoK2Cnyhbj3O7hb77Zvugs41yn-OaOGg3jFxQnvTax7Bbcu74TxK_hIs5KwiTQOML0015uyDaHN7GFyLWF2TAuXtB6FPK_YnGTgGoN0PrumglYj8nSoaMXWZeuMd8W72saQIdzN34uEh6uRken-uqIPoT5-f0ekBYPydpbELVf6_8ifLKJXO6xW7gxYKCR1mZ7dh8N_wiAcDHpQ_eVVlzOR3OVr39no2nfLCp3ufYNdcYzwwrb3_Xcw2hWv9ozckEvmo7usLO7DHWJH74wavs1g8ZN5G0kE8f0JiEjhdpNDoG0ZG4CsDeWlfIwes5ewsG7c8yBfbyMy1xF5ZGDpMAE1dLIl5UE4AQBiAXN8dmkRpIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeSkMYJqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEK_eD9IIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkYaHR0cHM6Ly93d3cuYWxpYmFiYS5jb20vgAoDyAsB2gwQCgoQ8PSRgITmi8lHEgIBA9gTC9AVAZgWAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=DrCz_7qxZVk&uach_m=[UACH]&ase=2&cid=CAQSSwBpAlJW4rvqCkH197sZKBOJlEOwyE1CMQKFWJROUFEDrMuXHu0riC9M5klRfjnCH-7zlvXuVzzoqDu9umqAr-bNyL-YQo0Ve97rMhgB&template_id=494&nis=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 22:37:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame B911 		2 KB
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.74 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
ESF /
Resource Hash
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Sep 2023 22:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 20:58:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Sep 2023 22:37:59 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame B911 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame B911
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CIV4_xjkCZa6lEaO09fwPxNyGuAKj8Yn5cr_chq7dEMPmx5D4NhABINLMgRpgpdiTgJABoAHW77n2A8gBCeACAKgDAcgDywSqBMUCT9Ci_xV2nnjPvUveqA20zGNoK-YGhtzrh--CwYmL...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2edde4f3904c1390000000000000000%22,%222%22:%220x2cc33334daeb3f870000000000000000%22,%223%22:%220xa832eb7...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2edde4f3904c1390000000000000000%22,%222%22:%220x2cc33334daeb3f870000000000000000%22,%223%22:%220xa832eb733f33b6430000000000000000%22,%224%22:%220xf0d70dbf5d2c067c0000000000000000%22,%225%22:%220xfa5dd99bfd52d56f0000000000000000%22},%22debug_key%22:%227147018001218390677%22,%22debug_reporting%22:true,%22destination%22:%22https://alibaba.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221053718486%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213535001571018700625%22}&andc=true
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:00 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x2edde4f3904c1390000000000000000","2":"0x2cc33334daeb3f870000000000000000","3":"0xa832eb733f33b6430000000000000000","4":"0xf0d70dbf5d2c067c0000000000000000","5":"0xfa5dd99bfd52d56f0000000000000000"},"debug_key":"7147018001218390677","debug_reporting":true,"destination":"https://alibaba.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1053718486"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"13535001571018700625"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 22:38:00 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 13 Sep 2023 22:37:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2edde4f3904c1390000000000000000","2":"0x2cc33334daeb3f870000000000000000","3":"0xa832eb733f33b6430000000000000000","4":"0xf0d70dbf5d2c067c0000000000000000","5":"0xfa5dd99bfd52d56f0000000000000000"},"debug_key":"7147018001218390677","debug_reporting":true,"destination":"https://alibaba.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1053718486"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"13535001571018700625"}&andc=true
access-control-allow-origin
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/ Frame B911 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/abg_lite_fy2021.js
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame B911 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/window_focus_fy2021.js
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame B911 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B911 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 22:37:59 GMT
1c0c92110fea9bdf1302b7cf16d857ac.js
www.gstatic.com/mysidia/ Frame B911 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15112
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 00:15:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 19:43:15 GMT
syncframe
gum.criteo.com/ Frame AB07 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 22:37:59 GMT
server
Kestrel
server-processing-duration-in-ticks
298667
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
shopping
encrypted-tbn1.gstatic.com/ Frame B911 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRc7DrewqJumkWQDWd1eYLWXEFTFN3ivqpaeMhGLBwRAbt7QGFPQhSE-d3_ROc&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
sffe /
Resource Hash
c08aeac368d957e1527a16613b794ec12eb868fb14c24b06033688529f48c4ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 20:19:31 GMT
x-content-type-options
nosniff
age
353908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12658
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 11:03:13 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 08 Sep 2024 20:19:31 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame B911 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSAKi0tuqFALektY2Hy04OKQVoW0v93uJ5mCOL1Xu36yN0sQVAwP4uvbDTMRw&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
sffe /
Resource Hash
3d7a4c1f3001c103fe0498e091be41cbbd42715796be427ed307d53ad5c46233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 19:27:14 GMT
x-content-type-options
nosniff
age
529845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15132
x-xss-protection
0
last-modified
Sun, 24 Sep 2023 03:52:08 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 06 Sep 2024 19:27:14 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame B911 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQtTvDLjyecQnuM7E4ji_TkWZ7o4Y__whqTHPFH4__L_oMs9KE28-ua9E1ElQ&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
a45a9b5f85cf37148358c9c59f1a61fddd5626d493e20ab4074b27e1f614b88e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 15:56:56 GMT
x-content-type-options
nosniff
age
110463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36094
x-xss-protection
0
last-modified
Sat, 30 Sep 2023 03:43:02 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 11 Sep 2024 15:56:56 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame B911 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQMzno35dCud-qq3pVafGSKbvZQfsyHysbMQS5408HvWxeABig&usqp=CAI
Requested by
Host: a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
URL: https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
300cd678581c1f04ad918b185f5e75f1b67944339b7e52b008dc8aea9f9f1dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 11:45:25 GMT
x-content-type-options
nosniff
age
384754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18500
x-xss-protection
0
last-modified
Wed, 17 Apr 2019 09:55:38 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 08 Sep 2024 11:45:25 GMT
truncated
/ Frame 6BB2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02910a6547b9ef3630d962cf444c00b14ab0725a02e1f565961b175ef35fdee1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B911 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b3e59d2b97a03848e6cc4e7af6dd19b20f97a4a7b3c157864fb09bac3cbad86

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 94CD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db63e163735fd56abdd87ed52aa9bba9b7a1aec241b9b3679c6f4451fb04fe54

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 94CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKvtftpnS6Y0OhLeyNbn3MHswwEscLCpJTuXT3SDFjINApZfdJOrJrmXM2pQ4MisFPmiKnNtZyZDD8-d2FBppjfaUxtrhnK6g93if5t8Y6lgfYURaTMR00dmbROKJ13GAX4ekAcuTslnrPoc6ht13OK89vs7CJxFjTgHkAbRt_npmyHGxjc82RZdX7qJvI_DBp-YgvxT6fDXbacPteVNo8rGna6BKRHsBBa5r-9yDnxhQjE5ByASma7KcO7gGmCDf5QLmZCZg-SkEcRNYg_rBBIY5a4pwQm3Td4zgcw50daUPSCQGC4fQI7hiI_e7BIVL5frhYkxmgYAmIzXG2V3erVSrp6f9d&sai=AMfl-YQxuxeBLOqqjHXKn1gZM44-Yo1DlqsVL_ONbn27AoDkLeMjnngrDkE_e_SEGc-uLwRTmoEGthqdFi952OZFAitVDbTbPE9pC89QbQTgz_61MxwBLXAsIuQULSmgRE6zte_0QlSnxi7-4KkjoKeh&sig=Cg0ArKJSzGo5Z6QityT4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 22:37:59 GMT
truncated
/ Frame 4B27 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aafa0e373fa1ef982b2445694d9dfc118316a7ef017e73a4f3005569f4dcb892

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9CC9 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3a007704a5a30da7ba07c29485b9c8d076e802b203db0d899c90e52c762be69

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
capmapping.htm
cdn.holmesmind.com/js/ Frame A0FA 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3883c7cf17a384ac10b612a2f0f52b1f2a805b929fe1f4927a138bfefba6bab1

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
11
content-length
8743
content-type
text/html
date
Wed, 13 Sep 2023 22:37:49 GMT
etag
"13b071589ab65dddb11f1622d53b9385"
last-modified
Thu, 27 Jul 2023 03:11:36 GMT
server
AmazonS3
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
x-amz-cf-id
S0QZ7qrj64a2iUAI2U52-5OO1JMUYd8LDYviRSwT5M9CWTlXskBkeg==
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
vx257VoAWJaQJ9t62NgrKIzFJbLG_bgN
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 732D 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20230627
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
BrBzVPgl9QuaFlQ2fdbO_4X6SOkoctOm
date
Wed, 13 Sep 2023 22:37:07 GMT
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 02:43:06 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
59
x-amz-server-side-encryption
AES256
etag
"6cb998b36618c683768049fa1b914a4e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8036
x-amz-cf-id
SLM9Hs2Zxp5XHTaDiAdYdeu9ryonQ8TarWGnsxRLV4Pn-0mnUvmpYA==
capmapping.htm
cdn.holmesmind.com/js/ Frame FA9D 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3883c7cf17a384ac10b612a2f0f52b1f2a805b929fe1f4927a138bfefba6bab1

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
11
content-length
8743
content-type
text/html
date
Wed, 13 Sep 2023 22:37:49 GMT
etag
"13b071589ab65dddb11f1622d53b9385"
last-modified
Thu, 27 Jul 2023 03:11:36 GMT
server
AmazonS3
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
x-amz-cf-id
s2I_KHsxRYIq--ShI0QheEZNagWPIR-i6b4SLM2Z3TzyrkaKJ-pfTg==
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
vx257VoAWJaQJ9t62NgrKIzFJbLG_bgN
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 236C 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20230627
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
BrBzVPgl9QuaFlQ2fdbO_4X6SOkoctOm
date
Wed, 13 Sep 2023 22:37:07 GMT
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 02:43:06 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
59
x-amz-server-side-encryption
AES256
etag
"6cb998b36618c683768049fa1b914a4e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8036
x-amz-cf-id
VPPNfo65eiufJJLbN5geVohBT88XCElB5OK8TPj2hRWoE-LpS2uuKQ==
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6BB2 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:41:16 GMT
x-content-type-options
nosniff
age
179804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Sep 2024 20:41:16 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 549C 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:41:16 GMT
x-content-type-options
nosniff
age
179804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Sep 2024 20:41:16 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B911 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:41:16 GMT
x-content-type-options
nosniff
age
179804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Sep 2024 20:41:16 GMT
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 9B4C 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
413994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 03:38:06 GMT
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 079F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
413994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 03:38:06 GMT
/
cm.lndata.com/ Frame A0FA 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 13 Sep 2023 22:38:00 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 6F91 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.231.167 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-231-167.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 22:38:00 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 0CDE 		0
0
cm.js
fcm2.holmesmind.com/ Frame A0FA 		409 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.95.87.91 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-87-91.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Sep 2023 22:38:00 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
utag.js
t.ssp.hinet.net/ Frame A0FA 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:37:59 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 13 Sep 2023 22:47:59 GMT
fp
cm-dev-poc.holmesmind.com/ Frame A0FA 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.231.167 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-231-167.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:00 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame A0FA
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:01 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

date
Wed, 13 Sep 2023 22:38:01 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-type
text/html; charset=UTF-8
location
https://c.holmesmind.com/cm?tc=getIn&
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
prtct.php
stg.truvidplayer.com/v5.827/ Frame 41F3 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/v5.827/prtct.php?val=f&geo=AU&timestamp=1694644680&level=0
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.827/float.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-18.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 22:38:00 GMT
server
nginx
via
1.1 5e473a5e64c6a2f7bc916721cc188252.cloudfront.net (CloudFront)
x-amz-cf-id
PegP_r32K_-jjpSF9fEa5NryVFijWN_gM2jqeR3eVTCwI0JSlUABQA==
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
/
cm.lndata.com/ Frame FA9D 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 13 Sep 2023 22:38:00 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame FA9D 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.231.167 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-231-167.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:00 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame FA9D
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:01 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Wed, 13 Sep 2023 22:38:01 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame 0DEC 		0
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.231.167 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-231-167.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 22:38:00 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 3DC2 		39 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 22:38:02 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
cm.js
fcm2.holmesmind.com/ Frame FA9D 		409 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.95.87.91 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-87-91.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Sep 2023 22:38:00 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame 732D 		1 KB
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.186.83 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-186-83.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
481d86a73487c4edc6e1edeb26433134874e6c51a00c894d18ab7887e209ddfe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 13 Sep 2023 22:38:00 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame 236C 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14209
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.186.83 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-186-83.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
63039c4912373687e04abf24fca02ada5059e1dc790b106d8c67a9731d5a2355

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 13 Sep 2023 22:38:00 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
t.ssp.hinet.net/ Frame A0FA 		36 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
b81d13ed96ab027f7c9478ea04c59d37f202c828e310a5307d7da9870155d93c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:00 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2edde4f3904c1390000000000000000%22,%222%22:%220x2cc33334daeb3f870000000000000000%22,%223%22:%220xa832eb733f33b6430000000000000000%22,%224%22:%220xf0d70dbf5d2c067c0000000000000000%22,%225%22:%220xfa5dd99bfd52d56f0000000000000000%22},%22debug_key%22:%221116328419291835565%22,%22debug_reporting%22:true,%22destination%22:%22https://alibaba.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221053718486%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229684307829924590961%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 22:38:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2edde4f3904c1390000000000000000%22,%222%22:%220x2cc33334daeb3f870000000000000000%22,%223%22:%220xa832eb733f33b6430000000000000000%22,%224%22:%220xf0d70dbf5d2c067c0000000000000000%22,%225%22:%220xfa5dd99bfd52d56f0000000000000000%22},%22debug_key%22:%227147018001218390677%22,%22debug_reporting%22:true,%22destination%22:%22https://alibaba.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221053718486%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213535001571018700625%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 22:38:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2edde4f3904c1390000000000000000%22,%222%22:%220x2cc33334daeb3f870000000000000000%22,%223%22:%220xa832eb733f33b6430000000000000000%22,%224%22:%220xf0d70dbf5d2c067c0000000000000000%22,%225%22:%220xfa5dd99bfd52d56f0000000000000000%22},%22debug_key%22:%222685474578863752314%22,%22debug_reporting%22:true,%22destination%22:%22https://alibaba.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221053718486%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229760589039714486753%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 22:38:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads.js
ad.holmesmind.com/adserver/ Frame 732D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FQz7Rv0&n=453&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=152-aLWJuARIHczMwAtz02te1uFTKNAxZGGQ&fp_uuid=0152-6b5a1edd7eb3d220d7f0a442936f6d5ee0f1dea873e53bbcde026cf5c9eb9bd5&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.186.83 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-186-83.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
62112ced3e18d71cadb684d5825bb832ec33f8676cac9e7c34c0ad0db7ada25d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 13 Sep 2023 22:38:00 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 732D 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Wed, 13 Sep 2023 22:37:45 GMT
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
18
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
lMOKLBmehj-GbAUqo3frxrD_3eGh3ubDepTyY5fP4XE1hYVXHE8TQw==
publishertag.js
static.criteo.net/js/ld/ Frame 732D 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
38a0aae3e351883b880772b578e96063ee338cad05522ce9fa53686d868e4eba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-1ffad"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 14 Sep 2023 22:38:00 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 732D 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Wed, 13 Sep 2023 22:37:48 GMT
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
13
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
ypJjq6AfWL7Zuu-oSeJ4ljAQfFrI_Mo09wa6JYsUzXNLCtoXgREkIA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 732D 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5db43dfc18e22f338047eb4393993f313139c7a1a6854f137b07b2b387c97cfa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
QDDkZ0Y9wB3QqsNSDoyIsF7zIuG1Itaj
date
Wed, 13 Sep 2023 22:37:48 GMT
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:28:24 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
13
x-amz-server-side-encryption
AES256
etag
"990b529c50a92c18cd5337f5f2a1d611"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4532
x-amz-cf-id
725xbGhRqOAW907JAq0-KTYCmZcli5BYh-68HX7zRijULNU24wWIaw==
appierV2.js
cdn.holmesmind.com/js/ Frame 732D 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
DuL3NqcSAWlg9.9pH8H17Ba3odTimTvK
date
Wed, 13 Sep 2023 22:37:13 GMT
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:28:17 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
54
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
ggYI2X9ZFJ649UN9dcZq2EVdWpqCtyFWQJN-FUL-G8B8oiwBsqrz4w==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 732D 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd0366660d2837d11ab498b4adbca774d02854cbb182aaba77f5bc96075df9fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
YYuAhwhSx_GsTeUJoqJMc_2F0T8dyIho
date
Wed, 13 Sep 2023 22:37:29 GMT
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 09:16:38 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
32
x-amz-server-side-encryption
AES256
etag
"f06a16ff0c73f1550fb80377786b8f06"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6065
x-amz-cf-id
FptTlfWV1Z7mTqAo37TAS2F6h6Xi6Xb3SAFTCgXuCIc6q3pcVuFTag==
ads.js
ad.holmesmind.com/adserver/ Frame 236C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FQz7Rv0&n=767&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=152-aLWJuARIHczMwAtz02te1uFTKNAxZGGQ&fp_uuid=0152-6b5a1edd7eb3d220d7f0a442936f6d5ee0f1dea873e53bbcde026cf5c9eb9bd5&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.186.83 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-186-83.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3ee8f06eef7474a1f84fc4d84e3460755022c4d890275847f363982a3beab8b3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 13 Sep 2023 22:38:00 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 236C 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd0366660d2837d11ab498b4adbca774d02854cbb182aaba77f5bc96075df9fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
YYuAhwhSx_GsTeUJoqJMc_2F0T8dyIho
date
Wed, 13 Sep 2023 22:37:29 GMT
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 09:16:38 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
32
x-amz-server-side-encryption
AES256
etag
"f06a16ff0c73f1550fb80377786b8f06"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6065
x-amz-cf-id
RWLtffo-FjIShvuAPwIYeST2Eds4gu8Mx8igNdNgLWaqzGic0jeg_w==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 732D 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 13 Sep 2023 22:38:00 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 732D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5791452193869828
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
0bf7494826dca4943f79a274b6da4d3fea48063ff6f03e931cb62e16eadfe84c

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Wed, 13 Sep 2023 22:38:00 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame 732D
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=MJZHirCoARejLUH7yDkCZQ
2 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=MJZHirCoARejLUH7yDkCZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:00 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 13 Sep 2023 22:38:00 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=MJZHirCoARejLUH7yDkCZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 732D
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=6KtNIYRKDHC4tBbcyDkCZQ
2 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=6KtNIYRKDHC4tBbcyDkCZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:00 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 13 Sep 2023 22:38:00 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=6KtNIYRKDHC4tBbcyDkCZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 236C
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Jp1iD6wqDm6Pws0ByDkCZQ
2 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Jp1iD6wqDm6Pws0ByDkCZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:00 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 13 Sep 2023 22:38:00 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Jp1iD6wqDm6Pws0ByDkCZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 236C
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=O0RysTGPC-2-9UVJyDkCZQ
2 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=O0RysTGPC-2-9UVJyDkCZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:00 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Wed, 13 Sep 2023 22:38:00 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=O0RysTGPC-2-9UVJyDkCZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
fbevents.js
connect.facebook.net/en_US/ Frame A0FA 		193 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
1e67ae65bdc6df3d474fb6c5636258e6d130fb30a3b526578c7c12188c1e6b6f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 13 Sep 2023 22:38:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52125
x-xss-protection
0
pragma
public
x-fb-debug
AWQHg5l9h1jMGwLHoD8KGPpc9LqD4YrRrkTAM9vYgexHXidBPGb/c8Wo/BssD6zwkB2AQG+mefGUH7gCj6Rh9Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame FA9D 		193 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
1e67ae65bdc6df3d474fb6c5636258e6d130fb30a3b526578c7c12188c1e6b6f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 13 Sep 2023 22:38:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52125
x-xss-protection
0
pragma
public
x-fb-debug
AWQHg5l9h1jMGwLHoD8KGPpc9LqD4YrRrkTAM9vYgexHXidBPGb/c8Wo/BssD6zwkB2AQG+mefGUH7gCj6Rh9Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 8B91 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
413994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 03:38:06 GMT
utag.js
t.ssp.hinet.net/ Frame 732D 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:00 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 13 Sep 2023 22:48:00 GMT
utag.js
t.ssp.hinet.net/ Frame 236C 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:00 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Wed, 13 Sep 2023 22:48:00 GMT
json
gum.criteo.com/sid/ Frame AB07 		441 B
560 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
d1734ee2b4f1de1b2acfe90034bcee1d7f3b720aa1a8b0827de898fa3723313b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1511580
expires
0
drawV2.js
cdn.holmesmind.com/js/ Frame 732D 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FQz7Rv0&n=453&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=152-aLWJuARIHczMwAtz02te1uFTKNAxZGGQ&fp_uuid=0152-6b5a1edd7eb3d220d7f0a442936f6d5ee0f1dea873e53bbcde026cf5c9eb9bd5&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
163861ba1f99a5f399021588724bc0930e9de7f7dea9c4a5d8d06e03f169f30c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
O7sZGT0knnzygQhuPzTFxlRFCbP1u_sa
date
Wed, 13 Sep 2023 22:37:29 GMT
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
31
x-amz-server-side-encryption
AES256
etag
"5605cb8cc8a95ce9c39d43b26ce2823b"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8980
x-amz-cf-id
DQVwZZXRusMX0TdN7jfN1Arl9jkQA_ttDjyhVK12pSEG1dWNAYVHvQ==
drawV2.js
cdn.holmesmind.com/js/ Frame 236C 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FQz7Rv0&n=767&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=152-aLWJuARIHczMwAtz02te1uFTKNAxZGGQ&fp_uuid=0152-6b5a1edd7eb3d220d7f0a442936f6d5ee0f1dea873e53bbcde026cf5c9eb9bd5&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
163861ba1f99a5f399021588724bc0930e9de7f7dea9c4a5d8d06e03f169f30c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id
O7sZGT0knnzygQhuPzTFxlRFCbP1u_sa
date
Wed, 13 Sep 2023 22:37:29 GMT
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
31
x-amz-server-side-encryption
AES256
etag
"5605cb8cc8a95ce9c39d43b26ce2823b"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8980
x-amz-cf-id
NetrJ-6IVkXKOUhcVNZ4ofPC7weGVeYfyDSi7PyUhncpDIxsfSrEWQ==
activeview
pagead2.googlesyndication.com/pcs/ Frame 94CD 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssT-HkV0arJyeWv7DAEVUf5q8J0O-2HUFlFPTyw_WEXzhxO6hnXnfk-RX-TFmI4VVUnAMz0EzSdVJK1nwhF7vJVjnBkDCKcRGcqEjv-fKVjzEWlwDuuWQeK50S2QXr4&sig=Cg0ArKJSzN7WV36CK0ysEAE&id=lidar2&mcvt=1000&p=1180,1599,1181,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230911&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694644678661&rpt=809&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cdb
bidder.criteo.com/ Frame 732D 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=141&profileId=184&cb=28496082135
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 13 Sep 2023 22:38:00 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
/
t.ssp.hinet.net/ Frame 732D 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
b81d13ed96ab027f7c9478ea04c59d37f202c828e310a5307d7da9870155d93c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:00 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
activeview
pagead2.googlesyndication.com/pcs/ Frame 6BB2 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst795mGg-9LIDsUp9WD1aEEJ-MEpfNmf5ZZx-20GHrBox2WPOCPP6sDQHiXMXWxhADbL7cGsK7UCJS5SNECQ7eesKMdqwJJn0smOPxOJLmCFF1eOR7EjUHboahYAqUmMTo-xaChRiJonQ&sai=AMfl-YQaSVmBIw5FlICyfeMjUM54EKbUv0tYl9pHeyCo9VodWvbxRVf4-FtMz7yVS3kBiuOSRrSJOzpqXrEDqe4X6cBlizo5B4NAj7Znt2NwKLEkbnnG5up6ChIUJb43n6LNPUs7hsBed8f1TiWB&sig=Cg0ArKJSzIOxu3x25jFwEAE&cid=CAQSSwBpAlJW4rvqCkH197sZKBOJlEOwyE1CMQKFWJROUFEDrMuXHu0riC9M5klRfjnCH-7zlvXuVzzoqDu9umqAr-bNyL-YQo0Ve97rMhgB&id=lidar2&mcvt=1000&p=108,1030,358,1330&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1451399479&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694644679216&rpt=519&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 549C 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslE76GPSSK1P66-6XI7C5xdL7a1_hNAj_ryEqiJychlW6gFMAuSkn_dcFKerIWDqXFdcQfFoRnAfyNkaQGJTf5cip_GoyH4rAMIKXG6vKC7RCX_VDeqv1pCSFGbCrWzhiRnmqT1M2MwQ&sai=AMfl-YTdGvYCx46IeGpE9Iu8MI-kiYs1w1FTZ1lT43tbPx5nAt0JSSX5pB_H-2kvXonhPssUbXbVFannsnX7FwxqTPgPSGhFK7GGHvCxLUwCm1rOI99b_TRJwHyyCQS7lhxAUz233pzHPtmzPWkU&sig=Cg0ArKJSzESespxdJNCKEAE&cid=CAQSSwBpAlJW4rvqCkH197sZKBOJlEOwyE1CMQKFWJROUFEDrMuXHu0riC9M5klRfjnCH-7zlvXuVzzoqDu9umqAr-bNyL-YQo0Ve97rMhgB&id=lidar2&mcvt=1006&p=548,315,638,1285&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=81851380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694644679128&rpt=618&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5083 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
144ea412f47f412585e014309750002d7398c73b8dc933b490448b92462613aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29286
x-xss-protection
0
server
cafe
etag
301 / 19613 / 31077786 / config-hash: 14807541374439129751
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 22:38:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6F8C 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
0e4824da4fe7179b4f6f6b3fe3f322792c501725f452865ba53b620262516a5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29254
x-xss-protection
0
server
cafe
etag
270 / 19613 / 31077785 / config-hash: 14807541374439129751
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 22:38:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B911 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubLC7GO-B59Jpff2ZVTQjSPt__Bb2JtCpvzJnr2akZ1Hd69kGpE17X9qUCE6Iao97D1_zZJG8PDiVsvv0DPBPRv5ovWK_WFUIVaiZMsyR5msSCzFhYicaWNqRSVGkGr8klKlYxRGUaNA&sai=AMfl-YTui_HPOQMY_ykvCacp4CZh47cKbMYqVw8Oyx0aEZLByqoqcIRIuij7R8ZZIDCoexTpsC76ztoPtKnFtFFGDqcIrNmPGKraTD9CS8TZzVVFRHXI2LEZIJD6oE1hLTwTZrgd4ct5rFpWQ6IP&sig=Cg0ArKJSzJf-rhA_gCILEAE&cid=CAQSSwBpAlJW4rvqCkH197sZKBOJlEOwyE1CMQKFWJROUFEDrMuXHu0riC9M5klRfjnCH-7zlvXuVzzoqDu9umqAr-bNyL-YQo0Ve97rMhgB&id=lidar2&mcvt=1000&p=108,270,358,570&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=827794272&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694644679244&rpt=980&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/ Frame 5083 		408 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
7aefa7a735322bc937d004ffb976c57e6f187d12547bdd5b755251412393c075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 10:37:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
43260
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131712
x-xss-protection
0
server
cafe
etag
7905716078372049509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 12 Sep 2024 10:37:01 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 5083 		124 KB
40 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1211786465246&correlator=2124315120383666&eid=31077786%2C31077189&output=ldjh&gdfp_req=1&vrg=202309110101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D218df0ac5721e62b%3AT%3D1694644678%3ART%3D1694644678%3AS%3DALNI_MZMvlN351_ODXoUowbrUmfT-HbQFA&gpic=UID%3D00000c44aea0d5ac%3AT%3D1694644678%3ART%3D1694644678%3AS%3DALNI_MYESTAAGZSuSh3QMAAjn3wz51zxFA&abxe=1&dt=1694644681342&lmt=1694615881&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=16nh5r8315qf&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Freurl.cc%2FQz7Rv0&ref=https%3A%2F%2Freurl.cc%2FQz7Rv0&top=https%3A%2F%2Freurl.cc%2FQz7Rv0&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1598782723.1694644678&ga_sid=1694644681&ga_hid=2078570823&ga_fc=true&dlt=1694644681049&idt=275&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
d67deefc0fca4e854e1467fa830d59d3d4d0b0b906c7253adcb64e5f9ea2aeac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40438
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5083 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
2c8536c5c09790f5d9749eb0e53d8c1004e2b2cdb2aebb8c83516f91e7516de0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11867
x-xss-protection
0
container.html
9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7963 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 22:38:01 GMT
expires
Thu, 12 Sep 2024 22:38:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/ Frame 6F8C 		407 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js?cb=31077785
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
cdfaa72b458fb25ea103ecf2d40e5e253f76bda53575d8ff1fa3cc74be9188d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 10:37:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
43231
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131482
x-xss-protection
0
server
cafe
etag
16108570608941028100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 12 Sep 2024 10:37:30 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5083 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Sep 2023 22:38:01 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 6F8C 		57 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1820490842532225&correlator=3261942656490748&eid=31077785%2C31077189&output=ldjh&gdfp_req=1&vrg=202309070101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14209-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%7C300x100&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D218df0ac5721e62b%3AT%3D1694644678%3ART%3D1694644678%3AS%3DALNI_MZMvlN351_ODXoUowbrUmfT-HbQFA&gpic=UID%3D00000c44aea0d5ac%3AT%3D1694644678%3ART%3D1694644678%3AS%3DALNI_MYESTAAGZSuSh3QMAAjn3wz51zxFA&abxe=1&dt=1694644681520&lmt=1694615881&adxs=640&adys=358&biw=1600&bih=1200&isw=320&ish=100&scr_x=0&scr_y=0&btvi=0&ucis=o0j7i9okljn2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Freurl.cc%2FQz7Rv0&ref=https%3A%2F%2Freurl.cc%2FQz7Rv0&top=https%3A%2F%2Freurl.cc%2FQz7Rv0&vis=1&psz=320x100&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=1598782723.1694644678&ga_sid=1694644682&ga_hid=1670148038&ga_fc=true&dlt=1694644681075&idt=426&adks=1212019568&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js?cb=31077785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
a0bb429ef51f6c9f599acd5f6670643ad1987c6680f43336340fa9d4c2bfacb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13544
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6F8C 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309070101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js?cb=31077785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
89bc86664fd5cf87cddec202aa1bf52f668344d436315aaefbcfb955a75f8c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11774
x-xss-protection
0
container.html
23d84046b8eacbd6e001adca02bfba47.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 182E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://23d84046b8eacbd6e001adca02bfba47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js?cb=31077785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 22:38:01 GMT
expires
Thu, 12 Sep 2024 22:38:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 13D5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
78443
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 00:50:38 GMT
expires
Thu, 12 Sep 2024 00:50:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1DB5 		829 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.4 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f4.1e100.net
Software
GSE /
Resource Hash
2bdd77031c12622ed4aeefa12872eb47d5bd1b1bf962c01ab1632ddd6f1a6a7c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JMFjqTDlbmO4jXiHFgNWXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-JMFjqTDlbmO4jXiHFgNWXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 22:38:01 GMT
expires
Wed, 13 Sep 2023 22:38:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 13D5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
413995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 03:38:06 GMT
events
bidder.criteo.com/csm/ Frame 732D 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Wed, 13 Sep 2023 22:38:01 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 732D 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 07 Sep 2024 22:38:01 GMT
pixel.gif
static.criteo.net/images/ Frame 732D 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:01 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 07 Sep 2024 22:38:01 GMT
generate_204
tpc.googlesyndication.com/ Frame 13D5 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1QD3jA
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 1DB5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309110101&jk=1211786465246&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6F8C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js?cb=31077785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Sep 2023 22:38:01 GMT
container.html
9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EDFB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js?cb=31077786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 22:38:01 GMT
expires
Thu, 12 Sep 2024 22:38:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8-OzyTkCZe6zGq-B9fwP88ytsA7WlJGrcYKl--OLDP_Ror3AARABINLMgRpgpdiTgJABoAGwuqHXA8gBCakCKtx0aBMBsj7gAgCoAwHIA8sEqgS-Ak_QVBPIPk86lMHt_Rfd3Lwplr8ZKk4s23SdbPviLKqkIkPU9meM1nm6RpnI9E5qcZ-qLyofKcZHvGacb_3qUeK3sIwKMOfF6EYnHm3By-cz0LfhZkuylOKNqEsd_fD2rJYCmX3TA1UiAq8ns8t2xb9kafUif6hqWAJh6b7lMhX-Weg8VjVsFBs8TA1KyebMN2Gk0ysp4U7BoCyWGE9sGJ4OhKuEzO0JmTb6EYUp7MA27knZDeMqgd01sDFJlAa38fa34doQvUzOIWSw1atUAxT7NtsEdF48A_TJI1drX7yT0irbD7lpLc3EaZQ4T_E0azvDpTgku04kb_ETUn7Qs-wblZIuLePAg78b2rAS4Md7asjxg9dIfq763oAbvb6AbUtJZ5fzdS_Lns5znZlD0LitHmRSdonEmg1PgEtXNcAEvd_TuqMD4AQBiAW6y5mWK5IFBAgEGAGSBQQIBRgEoAYugAfK2ptlqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEOCbDtIIFAiAYRABGB0yAooCOgKAQEi9_cE6mglAaHR0cHM6Ly93d3cua2F5YWsuY29tLmF1L3NlbWkvZ2RudGV4dC9mbGlnaHRfZ2VuZXJhbC9hbnkvZW4uaHRtbIAKA8gLAaIMDCoKCgjktLEC7rWxAtoMEAoKEJCVydby7Jq5CRICAQPYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=Bu76rNeu2Dk&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWUCJj8hjsBvZ0Xu6ScUhlqYTjSwQcxbBzkHKKvPgxrhPHuXWbfrwIRaEjFolojFHkp80xX4vOGAE&template_id=494&nis=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 22:38:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame EDFB 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Requested by
Host: 9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
URL: https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.74 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
ESF /
Resource Hash
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Sep 2023 22:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 20:52:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Sep 2023 22:38:02 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame EDFB
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C8-OzyTkCZe6zGq-B9fwP88ytsA7WlJGrcYKl--OLDP_Ror3AARABINLMgRpgpdiTgJABoAGwuqHXA8gBCakCKtx0aBMBsj7gAgCoAwHIA8sEqgS-Ak_QVBPIPk86lMHt_Rfd3Lwplr8Z...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb0ae2bfeaa4f68a0000000000000000%22,%222%22:%220x2ce036c6a37d3310000000000000000%22,%223%22:%220x352650b2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb0ae2bfeaa4f68a0000000000000000%22,%222%22:%220x2ce036c6a37d3310000000000000000%22,%223%22:%220x352650b29767329b0000000000000000%22,%224%22:%220x303ad3662a978d850000000000000000%22,%225%22:%220x8c2308b0460ebf2e0000000000000000%22},%22debug_key%22:%223806709610108942994%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.com.au%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224888067813414182913%22}&andc=true
Requested by
Host: 9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
URL: https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:02 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xb0ae2bfeaa4f68a0000000000000000","2":"0x2ce036c6a37d3310000000000000000","3":"0x352650b29767329b0000000000000000","4":"0x303ad3662a978d850000000000000000","5":"0x8c2308b0460ebf2e0000000000000000"},"debug_key":"3806709610108942994","debug_reporting":true,"destination":"https://kayak.com.au","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"4888067813414182913"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 22:38:02 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 13 Sep 2023 22:38:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xb0ae2bfeaa4f68a0000000000000000","2":"0x2ce036c6a37d3310000000000000000","3":"0x352650b29767329b0000000000000000","4":"0x303ad3662a978d850000000000000000","5":"0x8c2308b0460ebf2e0000000000000000"},"debug_key":"3806709610108942994","debug_reporting":true,"destination":"https://kayak.com.au","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["09-13"],"6":["true"]},"priority":"500","source_event_id":"4888067813414182913"}&andc=true
access-control-allow-origin
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/ Frame EDFB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/abg_lite_fy2021.js
Requested by
Host: 9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
URL: https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11622
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame EDFB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
URL: https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11622
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A8C8 		1 KB
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
URL: https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
63268
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 05:03:34 GMT
etag
48472445140208031
expires
Thu, 14 Sep 2023 05:03:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame EDFB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
URL: https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11622
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Sep 2023 19:24:20 GMT
l
www.google.com/ads/measurement/ Frame EDFB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9gKbzRRAMIKA5C7-bZ-RSMr2ONNii-HVA8CtNAmaXj36qIml7tn6xb8fAcNX80qeCPjQX1XDVj6pq7XXtFMFuFqNwdw
Requested by
Host: 9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
URL: https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.4 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EDFB 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
URL: https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.66 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f2.1e100.net
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 22:38:02 GMT
1c0c92110fea9bdf1302b7cf16d857ac.js
www.gstatic.com/mysidia/ Frame EDFB 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1c0c92110fea9bdf1302b7cf16d857ac.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
URL: https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15112
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 00:15:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 19:43:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A57B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
78444
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 00:50:38 GMT
expires
Thu, 12 Sep 2024 00:50:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2C13 		829 B
788 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.4 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f4.1e100.net
Software
GSE /
Resource Hash
3c0541cead57de4050976bdcf7f984b3aa006452950f18b2b9eae0d4a4b96904
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J8-x4YUdLFDyHToGtNPt0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-J8-x4YUdLFDyHToGtNPt0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 22:38:02 GMT
expires
Wed, 13 Sep 2023 22:38:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012308011702000/ Frame 2570 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js?cb=31077785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
99f677b776f38e190187a81ecd19deee8304efff910ad00ceec3c861c1afe7fa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:11:14 GMT
age
91608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62025
x-xss-protection
0
server
sffe
etag
"2e9edf8f2a89282d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:11:14 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 2570 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js?cb=31077785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:11:14 GMT
age
91608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5208
x-xss-protection
0
server
sffe
etag
"166738ad32285252"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:11:14 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 2570 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js?cb=31077785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:11:14 GMT
age
91608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28952
x-xss-protection
0
server
sffe
etag
"cfd252d60a6db402"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:11:14 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 2570 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js?cb=31077785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:11:14 GMT
age
91608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1920
x-xss-protection
0
server
sffe
etag
"a86a0dd8f4aab9b6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:11:14 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 2570 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js?cb=31077785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:11:14 GMT
age
91608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12942
x-xss-protection
0
server
sffe
etag
"02797982c4ca8b38"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:11:14 GMT
css
fonts.googleapis.com/ Frame 2570 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309070101/pubads_impl.js?cb=31077785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.74 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f10.1e100.net
Software
ESF /
Resource Hash
490a86743b3f4d20c7de11326b8bc265bddaa87a4202c74ef7aef9e2a39481bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Sep 2023 22:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:15:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Sep 2023 22:38:02 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2570 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:04:53 GMT
x-content-type-options
nosniff
server
cafe
age
12789
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Thu, 14 Sep 2023 19:04:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2570 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 07:00:24 GMT
x-content-type-options
nosniff
server
cafe
age
56258
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 14 Sep 2023 07:00:24 GMT
truncated
/ Frame EDFB 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/svg+xml
562616355818907787
tpc.googlesyndication.com/simgad/ Frame EDFB
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr6bKiUhCACBiACDIIJYu_i1lmA0E
  • https://tpc.googlesyndication.com/simgad/562616355818907787
8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/562616355818907787
Requested by
Host: 9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
URL: https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 17:19:51 GMT
x-content-type-options
nosniff
age
364691
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8502
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 12:51:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Sep 2024 17:19:51 GMT

Redirect headers

date
Wed, 13 Sep 2023 01:28:46 GMT
x-content-type-options
nosniff
server
cafe
age
76156
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/562616355818907787
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 13 Oct 2023 01:28:46 GMT
truncated
/ Frame 2570 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b09d35b36f731fd86c9e191c36f48b55ee878ca4f2f7bb727261257352d8798

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame A8C8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFdN5sfXMuOiYqYylM4O8Oo&google_cver=1&google_push=AXcoOmS2c4E37KLc72QNBNkr-YDaCc9LSxwXvYzAPilvO9p7beSb0wDTMo9LSxmksuzd7CB8CnJ__JvRUQWhapp9n0ZM6gCFdmsVw...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFdN5sfXMuOiYqYylM4O8Oo&google_cver=1&google_push=AXcoOmS2c4E37KLc72QNBNkr-YDaCc9LSxwXvYzAPilvO9p7beSb0wDTMo9LSxmksuzd7CB8CnJ__JvRUQWhapp9n0ZM6gCFdms...
43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFdN5sfXMuOiYqYylM4O8Oo&google_cver=1&google_push=AXcoOmS2c4E37KLc72QNBNkr-YDaCc9LSxwXvYzAPilvO9p7beSb0wDTMo9LSxmksuzd7CB8CnJ__JvRUQWhapp9n0ZM6gCFdmsVw4D3NADhXLjfEHVHXIVDDQDhkLJTT7dAJuPbeyz85E6v&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS2c4E37KLc72QNBNkr-YDaCc9LSxwXvYzAPilvO9p7beSb0wDTMo9LSxmksuzd7CB8CnJ__JvRUQWhapp9n0ZM6gCFdmsVw4D3NADhXLjfEHVHXIVDDQDhkLJTT7dAJuPbeyz85E6v%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:02 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8063e0d2eb9da95b-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:02 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
79
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFdN5sfXMuOiYqYylM4O8Oo&google_cver=1&google_push=AXcoOmS2c4E37KLc72QNBNkr-YDaCc9LSxwXvYzAPilvO9p7beSb0wDTMo9LSxmksuzd7CB8CnJ__JvRUQWhapp9n0ZM6gCFdmsVw4D3NADhXLjfEHVHXIVDDQDhkLJTT7dAJuPbeyz85E6v&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS2c4E37KLc72QNBNkr-YDaCc9LSxwXvYzAPilvO9p7beSb0wDTMo9LSxmksuzd7CB8CnJ__JvRUQWhapp9n0ZM6gCFdmsVw4D3NADhXLjfEHVHXIVDDQDhkLJTT7dAJuPbeyz85E6v%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8063e0d1ca69a95b-SYD
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A8C8
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEEJ7U_ShT1Y6IeOnz2Vc354&google_cver=1&google_push=AXcoOmTHUy75jLNiWdeue7TN9cskVfrlgX6tyT_FXxr8wRiUV6I-LdB0a82DWdHtUpcwKRgZMUqkOl-CFV...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTHUy75jLNiWdeue7TN9cskVfrlgX6tyT_FXxr8wRiUV6I-LdB0a82DWdHtUpcwKRgZMUqkOl-CFVXO0CJi6mMguljujlOS7zqv_keaUJ9BXB2V01b4mAt1UlekAt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTHUy75jLNiWdeue7TN9cskVfrlgX6tyT_FXxr8wRiUV6I-LdB0a82DWdHtUpcwKRgZMUqkOl-CFVXO0CJi6mMguljujlOS7zqv_keaUJ9BXB2V01b4mAt1UlekAtBQhlZsKsgi2u1X-w&google_hm=Qld3TGlYZVJuVFM2Q2RialM2M3VLaHZDbHpz&from_google=pc1
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Sep 2023 22:38:02 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTHUy75jLNiWdeue7TN9cskVfrlgX6tyT_FXxr8wRiUV6I-LdB0a82DWdHtUpcwKRgZMUqkOl-CFVXO0CJi6mMguljujlOS7zqv_keaUJ9BXB2V01b4mAt1UlekAtBQhlZsKsgi2u1X-w&google_hm=Qld3TGlYZVJuVFM2Q2RialM2M3VLaHZDbHpz&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame A8C8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSLwm_iqH2ixwW7_KAVeE97vkvFaVq-UcNSgpr0zVX4_rO8gMqBbwKtkijrBfQMrGxybfqk1BKrgFbEucrirSzXy_B6mnUdp56Y8cPGoxGgCNZejYJi1nuup5Gz4tb...
  • https://sync.targeting.unrulymedia.com/csync/RX-925e8914-b45f-4f06-ac03-295ed6e0c661-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSLwm_iqH2ixwW7_KAVe...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSLwm_iqH2ixwW7_KAVeE97vkvFaVq-UcNSgpr0zVX4_rO8gMqBbwKtkijrBfQMrGxybfqk1BKrgFbEucrirSzXy_B6mnUdp56Y8cPGoxGgCNZejYJi1nuup5Gz4tbv08Jx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSLwm_iqH2ixwW7_KAVeE97vkvFaVq-UcNSgpr0zVX4_rO8gMqBbwKtkijrBfQMrGxybfqk1BKrgFbEucrirSzXy_B6mnUdp56Y8cPGoxGgCNZejYJi1nuup5Gz4tbv08Jx3vniLtuf&google_hm=BJJeiRS0X08GrAMpXtbgxmE
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSLwm_iqH2ixwW7_KAVeE97vkvFaVq-UcNSgpr0zVX4_rO8gMqBbwKtkijrBfQMrGxybfqk1BKrgFbEucrirSzXy_B6mnUdp56Y8cPGoxGgCNZejYJi1nuup5Gz4tbv08Jx3vniLtuf&google_hm=BJJeiRS0X08GrAMpXtbgxmE
date
Wed, 13 Sep 2023 22:38:03 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX925e8914b45f4f06ac03295ed6e0c661004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame A8C8
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEJBg-CrpDRFpgjpd3c7qmNQ&google_cver=1&google_push=AXcoOmSgl9VWHX6LF1rQTK8diYZAWUiIFgdc4p0UCVKxdIgBIEgFbluCGm8U3uSjSGkZGlcV9g9pxd8Sg6De3CZK6lYsJafRXTGRf...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmSgl9VWHX6LF1rQTK8diYZAWUiIFgdc4p0UCVKxdIgBIEgFbluCGm8U3uSjSGkZGlcV9g9pxd8Sg6De3CZK6lYsJafRXTGRfnAf3hHPfCxw-JfkZsUQXXL1X-sJ83...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmSgl9VWHX6LF1rQTK8diYZAWUiIFgdc4p0UCVKxdIgBIEgFbluCGm8U3uSjSGkZGlcV9g9pxd8Sg6De3CZK6lYsJafRXTGRfnAf3hHPfCxw-JfkZsUQXXL1X-sJ83DLpeS02E8t9tPwkA&google_hm=23dc696e583e10ca72a1fc35fea6112e
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmSgl9VWHX6LF1rQTK8diYZAWUiIFgdc4p0UCVKxdIgBIEgFbluCGm8U3uSjSGkZGlcV9g9pxd8Sg6De3CZK6lYsJafRXTGRfnAf3hHPfCxw-JfkZsUQXXL1X-sJ83DLpeS02E8t9tPwkA&google_hm=23dc696e583e10ca72a1fc35fea6112e
date
Wed, 13 Sep 2023 22:38:02 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame A8C8
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmS0bcoPF19KurO4S2mlMeHTuJCvAYW8rY5UYtJwiXk35yxWycI1zBhtJhOL03SVS0u7nq9zD_sdhMhvaItM0DJjj9IxUaZeeIDmwaReTCEaRnHhQCm1zStwkV2cj...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHgeTBYoR3T5CHq3oWWZux8&google_hm=T1BVMDJhMjNiOTlkMWE4NDFmZTg5MzBlMmEwZGRmNmYyOTU&google_nid=opera_norway_as&google_push=AXcoOmS0bcoP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHgeTBYoR3T5CHq3oWWZux8&google_hm=T1BVMDJhMjNiOTlkMWE4NDFmZTg5MzBlMmEwZGRmNmYyOTU&google_nid=opera_norway_as&google_push=AXcoOmS0bcoPF19KurO4S2mlMeHTuJCvAYW8rY5UYtJwiXk35yxWycI1zBhtJhOL03SVS0u7nq9zD_sdhMhvaItM0DJjj9IxUaZeeIDmwaReTCEaRnHhQCm1zStwkV2cjZpt4awLKINs8HvWl-4
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:02 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHgeTBYoR3T5CHq3oWWZux8&google_hm=T1BVMDJhMjNiOTlkMWE4NDFmZTg5MzBlMmEwZGRmNmYyOTU&google_nid=opera_norway_as&google_push=AXcoOmS0bcoPF19KurO4S2mlMeHTuJCvAYW8rY5UYtJwiXk35yxWycI1zBhtJhOL03SVS0u7nq9zD_sdhMhvaItM0DJjj9IxUaZeeIDmwaReTCEaRnHhQCm1zStwkV2cjZpt4awLKINs8HvWl-4
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
371
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A8C8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEJXB-SxMnSTq9A1YrmEnLno&google_cver=1&google_push=AXcoOmTMajdT9547wEFS7y-WEUrP_Q8h5DRwI61EZ6hN3iVlmeHEcWrds3MrvQ-MYNEbkerm_SCQ0...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEJXB-SxMnSTq9A1YrmEnLno&google_push=AXcoOmTMajdT9547wEFS7y-WEUrP_Q8h5DRwI61EZ6hN3iVlmeHEcWrds3MrvQ-MYNEbkerm_SCQ0...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTMajdT9547wEFS7y-WEUrP_Q8h5DRwI61EZ6hN3iVlmeHEcWrds3MrvQ-MYNEbkerm_SCQ0oCvh6T-Utd0HnzsZGQ8moIt1MJ00_oNSeU3P-cf-cR4yCMzIZn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTMajdT9547wEFS7y-WEUrP_Q8h5DRwI61EZ6hN3iVlmeHEcWrds3MrvQ-MYNEbkerm_SCQ0oCvh6T-Utd0HnzsZGQ8moIt1MJ00_oNSeU3P-cf-cR4yCMzIZnpxkoqY75-XwnxWEezQ8g&google_hm=c2M0M0d0aWszZUY3ZVI2R1pFUDk=
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Sep 2023 22:38:03 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTMajdT9547wEFS7y-WEUrP_Q8h5DRwI61EZ6hN3iVlmeHEcWrds3MrvQ-MYNEbkerm_SCQ0oCvh6T-Utd0HnzsZGQ8moIt1MJ00_oNSeU3P-cf-cR4yCMzIZnpxkoqY75-XwnxWEezQ8g&google_hm=c2M0M0d0aWszZUY3ZVI2R1pFUDk=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
287
Expires
Thu, 01 Dec 1994 16:00:00 GMT
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame A8C8 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEaL7MkOeICBQ4CXYudASMw&google_cver=1&google_push=AXcoOmSY3I16RzKgHfOfEYNR8YVbh0ts2lsVuYthiBqqigIHZgTnTuNP2zFR4pBp9Nx14w7U-q6p7PZEOpt5JSh8Nog0Mfi68h3T9h_vuRcemxVjkpXKUvqzq0IdlkGng7Kfokum7oinB7A9DqY
Requested by
Host: 9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
URL: https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date
Wed, 13 Sep 2023 22:38:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame A8C8 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IH6ew2E11B15L6bIESL1RSf8AsTxxSLhzwIDiZuwllmfq9atC2gZ-s4xKrZBt4w-x5GkGdVPz8
Requested by
Host: 9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
URL: https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame A57B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
413996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 03:38:06 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EDFB 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 21:53:57 GMT
x-content-type-options
nosniff
age
434645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 21:53:57 GMT
truncated
/ Frame EDFB 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52575c1ba0fd061033e856c5673a7a09c535a614205c31e06818d3eef998b953

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 2C13 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309070101&jk=1820490842532225&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A57B 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?P7qsiQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2570 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 21:53:57 GMT
x-content-type-options
nosniff
age
434645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 21:53:57 GMT
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2570 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 21:50:49 GMT
x-content-type-options
nosniff
age
434833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21360
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 21:50:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5083 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309110101&jk=1211786465246&bg=!Y2ClYC_NAAa6D61Rmg87ADQBe5WfOOPOzRjpt41FRmsYv74hIYRSUajiY06G6lxdO1FOPTKZ08pbBvAKe6us94JTNLSEAgAAAEhSAAAABWgBBwoAfFj5hOppeXQxPtIYQ3c1Ue02YXhoqV0Lq21Dw5V6qKYqrKTsMHdxGuMlKxJSYoQse6rpz42DHM9fVMErO_Q2i09qZm8wHLKboYWmAljyk42MjuPx2ajZk5NevbXpdO6y2ckHUA1yDJv9FbcGUmERaiI8ddSx1UM2WCcm2xeZAuusV8QvU_KCMTjKdpthx-PSvAe4ZTwa4KO58nTSYscXygNXH9QMN6pmdIqJUWOohKQO7Y3nFJUOeOlWlUHvGRgJc0u55LUzjuxDlLFn6SAk-tPKBR9iBcP98qHtPNGylzkDrHQz7b2VNNJX051QJBgCPN06C4yTai5z3g2WvURBp6ghteLsgNEIECj1UNC5lA5enTz9fwJBgGHpJIdZozf95-VfVNuUWn6CCfnDCL_bfkhHopCrOxba1hgGzSKeFm4VueuPKzufVDA-V_dQTutj5zGxImwWauuszLoVtqTV86Okc0AZdlen8GGVg8G8q9JkChkUvYcyAfvR3HUJ1EuTR54VnPa48HKP9XaZdm_zsAhFKP2EquZ7cUPTI2WsCwmvDwVL0MlEFYbJchxNJmLiWc-3okYlpcxe-zV-CXAAG_s5BH0f7C3OjAw_Xvt6-mBqE6AYI_T6p5F7qDn6VPy9m17ZNe2Q3vPxiQwilYLDAU4CI_yuUZR4lkP7f4Q_Vbt5rbSp0FyJb-PbcEwBuGQf6FwVjRPnvxs1lHw-VnWAlTNC-0_A4w18xEnxW4kSIt6fp8b3NPspQSaip2uDoXykG_YagTTnoumjO5R-2rkir6zVm329GOL3NFPRoqhVp8l496fXm5i6nr9L-YzNfRsOHZdTF4epMICNBMb6ZofGVmWE47ts5bnqlt0uM8Wa4DHTyyDyWVBxVMq1LvrDA-rpVSiA9u_MVMpGkVDiEkf51KrFeBxPHfjcg5J5R1qeWXsyMWFbBlUvXIxhaHgI-aGHWJKa2wePgdo60MzwlNzLy5hqbmdTNaG1J8HunaWSIjdn_-_hyGOL-bVZRfIcq1nG1E_EyTyvH0Wzw0vwMRzY2oCLoWTqyVo3WezDlGmki3nbH2-fn7zGBDcOSx-vAPeMcR2bUEII_xuW_O1IFG7aTtlBBcJaSwwJWhnJ_VeyovVgeBK_V8GL-WMsh-X0DJIfSBXsyWDIV-aHQ0Q
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb0ae2bfeaa4f68a0000000000000000%22,%222%22:%220x2ce036c6a37d3310000000000000000%22,%223%22:%220x352650b29767329b0000000000000000%22,%224%22:%220x303ad3662a978d850000000000000000%22,%225%22:%220x8c2308b0460ebf2e0000000000000000%22},%22debug_key%22:%223806709610108942994%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.com.au%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2209-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224888067813414182913%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 22:38:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 0C0E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 03:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
413996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 03:38:06 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2570
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Redirect headers

date
Wed, 13 Sep 2023 22:38:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2570 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:04:53 GMT
x-content-type-options
nosniff
server
cafe
age
12789
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Thu, 14 Sep 2023 19:04:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2570 		344 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 07:00:24 GMT
x-content-type-options
nosniff
server
cafe
age
56258
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 14 Sep 2023 07:00:24 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2570 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAAjJyTkCZafNJa239fwPu7O2yAm2ieCccse95uTcEdLh0uCyARABINLMgRpgpdiTgJABoAH704WKKsgBAakCvUVqqX-KpT7gAgCoAwHIAwqqBMkCT9AuPsFxomSa2lUfFFKZ9FipFwbwlp4luS736aiHelwNi3DwCX96IRn1AB8DImc_ALFfzF-zFpZBtX7RBuHf863q6WreozKf6iveYqGLLHbBWnB3sbQLb0AMRZJYTfqscBxLUQPFKhZSP1-DRfPzVqT9zA_-m3D_qZAO2lES4BKT9m3H-xbJMJrRUHTuCRmyr4ivRxzvfwYBRNVkKJmtHtMrt1yypX5IF9UYQSIqA-yNeBRzA4nTvQWBQNen_2uzYzMZ2qYIHqXq1CqOdclfERyxfIzb7Hk1LDI6wb4CT66aHGCJ8vePatiwDRPjhHIk3Ak_dZHWdqQqnffw4fX8opHq-or29qIkqhPZccoR8x97LR5hBPtokyq3_DL9oik2gN6ZFbIfYKd8Q17pbb_BcgNDMgGfgLwq61ta0hyeAWvATSdI7XMlhPjABOLho6TCBOAEAYgFpd3tj0ySBQQIBBgBkgUECAUYBIAH-4vW6QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCuZdIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkeaHR0cHM6Ly93d3cud2JhZHZpc2Vycy5jb20uYXUvgAoDyAsB2gwQCgoQkIHt7OGe3882EgIBA9gTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=z7pQ6T4Ccj8&uach_m=[]&ase=2&cid=CAQSOwBpAlJW63PWcz_jQJ-42t7ZUogQsiq0Ct7_kwvxIEVgOL-CGPyKLJPxWhRP9V4EUOkcREcdX93bDOuQGAE&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6F8C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309070101&jk=1820490842532225&bg=!NTalNnnNAAa6D61Rmg87ADQBe5WfOLN9LqwCmkQpmTUXCj1nG4oXqr1Z4OW3OwjQhcdDqYUGglSDSunNlN-4LI-JKt4bAgAAAFpSAAAABGgBB5kC7aQ_5CHHXbwh04tJcFtPsEokhRUsZkvlsBhvuDXuSRvSVcBsIzfXzBg_NrHShq8PRwaL_r34NGPk5MhVFnPWnM3POEe0-wz9VnMSH3hhiDT_jZR-6MXkAINUVxj-aA1exwF4BDhA3Tbq6XZP6LubpwuccOM1y2Oheu5-FU0lJuGn_26mke1qw_v6yxvxx4UpvcSaf7f9QMWv0XDnueG_62TAjFU7G5JcAv3hziDNmj8J5E97Xob8W5o8T0hzK3XQ8HFCGgu0tk8nb_jcPM1agUyT3AfgZHZlXZkuJBznYEny-6CWHks83Nu8rUXWdFulxga32WRAG0XBfMfTIH9Q0JRT5uAO2dESKs4a-bSu8yDANY9Frpa-kfW9zpmsNHoYjtAr1xuQferNaIQmOjbPoBfRVqLjv2hsk0ulWugK9rlqiMftz5CeJ20pcqzSXuz8LIS1fL2eyixFxnsxTyqiQaAFhNtkQTHBjFamB2Tu8dCo4pblel9DbSYVPfsgehUTD4G0XxsHMXEBqXrsP9W8LaojOo00dG8CpK-Zm_Ifu7JQz_MkPdk3IVOfOrf3uTiKnUIjSjSjqWA0EIPLuN5d8ZNklVJwjX4ta3zjWb_TNraoWlaN57xE1dR67Wi0nc1AMvE2-JcZENZnthZapdr4sttKwDWaY9XF3HoY9bMibeK8OPwwre4TW72Pn-am1SKfU8OLFcfRhp8KqdcZLzpI0hMSQfxB3ybsSYVlgLwH_p2sRHVjeHXTRv145u2YG_-QcCuipFxI6N5KZdKANkYwlq05OEwHwYpUUk7kNYn7zbuEE4xlhEGgilHKprkkIW0QdYcIN53fxsEpLnSMs4GH3tY_Eo2ggyYW5lAoL1LY7NGVywFjsBJByvnVa-2jN4iCqOEVluz96MYUlPrzvTMKSUxnRP0e-Uz9WHdg2PiyTvx2X5Mnd0figkf9z3clkUIOIHcraHySGW1iS6DzxYrzhdMzYVpZ8yGCTo7GTNB0
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 4B27 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjSxhbKqxeiVUwltOkOQkf9d1rbDcfs7w5UOG4n83zCDL5RnAlWSSzb-ddWJEL__8iJ-K1RMrdAXFoD_dbs1QnPS3JnPRLf3tYVEtEOvqjY1UHIs34fFKkQJoeHmAZJLfOJ1oaoNCVKqDhQtBdrd9m9-dHpCrRvxiuS7Cjvr8suYr7pAnxd_VZc6amatMQ6U5LnJFtu-wtik5D2B6hdvyEsIYBep6MxFhxTcTkmegS0u5toCnoF2gsYbdFPRtRaHq6PKiTelAEVlrTfMhCprIglD_48xrHrnmtfZJyjA55uV3skbVQW5vm_3fLjOBoH_RTh-1KUqdlowLzlv4BL6Rl7JJcY4olORjdnw&sai=AMfl-YS7Ly4lympE0RYOiwFqeB0VrkMP-pImjMVie-pcax-BbG_72RggYSR0JuBF9fAgfzy8xBc8TvJMpI6VpQ_aB5As-xs2sm0hIIzH4wrY9yGvaY68HRth2fisrsYGJrjMX5L43DdXqBfzElO2D5E&sig=Cg0ArKJSzCnoHBmf19fJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:38:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 13 Sep 2023 22:38:03 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EDFB 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1AImW84_w_LEluD4sMHvn0Mu5WfHA4H4WhBBwJ6iyUvFYXz14YiZeM4d95qZOV-MICc2WK73l2rUNAVpJtk0BP5xLa4Iqccsc1TdP-bPQqixBzHpWwoY59KNIFNNwdfeknp8ingx2GA&sai=AMfl-YQMFSD__xLZ3dYy_CJQut2M0j0vq_yWS7YLIL_eG82KR41IlI4IpuGNQ26F7obWL4UehMtcAA8LbR9NVKN_aWv1nRFpqNup1E3tCTNU0DcmDg6F2RoQKAPAris&sig=Cg0ArKJSzMn6As31MF0XEAE&cid=CAQSOwBpAlJWUCJj8hjsBvZ0Xu6ScUhlqYTjSwQcxbBzkHKKvPgxrhPHuXWbfrwIRaEjFolojFHkp80xX4vOGAE&id=lidar2&mcvt=1000&p=108,650,358,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3360245792&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694644681998&rpt=253&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2570 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbY__lN0UaZuhpdAweTIct7_YRBNo9VBQJfnrjIXmOtg9NSjbtwFhw-81nRgvsEhL1XifPNUUbhpDZklFsGkVuraD1gi6N4hzvkszeQhWoo4tUy2h3HOrfMVDjPC3GDyyaFLVtbd7qpg&sai=AMfl-YQQsHe9w4wlvP3DAyluqKY3s6JaMZywDlIEr7Kzt0Zir_ne_SETITWCk0oMHfrrQiWtSOljobccsxyw0R4jwx1NvTYB5jAot9fCvjvXJS8tsIFC5imxi9hRuho&sig=Cg0ArKJSzBVx2c3IXxhjEAE&cid=CAQSOwBpAlJW63PWcz_jQJ-42t7ZUogQsiq0Ct7_kwvxIEVgOL-CGPyKLJPxWhRP9V4EUOkcREcdX93bDOuQGAE&id=ampim&o=640,358&d=320,100&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=590&tls=1591&g=100&h=100&tt=1591&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/Qz7Rv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je39b0&_p=1692201647&cid=1598782723.1694644678&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1694644678&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FQz7Rv0&dt=URL%20Shortener%20-%20reurl&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4B27 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstD6tObsy5ioC1ucQvPduByHnI6rxuC9HEtUxcg1vJiYJXGyGnssBcBHmGatyUcjdJHwjC1kzKg7ZMS2TS4ReTJlt8eom7nKXPbNv8xoakKVEUG5UUa-opmqBaP0mqc&sig=Cg0ArKJSzHMAtHNrhSl7EAE&id=lidar2&mcvt=1000&p=358,640,462,960&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230911&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=19&adk=3271617715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694644679258&rpt=3701&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Sep 2023 22:38:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
creditcards.com.tw
URL
https://creditcards.com.tw/wp-content/uploads/2023/09/%E6%96%B0%E5%85%89%E6%97%A5%E8%88%AA%E8%81%AF%E5%90%8D%E5%8D%A1%EF%BC%8C%E5%9C%8B%E5%A4%96%E6%B6%88%E8%B2%BB%E5%92%8C%E6%97%A5%E8%88%AA%E5%AE%98%E7%B6%B2%E6%9C%80%E9%AB%98-NT40-1-%E5%93%A9-1080x630.jpg?crop=1
Domain
www.facebook.com
URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19613.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=UNKNOWN&__rev=1008615736&__s=%3A%3A5x46p8&__hsi=7278443466996158672&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w&__csr=&__sp=1
Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=UNKNOWN&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w&__hs=19613.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7278443466996158672&__req=4&__rev=1008615736&__s=%3A%3A5x46p8&__sp=1&__user=0&dpr=1&jazoest=21877&lsd=T3bD3-iX_OAwc2AheTbodu
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=UNKNOWN&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w&__hs=19613.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7278443466996158672&__req=5&__rev=1008615736&__s=%3A%3A5x46p8&__sp=1&__user=0&dpr=1&jazoest=21877&lsd=T3bD3-iX_OAwc2AheTbodu
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS function| fbq function| _fbq string| partnerId function| hiball object| __hitagCmdQueue function| gtag object| dataLayer function| Vue object| renews function| getRenewsFeeds object| app string| labelToken string| category string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac boolean| google_plmetrics object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady undefined| google_measure_js_timing number| google_unique_id object| regeneratorRuntime object| ox_esp object| _33across object| hitag function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| brWidgetInit object| truvid_protected object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_141 object| Criteo object| Criteo_identitytag_141 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

51 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _fbp
Value: fb.1.1694644677866.376816815
.reurl.cc/ Name: _gid
Value: GA1.2.1818783863.1694644678
.reurl.cc/ Name: _gat
Value: 1
.prnasia.com/ Name: __cf_bm
Value: EU0F8yMDIuORpOVveimksL6layg.nHXfRg6PRRRSRkM-1694644678-0-ATwSxYZsD0XAu2RcvhIvk3IF9H82KUtvAffiw3msH3iImiCvykDYUNtDQZm9KS+8gZZh9PA2ueVsqKgSerT/z/E=
.reurl.cc/ Name: _ga
Value: GA1.1.1598782723.1694644678
.openx.net/ Name: i
Value: 24c4b610-a707-42ed-9f23-674f47641332|1694644678
.hinet.net/ Name: uuid
Value: 43be7e26-d680-4a57-a5c1-d579318138c0
.reurl.cc/ Name: __htid
Value: 43be7e26-d680-4a57-a5c1-d579318138c0
.reurl.cc/ Name: _ht_em
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 6f9ab9ea960cd4f2937e784df320dfc7
.reurl.cc/ Name: _cc_id
Value: 6f9ab9ea960cd4f2937e784df320dfc7
.reurl.cc/ Name: panoramaId_expiry
Value: 1695249478507
.reurl.cc/ Name: panoramaId
Value: 25be2c7e686f4d3fe0f19ada5e9b16d5393867e5c2328709579c5cb9fecc2965
.reurl.cc/ Name: panoramaIdType
Value: panoIndiv
.openx.net/ Name: pd
Value: v2|1694644678|jElYiuvOhI
.adsrvr.org/ Name: TDID
Value: dbeeddfc-dd45-4152-99fa-6c60c8ca3638
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiQ2qj8ma2aPBAFOAE.
.reurl.cc/ Name: _ht_a546ca
Value: 1
.ladsp.com/ Name: cr
Value: 1
.openx.net/ Name: univ_id
Value: 537072971|dbeeddfc-dd45-4152-99fa-6c60c8ca3638|1694644678776530
.doubleclick.net/ Name: IDE
Value: AHWqTUn8RuyfeaHx2yHjbAcYdTVTt8pGIxJ3AiIEP3GqXoKdNM3VoPowAXlDElkf48o
.ladsp.com/ Name: smn_uid
Value: PiwG7f8lGXOikQfdLcIM-w-z97yBF9Y
.ladsp.com/ Name: lum
Value: CN7hxoWpMRIFCAMQ0AU
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.reurl.cc/ Name: __gads
Value: ID=218df0ac5721e62b:T=1694644678:RT=1694644678:S=ALNI_MZMvlN351_ODXoUowbrUmfT-HbQFA
.reurl.cc/ Name: __gpi
Value: UID=00000c44aea0d5ac:T=1694644678:RT=1694644678:S=ALNI_MYESTAAGZSuSh3QMAAjn3wz51zxFA
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1694644678.1.0.1694644679.59.0.0
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjk0NjQ0Njc5fQ
.reurl.cc/ Name: truvid_protected
Value: {"val":"f","level":0,"geo":"AU","timestamp":1694644680}
.reurl.cc/ Name: CFFPCKUUID
Value: 1947-jFt2RCKHed4y6BnIoAEePbVCw2MzLcBG
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 152-aLWJuARIHczMwAtz02te1uFTKNAxZGGQ
.reurl.cc/ Name: FPUUID
Value: 0152-6b5a1edd7eb3d220d7f0a442936f6d5ee0f1dea873e53bbcde026cf5c9eb9bd5
.holmesmind.com/ Name: fcm
Value: 1
.criteo.com/ Name: uid
Value: 737b598a-57c3-4b1b-8ebc-e8a6dcae2a86
.lndata.com/ Name: admckid
Value: 2309140637591869640
.googleadservices.com/ Name: ar_debug
Value: 1
.reurl.cc/ Name: cto_bundle
Value: 0djYXF9BZHMwZ1NXU21RJTJCTU40VVFqaVVSWk41dnBmRk1mdXJpV3FaJTJCN1YybWZQTW5GMUhBMExHdWdkSTQ0NGtZbkMxVnhpeENZYjQ1VE5CJTJCUG1kZHkyWENtZSUyRjltVklBSWJOZ3l0c1hMQnVaZDhNJTJCYSUyQlV0d3R4aVM5OEZhb3olMkZKJTJCT3MxblZ6ZXlaOFpMMnBReVNyWlF4RnB3JTNEJTNE
.reurl.cc/ Name: _ht_hi
Value: 1
.c.appier.net/ Name: _auid
Value: O0RysTGPC-2-9UVJyDkCZQ
.holmesmind.com/ Name: Vision
Value: 20230914-23:59,20230914-09,20230914-09,20230914-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: P
Value: 866693-WjDJmrwzSG0zUdDM0sLWxN7y8tH667vc
.adingo.jp/ Name: ID
Value: 23dc696e583e10ca72a1fc35fea6112e
.adx.opera.com/ Name: UID
Value: OPU02a23b99d1a841fe8930e2a0ddf6f295
.fout.jp/ Name: uid
Value: BWwLiXeRnTS6CdbjS63uKhvClzs
.tribalfusion.com/ Name: ANON_ID
Value: auntuJwl6h7bQQwbPBqU7JvIH6ay3OhQncZaUeaV3nSvFMPKG4939BvTZaJ8jfhZcwmKQXr5wp3PZb3d5Zb3U43XUe9fA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-925e8914-b45f-4f06-ac03-295ed6e0c661-004%22%7D
.doubleclick.net/ Name: DSID
Value: NO_DATA
.zemanta.com/ Name: zuid
Value: sc43Gtik3eF7eR6GZEP9

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23d84046b8eacbd6e001adca02bfba47.safeframe.googlesyndication.com
43be7e26-d680-4a57-a5c1-d579318138c0.t.ssp.hinet.net
9e6d25b0cdea145e952b183aeb8ac09d.safeframe.googlesyndication.com
a.tribalfusion.com
a9bd69011bd107b5997870f7fecd7709.safeframe.googlesyndication.com
ad.holmesmind.com
ad2.apx.appier.net
adcdn.holmesmind.com
analytics.google.com
anymind360.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
cc.adingo.jp
cdn-ima.33across.com
cdn.ampproject.org
cdn.holmesmind.com
cdn.jsdelivr.net
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
cnt.trvdp.com
connect.facebook.net
cr-p3.ladsp.com
creditcards.com.tw
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i0.wp.com
img.gbyhn.com.tw
invstatic101.creativecdn.com
jp-u.openx.net
match.adsrvr.org
mma.prnasia.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
re-news.tw
reurl.cc
rt.ad-score.com
s.tribalfusion.com
s.trvdp.com
scontent-syd2-1.xx.fbcdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
sync.1rx.io
sync.fout.jp
sync.targeting.unrulymedia.com
t.adx.opera.com
t.ssp.hinet.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
x.bidswitch.net
creditcards.com.tw
fcm.holmesmind.com
www.facebook.com
103.132.192.30
104.17.238.194
104.18.25.173
104.21.96.9
116.50.36.71
124.146.153.160
13.115.74.94
13.251.250.53
13.35.147.51
13.35.147.90
13.35.147.94
139.162.58.205
142.250.204.1
142.250.204.14
142.250.204.2
142.250.204.3
142.250.66.226
142.250.67.4
142.250.71.66
142.250.71.74
142.250.76.110
142.251.221.65
142.251.221.67
151.101.1.229
151.101.129.55
157.240.8.23
157.240.8.35
172.217.167.104
172.217.167.66
172.217.167.67
172.217.167.78
172.64.152.89
18.67.111.18
18.67.111.67
18.67.111.78
18.67.93.65
18.67.93.66
182.161.73.129
182.161.73.136
182.161.73.145
192.0.77.2
192.0.78.187
202.232.238.37
203.75.214.136
210.59.219.34
216.239.32.181
34.102.146.192
34.120.107.143
34.120.190.48
34.95.67.231
34.96.70.87
34.98.64.218
35.185.130.121
35.185.136.122
35.190.36.98
35.201.76.93
35.208.216.174
35.213.12.39
35.244.196.223
35.71.131.137
52.198.231.167
54.249.186.83
54.95.87.91
70.42.32.95
74.118.186.107
74.125.200.154
82.145.213.8
02910a6547b9ef3630d962cf444c00b14ab0725a02e1f565961b175ef35fdee1
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf7494826dca4943f79a274b6da4d3fea48063ff6f03e931cb62e16eadfe84c
0e4824da4fe7179b4f6f6b3fe3f322792c501725f452865ba53b620262516a5f
0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6
1178ad40da093040499e1066fa9f4fb8fe9e3b8023efc29e94dd83fe389c73c3
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
1418f2ac3ffc9157e260a4b35e6253c80142817520c07ed6e933c5ae9580e846
143d681dc8ed67d5acf692ab8bd8f25a87b411bad534980984107887c6f82af2
144ea412f47f412585e014309750002d7398c73b8dc933b490448b92462613aa
163861ba1f99a5f399021588724bc0930e9de7f7dea9c4a5d8d06e03f169f30c
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
172f222cc4695fcaafb44cf1805be610b1b29e1ef50a18488a8f3f368754975c
1e67ae65bdc6df3d474fb6c5636258e6d130fb30a3b526578c7c12188c1e6b6f
26fc2025d1cf7cab66516991b351dc91b296a72b0b63953556026898cb608884
27df82ac2cee597ecea9711540b9d4e19db689397ba2832d21aa2eb552c10a3f
2bdd77031c12622ed4aeefa12872eb47d5bd1b1bf962c01ab1632ddd6f1a6a7c
2c2e3ecf33f22d3afb5e42ea8c90d721bae4496c24bbbc2bc7d446a5a75a25d5
2c54d1d941892b04f991723aa500f94e73b925618258b631d2cb9b096b0f5870
2c8536c5c09790f5d9749eb0e53d8c1004e2b2cdb2aebb8c83516f91e7516de0
300cd678581c1f04ad918b185f5e75f1b67944339b7e52b008dc8aea9f9f1dfb
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
32d01faca01fcddf8e4dc2c781b1c1b2ad2253288bc3f69dbcf655b09074e3e8
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
3883c7cf17a384ac10b612a2f0f52b1f2a805b929fe1f4927a138bfefba6bab1
38a0aae3e351883b880772b578e96063ee338cad05522ce9fa53686d868e4eba
39df275e8da264770b285db6e0735133fbac27e821f8a0ad978e2ff63b5ab2f3
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c0541cead57de4050976bdcf7f984b3aa006452950f18b2b9eae0d4a4b96904
3d7a4c1f3001c103fe0498e091be41cbbd42715796be427ed307d53ad5c46233
3ee8f06eef7474a1f84fc4d84e3460755022c4d890275847f363982a3beab8b3
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
464ca7deadef21ab57506517cdfd0898062c4736181e112a1cf4480337482fee
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469d4d0f83b5f36bbf22241eff44e58a8a1c54ed9e64f246fab82c8f9a19e8a9
47f779c7c5965819dac2b7aea9a67f6727fa77e0581c1697f9362f68de452bad
481d86a73487c4edc6e1edeb26433134874e6c51a00c894d18ab7887e209ddfe
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48c5c53db7bb6b4b9c393ab98701ba3c03398470c1110678a09d50ec31ad9db9
490a86743b3f4d20c7de11326b8bc265bddaa87a4202c74ef7aef9e2a39481bc
4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52575c1ba0fd061033e856c5673a7a09c535a614205c31e06818d3eef998b953
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53dc3aed8964878f7a76010938a889d9cc9f47cd86dcbcc43511c2c4f0b299e5
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548eb8ba3d9a0c8060d3a664683c05dabfca2fe127b148bbe1a5e15710c1fd7f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
5db43dfc18e22f338047eb4393993f313139c7a1a6854f137b07b2b387c97cfa
5f6e0bce5c9dd54ac1057dbf990b22e8e2e601bcc67244a1c7abbcc1199fce2e
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62112ced3e18d71cadb684d5825bb832ec33f8676cac9e7c34c0ad0db7ada25d
63039c4912373687e04abf24fca02ada5059e1dc790b106d8c67a9731d5a2355
69ed201ea565fbfb6b8667a25451afa638187a1e9953f1b2556df0b843c79372
6a51a33a8c3b83a167c83a13478243994ea66125ef756101405928389f5d6f79
6a7e35c9c839ed3385442506b695930bb76874bca93be694fd2ce9b8f108ab4a
6b09d35b36f731fd86c9e191c36f48b55ee878ca4f2f7bb727261257352d8798
6b09e44a969207b0ea3bc45ad72da4261acc92859f1606bca1d9b55341fec29b
704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c
717097102d91fa2f9c7122d387fb7f8c25bc9c7dda56c1b1cde19f0b26e2acf2
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7aefa7a735322bc937d004ffb976c57e6f187d12547bdd5b755251412393c075
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
85d8da28d874dbd74e5513e5dea377b088aba0b5bcc8ffe63965e1359e7fd3e0
86535cc2caf75bac3415ae716f14ecc90df2d41224e3c4b9f33cf6b730e8c255
894f2e66ace52b5a7cd7a21e26ccb40b7507bbd8d70fbad0e9f3e51039ad9481
89bc86664fd5cf87cddec202aa1bf52f668344d436315aaefbcfb955a75f8c13
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
947ea0259f58d0d3fa8f9d6f87ba299d4cc4379be52886936c56f358da9a5787
95bc3b64bd85d6732c31fc5a61becdb11de8ef9fc6fa0f55761397a4144d9639
9634e751ba4540ee9129631b8cc0ce43e568beb8ee008d4c6a3d088b2255ab59
968764c98a1c96d98c665926905742035414ba3d611a95f04f7d4558885db021
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99f677b776f38e190187a81ecd19deee8304efff910ad00ceec3c861c1afe7fa
9a3fa7683f5a44d88ea848846175cc72f566df54ab401df83df3b296beb28a6e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b3e59d2b97a03848e6cc4e7af6dd19b20f97a4a7b3c157864fb09bac3cbad86
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f0bc12855454bf37b26e71b2052fac720d6095b4da5639de8f17d150ee6afe5
9f91b41b85237749c20e054caad339d8ec0cfd1e4c5b5ac129d0f2618e319200
a0bb429ef51f6c9f599acd5f6670643ad1987c6680f43336340fa9d4c2bfacb9
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a45a9b5f85cf37148358c9c59f1a61fddd5626d493e20ab4074b27e1f614b88e
a5e8070ff2fbd251cf7ea20bc66ab0067bcf65ef15acc10a19acf1b28f310d8d
a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3
aafa0e373fa1ef982b2445694d9dfc118316a7ef017e73a4f3005569f4dcb892
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b101c1db54288fd49bd8f58a6e2c94eb465ab50b6ffd4ecb6cb730f16b4520f2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b80219a642dcc8046dafaa546df0257ff089d96c3e240f1d00b520e019d20c5b
b81d13ed96ab027f7c9478ea04c59d37f202c828e310a5307d7da9870155d93c
b88385fcaa220254cf2b6400d71d84af2c84544674b31711f2c815f66d3c7b59
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
bd0366660d2837d11ab498b4adbca774d02854cbb182aaba77f5bc96075df9fb
bda989a7ce240730a0713822b28be9c7a529bc69f15514dfd925f0e650664709
c08aeac368d957e1527a16613b794ec12eb868fb14c24b06033688529f48c4ff
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c2e5878ccb3c79ee989e7ff4667123dc7435b54579f14093a597f7d4a8d06d83
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
cdfaa72b458fb25ea103ecf2d40e5e253f76bda53575d8ff1fa3cc74be9188d5
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
cfb4cc6a48948db13a4e89f69cd440da8fef4e4e1bbd6fc8d4b0d18a9599bb5b
d1734ee2b4f1de1b2acfe90034bcee1d7f3b720aa1a8b0827de898fa3723313b
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d67deefc0fca4e854e1467fa830d59d3d4d0b0b906c7253adcb64e5f9ea2aeac
d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0
db63e163735fd56abdd87ed52aa9bba9b7a1aec241b9b3679c6f4451fb04fe54
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deee99d9237a62175dd73f926937b73b43ff2d299162d4d3f8cae02296a8f885
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e3a007704a5a30da7ba07c29485b9c8d076e802b203db0d899c90e52c762be69
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effd2fcad6c850f8a795002e4635fcb96c4ddc28737f41c8d5c931d33bc105e5
f9a204f2807c0a6b602121827f675658aeb79379f60a144aff095fce04e066bb
fb3355776c8def8fbbb0aca3d3b1c6e812196a8683e11565249cecf12c06ce92