reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

• https://agent.aralego.com/sdk HTTP 301
• https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 34

• https://c.holmesmind.com/cm HTTP 302
• https://c.holmesmind.com/cm?tc=getIn&

Request Chain 76

• https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
• https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
• https://ad2.apx.appier.net/v1/prebid/bid?acid=p-mi4psbCaCo6XOOrcZ5Yg

Request Chain 77

• https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
• https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
• https://ad2.apx.appier.net/v1/prebid/bid?acid=LzdGJ4k-APegj6bjrcZ5Yg

Request Chain 78

• https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
• https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
• https://ad2.apx.appier.net/v1/prebid/bid?acid=TH9IPZG9CFq-E64_rcZ5Yg

Request Chain 80

• https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
• https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
• https://ad2.apx.appier.net/v1/prebid/bid?acid=3oiuF2C4ClW6vK0jrsZ5Yg

Request Chain 81

• https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
• https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
• https://ad2.apx.appier.net/v1/prebid/bid?acid=Qw8FaNIxAa-D8_IWrsZ5Yg

Request Chain 119

• https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=GkyESnxPWkhXK29EU3N6dFRmQSsrTkY2NjkxL1VaMlJDU3U4MmdJM3FzL29ibHBuR1JhT1l2SkVScjNpd0FObUlFSnBKcVcweW1DQzZkajhBWW91QzJ1OU5RWkdPRHBoWnNuL0ZERVU4R3kzTmREdFdZRHpOc1kwNHRsd0ZmTHg4TVpmL0xLd3VqajM4RTgxQU9BaGdVR1lGTXBEZTEyVU9ZUUZPa0NaSllqSnRtWGMycDFHRTBhRjVaaWNRVDdPVGhVR3F2NWlPdk9peWZzV1RKSS9LdGkvNkN0bEIrRk9IQzlwTlpPbUhzTU1iQzdwTE0ybUN3RUdxSk1raVIrYklaemdpRVU3cUFkK2tQbHgwWG5QNm5YODFqQT09fA&cppv=2

Request Chain 125

• https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=Aum0319uT1hhTFk4WlVQdXdiRzc0OFclMkZVRnk1a0RRdFVBeHo4RCUyRmJzdlhaZXFQbmJvemw0Zm4wWFhvQnNFZmttUmxPOW1YYjFYeUI2VTlxNzl0VmhZc0s4S3hzVkV5QW9UR3JYMkZ6OXRRV2RPdjhFb2o5dSUyRlZDMUhTT2N0Q0tudlo0cSUyRmx6R0xaQjFCMmRhNER4UncxckRnUSUzRCUzRA&cw=1&lsw=1&topicsavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=-fPyC3xaN0FuMTJ5eHlIZmFNaTl4Ym02SVFPKzNEckhhVnhENE1tTGMxYXk0UG1KVHdSVXc0TllMWEZ1K0NQK2gwZU9tN1NWSzIwQis1RGUyK1JzTzJLbm01Q1Y3V2RyTFkxYkgvOTMrNXBwckIyNjlBdzc5REgzWGZTMURidllYeHRZRVZiMDdyUjZITFh3T2pXSGwwejlwS1UrVHV3Y0ExM1ZVSGoxbG5uVVlpaC9xV0JQNXcvNU5XSWtTN1gwbWZuU1pvbFJvUjRvaVpncUtUaGRQQ1NJVnJNRmUwcXcvcXcvQ29MNC9CbVdqWVZISGpKbXBGbDRrbkVKN3ZIUE1JNlRyUjB2cjY4c21sL2tNK0gxcmlOdnNPdz09fA&cppv=2

Request Chain 126

• https://ads.aralego.com/sdk HTTP 301
• https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 127

• https://ads.aralego.com/sdk HTTP 301
• https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 146

• https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=k4YQS3xlK2FCYTZjNXVRQ2dwY1NuMytRZUFBU2FKVlJiUStDbDF4YkpWZmtITHFuNjVPMGJMcGRSTS9JeURiVHhIYm56WmZsek05b0c4NjhSOEJQU0NpRHhweVJCNkdDTXJyZE5zZ1Z4V3lQK2VzT2hoa2JGU1VZVE5CcG8rTUtxOHZka1kyeldxSWRPa2ZJaldLWlk0Mzg0UER4Z1dJeDlDd1BxTEJNcjJtUnlBb0tsRnhIOVdqZWF2QklxOE5LRXVUQTBjM1dlY1RJNEszbnMwQ283NUEyQ0ZQcmNpZ2I5RFgrZkZua1Uyblc0dmRxVXV2dmV6M0phNWZpUGJHcUl6SzhENlJ6Y1Rrd3dFRDRFcW9PMzluVEJRbnhOdTVkZlhXUUtDUm1RN2JhYTVpaz18&cppv=2

Request Chain 153

• https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=9xHz9nw5ME8rRlhmRVU5K2xiWEk3dzdPbzlUMVhtMVNETUg1M1BQazhlUHNoUzhQOGF2a0RxOVgxQlJMM1lRcHUzSUNRNnlCSkxJcHczQTAzV3JkWWJhb2RuaVpqTnF4cm1NbWhiUmQ2T3U4ZXJjK0tBYzQwVFAvYnp4dHlETzhOSmpUcjBESDdiNmRoQlJvaVlDb2gxR0pYRXdpa2Era3U3VzYrQ2JZb0Q4MlhrL3NiQVg1VDdFNjQraWkyVEFacExOMEFwZUhKSkNIcjNwa3hZd2Y3cW5Sbm1PcVhvNDJ6aldSWjZFZmN3TXlTNCs3OHpOcStxOGpsSDdlQUlQUFlOK3p5UkZGU1BKN01qOUpkYmJNa0k2SkpMUT09fA&cppv=2

Request Chain 155

• https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1FBMjAyMjA1MTAwOTU4MDY1NDEyNDU%3d&layout=js HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q1FBMjAyMjA1MTAwOTU4MDY1NDEyNDU%3D&layout=js&google_tc= HTTP 302
• https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJrFbhLtdmXKb1KuDNczWM8&google_cver=1&google_ula=3918219,0

Request Chain 156

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
• https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 161

• https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0xBMjAyMjA1MTAwOTU4MDY2MTA4Mzg%3d&layout=js HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q0xBMjAyMjA1MTAwOTU4MDY2MTA4Mzg%3D&layout=js&google_tc= HTTP 302
• https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEFNQdma8KMOw0GrBgQdC3pY&google_cver=1&google_ula=3918219,0

Request Chain 162

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
• https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 197

• https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=L2ZI70O3-Q-8GT5 HTTP 302
• https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L2ZI70O3-Q-8GT5

Request Chain 207

• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=82_bokfKQGuw_voS4BhcAw&rk=usync-na HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=82_bokfKQGuw_voS4BhcAw

Request Chain 208

• https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjMwOTY4ZWY1MjNiOWUxNzcwMWRiYmFjZDIxY2I3Y2E2YWM0MWQ1Nw

Request Chain 209

• https://match.adsrvr.org/track/cmf/rubicon HTTP 302
• https://match.adsrvr.org/track/cmb/rubicon HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=408ffd6b-ae5c-41f6-bfad-3d3ba158f88a&gdpr=0&gdpr_consent=&expires=30

Request Chain 210

• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LwEXzeEhS6CPrkh988kgqA&rk=usync-other HTTP 302
• https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LwEXzeEhS6CPrkh988kgqA

Request Chain 211

• https://token.rubiconproject.com/token?pid=25470 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJaSTcwTzMtUS04R1Q1

Request Chain 212

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/rubicon/X5W3G1gG1klvvW_3MkObfA?csrc= HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2619921606560340688

Request Chain 213

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELgl-qnuDcK22nAVH_IbHFU&google_cver=1

Request Chain 227

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=SVn763x0OHgydURaSzFtVjYxMDBlR3AwbE0wWjR1K3BNM0lBOS9CY0gxUFVkOVIyQTNVRGNPa2grTUhpcEh2TnVFZEtPaFlJcVk0RlZyZStiYWp4QytRdTRTaTBwUlFON0RpRXNHZWF4UG5oUkxMdEkyVko2aWoyNUpwMnJmNXZxODZ2SWxzYncxVDdSbitscXlPMUZia2hwYXloelZncG5MN0VhVUdFR2FDU0R2NHZhdnlBQXp4RUVDeHQyVEM0disvYllmRTVja0hvQ2VaNlRVR0tMaXI1alh3V2Z1RTJTc1ptQk5VYUpGbzZRNmN0ejg5SndJSjBFdkxMdndsb21hQVJ2bWhtTjRRQ1p3cGNoMUdaTHU1K2pmcnV3RWJLODdBbG5STGg0U1FQQ3NyND18&cppv=2

Request Chain 231

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=tVCyY3w2c0Q5T1BhQ2ZsSjJqODJQM2hQenphVzRwRlYvcmtGM0JMNWN1STBPNitHZDk3KzZnWWZDd1FxRU5sMTZodVpqcEtJMDdRL3E3dCtZWWpwcDRrU2JtWGJOV3JlSStvaStLUDIxdVRkdGJwSDVyTTEvUG9Xcm5pNUJ3K1F2K3llRWdQNXBkZnpUZWpWV0tuUkUyRjNqNFRjb244bmpFN25MVW4yNXN4amVwdlU0d05qbDAwTE5ydEpwRm9pUVhndVNlSGpRb01EaTJhaU9lTXJqZzFJRFZFSUJ1SlEyV21MbTh0QlMzWTQ3NC9hRGVjQkVvNnZEY0dpd0hoV0pXV3JueFBVSEswNFk2MHlmTmV4VkxQUGozU1EwSXcxU1NaZmprNkdWUEFVN3U5MD18&cppv=2

235 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request b2gxzv Show response reurl.cc/	7 KB 2 KB	608ms 195ms	Document text/html	35.185.130.121 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 121.130.185.35.bc.googleusercontent.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 2a4102d4b0a438e39366cdf2a1a408ce9a4efc526cc645e29dea70ddc28311af Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 10 May 2022 01:58:04 GMT server nginx/1.18.0 (Ubuntu) vary Accept-Encoding
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/	152 KB 25 KB	47ms 22ms	Stylesheet text/css	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 4293320 x-jsd-version 4.3.1 x-cache HIT, MISS cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19143-FRA, cache-yyz4530-YYZ timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3pZ0VQY%2B9IuwKvvCN0VSrR%2B%2BxcLAJM1qXc59osM5SqGu%2BBFPHkpnTUUVDKlfUu4j4K%2FegI8tLu%2FQ38BU2VOo7Zr5fEwwKnBBvUnFvmEPuN1NqlZ4k%2B4eAxm%2B7fyEe5CtWsq1VQJZLE3Kd1v33A%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 708f1156ffb04bcb-YUL
GET H2	200	style.css storage.reurl.cc/stylesheets/rwd/	3 KB 1 KB	59ms 12ms	Stylesheet text/css	34.149.98.30 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.reurl.cc/stylesheets/rwd/style.css Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 30.98.149.34.bc.googleusercontent.com Software / Resource Hash e32272da242ceb6ecfad754975bc09782c6229a7a46c58e46cec347aab22be64 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:47:17 GMT via 1.1 google last-modified Thu, 05 May 2022 00:38:33 GMT age 647 vary Accept-Encoding content-type text/css; charset=utf-8 cache-control public,max-age=28800 content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1091
GET H2	200	pixel.js Show response storage.reurl.cc/javascripts/	470 B 448 B	60ms 14ms	Script application/javascript	34.149.98.30 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.reurl.cc/javascripts/pixel.js Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 30.98.149.34.bc.googleusercontent.com Software / Resource Hash 6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 09 May 2022 22:12:56 GMT via 1.1 google last-modified Sun, 08 Aug 2021 17:07:38 GMT age 13508 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=28800 content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 363
GET H2	200	vue.min.js Show response cdn.jsdelivr.net/npm/vue@2.6.11/dist/	91 KB 35 KB	56ms 32ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/vue@2.6.11/dist/vue.min.js Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 4293234 x-jsd-version 2.6.11 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19174-FRA, cache-yyz4541-YYZ timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"16de6-q9I58ClmstMksFEsIDvbr4Kk7Xo" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2jG23M9ZvFwRhTq%2FQof6r%2FgdsyfBtQtry3MKeZu4AP07cTCievmK7PuhBv%2F5q3kyHHGjwjRpD2z%2F02stuW2fIqQFpV5ndMhlq8wCW0iuPWjnHWw1b4dIrzfsvPcG9CBhLFWDsTETIvtj3OSP7g%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 708f1156ffb24bcb-YUL
GET H2	200	renews.js Show response reurl.cc/javascripts/	698 B 561 B	195ms 194ms	Script application/javascript	35.185.130.121 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://reurl.cc/javascripts/renews.js Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 121.130.185.35.bc.googleusercontent.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/b2gxzv User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:04 GMT content-encoding gzip last-modified Thu, 05 May 2022 00:38:33 GMT server nginx/1.18.0 (Ubuntu) etag W/"62731c89-2ba" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 expires Wed, 10 May 2023 01:58:04 GMT
GET H2	200	ysm_reurl.js Show response ad.sitemaji.com/	17 KB 6 KB	47ms 15ms	Script application/javascript	35.186.215.140 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.sitemaji.com/ysm_reurl.js Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 140.215.186.35.bc.googleusercontent.com Software nginx/1.12.1 (Ubuntu) / Resource Hash 8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 09 May 2022 12:05:38 GMT via 1.1 google last-modified Thu, 20 Jun 2019 08:55:05 GMT server nginx/1.12.1 (Ubuntu) age 49946 etag W/"5d0b49e9-4488" vary Accept-Encoding, Accept-Encoding content-type application/javascript cache-control max-age=86400,public content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5880 expires Tue, 10 May 2022 12:05:38 GMT
GET H2	200	ad.js Show response img.scupio.com/js/	73 KB 23 KB	90ms 31ms	Script application/javascript	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/ad.js Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 397d47eb62c6229708a26e1508968d945ef01efb276fd08d393e7d0a62d2bb0f Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:53:28 GMT content-encoding gzip last-modified Mon, 09 May 2022 03:28:15 GMT server nginx/1.12.1 age 295 etag W/"62788a4f-12557" vary Origin x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 via 1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront) cache-control max-age=900 x-amz-cf-pop JFK51-C1 x-amz-cf-id vby6QZTxXpOWxG-W44JPvtW9Nhqo1ILM4XmqBzBTszLbf83YanztJg== expires Tue, 10 May 2022 02:08:09 GMT
GET H2	200	init.js Show response cdn.holmesmind.com/js/	6 KB 7 KB	84ms 37ms	Script application/javascript	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/init.js Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) last-modified Fri, 04 Mar 2022 10:10:49 GMT server AmazonS3 age 8 etag "439e160b698f1ec2efb45c3b6cd6b265" x-cache Hit from cloudfront content-type application/javascript date Tue, 10 May 2022 01:58:04 GMT x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 6552 x-amz-cf-id Za5DJpyetGqRnjvzPpG2QM9Bd8aZuwypZTqr0keI2FJ-G5CAoyqK4Q==
GET H2	200	ga2.js Show response storage.reurl.cc/javascripts/	618 B 502 B	58ms 13ms	Script application/javascript	34.149.98.30 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.reurl.cc/javascripts/ga2.js?v=2 Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 30.98.149.34.bc.googleusercontent.com Software / Resource Hash 9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 09 May 2022 18:10:41 GMT via 1.1 google last-modified Thu, 24 Mar 2022 12:16:16 GMT age 28043 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public,max-age=28800 content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 389
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 27 KB	56ms 18ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: storage.reurl.cc URL: https://storage.reurl.cc/javascripts/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top content-security-policy-report-only default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26311 x-xss-protection 0 pragma public x-fb-debug f2Ni71q0CAiGOJ7wum+8A0JJ1/D/AwNKn0wZ43JjqB9YbiHW0u3sMXO9EBCbRLqPcs+GjcGjL/c9F/lCseQR2A== x-fb-trip-id 2050670934 x-frame-options DENY date Tue, 10 May 2022 01:58:04 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	1675200226052423 Show response connect.facebook.net/signals/config/	39 KB 11 KB	19ms 18ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1675200226052423?v=2.9.58&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 304ea74430b7019ec5c14f66f67b2ad7db344b9ef475ce19c68eec84a921ee85 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 10954 x-xss-protection 0 pragma public x-fb-debug hNA5LuSphZndhZflxdJsiZqXZ5EEe7eUXpA25MxLdM6gupEq+BCp0cEjKRig2Eu5cklqZh8n+wAGEfSXBxJR1Q== x-fb-trip-id 2050670934 x-frame-options DENY date Tue, 10 May 2022 01:58:04 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 407 B	56ms 18ms	Image image/gif	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2Fb2gxzv&rl=&if=false&ts=1652147884784&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=28&fbp=fb.1.1652147884783.1554641438&it=1652147884750&coo=false&exp=p0&rqm=GET Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:04 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Tue, 10 May 2022 01:58:04 GMT
GET H2	200	feeds Show response storage.re-news.tw/	5 KB 5 KB	300ms 197ms	XHR text/html	35.244.196.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.re-news.tw/feeds Requested by Host: reurl.cc URL: https://reurl.cc/javascripts/renews.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.196.244.35.bc.googleusercontent.com Software / Express Resource Hash bbb6ee647dad4da7f67082c373fdc52312b46af9f819ea30765d7e7e28c076dd Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT via 1.1 google etag W/"1519-lrs85YY58otYM064XCQzbn330ww" x-powered-by Express vary Origin content-type text/html; charset=utf-8 access-control-allow-origin https://reurl.cc alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5401
GET H2	200	page.php Show response www.facebook.com/plugins/ Frame 1A04	15 KB 9 KB	115ms 100ms	Document text/html	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash eeabf71a534363d426e9d0dfd36856bae0616e04e255b73de11d7158fe41c5c0 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none date Tue, 10 May 2022 01:58:04 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT pragma no-cache strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug zEmdnetBqJimdujZ6JUMzAaRbd+0y84hRM7jgIh0HnCiFiKLraTUy8qULsxenYunmrUMJTwuln9DvBsLBncxMQ== x-fb-rlafr 0 x-xss-protection 0
GET H2	200	17229.json Show response img.scupio.com/js/config/	460 B 852 B	64ms 21ms	XHR application/json	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/config/17229.json?v=1.0.3839 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/ad.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 8574129e3cbe7f48d4583ade78e787894322472e285bece9eba491e9963a9a2b Request headers Accept application/json, text/javascript, */* Referer https://reurl.cc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Tue, 10 May 2022 01:57:18 GMT via 1.1 086617c9385713660fb060f989a2a626.cloudfront.net (CloudFront) last-modified Mon, 09 May 2022 02:21:53 GMT server nginx/1.12.1 age 248 etag "62787ac1-1cc" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=10800 x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 460 x-amz-cf-id ccIUuHvEjnm5qEwq10nZleuYDR8VUdX-OXqCAL1N-QRRQcqCPt2_3Q== expires Tue, 10 May 2022 04:53:56 GMT
POST H/1.1	200 OK	adreqlog.aspx Show response bw.scupio.com/adpinline/	0 711 B	1058ms 209ms	XHR application/json	210.59.219.180 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.15559777253250417 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/ad.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/javascript, */* Referer https://reurl.cc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Tue, 10 May 2022 01:58:05 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET P3P CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA " Access-Control-Allow-Origin https://reurl.cc Cache-Control private Access-Control-Allow-Credentials true Content-Type application/json Content-Length 0
GET H2	200	ad.html Show response img.scupio.com/html/ Frame AB3D	82 KB 22 KB	25ms 25ms	Document text/html	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/html/ad.html?v=1.0.61 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/ad.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 88de5f95fea91d43e84cba58bbc21573c9f9f2a6d45b3bdd8af60295903c88c4 Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 726 cache-control max-age=2592000 content-encoding gzip content-type text/html; charset=utf-8 date Tue, 10 May 2022 01:46:52 GMT etag W/"61de6c52-148ff" expires Thu, 09 Jun 2022 01:45:58 GMT last-modified Wed, 12 Jan 2022 05:51:14 GMT server nginx/1.12.1 vary Origin via 1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront) x-amz-cf-id pXomD43pyge3oTAsiC57VMMIczDLq6U1hO5u9iV7RKXyTVtiYsQ2kA== x-amz-cf-pop JFK51-C1 x-cache Hit from cloudfront
GET H2	200	17253.json Show response img.scupio.com/js/config/	461 B 850 B	69ms 35ms	XHR application/json	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/config/17253.json?v=1.0.3839 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/ad.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash ed0b417175ae4122e6688146415e4730f294283f55ef9ef799b8edafd0341b4d Request headers Accept application/json, text/javascript, */* Referer https://reurl.cc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Tue, 10 May 2022 01:57:19 GMT via 1.1 086617c9385713660fb060f989a2a626.cloudfront.net (CloudFront) last-modified Mon, 09 May 2022 02:21:53 GMT server nginx/1.12.1 age 44 etag "62787ac1-1cd" x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=10800 x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 461 x-amz-cf-id TqAQo6IMf_c0n02UdSdwioAh1jTSuvF19kdkgBIotePR4CWw91XjIg== expires Tue, 10 May 2022 04:57:19 GMT
POST H/1.1	200 OK	adreqlog.aspx Show response bw.scupio.com/adpinline/	0 711 B	1106ms 219ms	XHR application/json	210.59.219.180 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.20245665093791554 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/ad.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/javascript, */* Referer https://reurl.cc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Tue, 10 May 2022 01:58:05 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET P3P CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA " Access-Control-Allow-Origin https://reurl.cc Cache-Control private Access-Control-Allow-Credentials true Content-Type application/json Content-Length 0
GET H2	200	ad.html Show response img.scupio.com/html/ Frame 9C75	82 KB 22 KB	22ms 22ms	Document text/html	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/html/ad.html?v=1.0.61 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/ad.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 88de5f95fea91d43e84cba58bbc21573c9f9f2a6d45b3bdd8af60295903c88c4 Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 726 cache-control max-age=2592000 content-encoding gzip content-type text/html; charset=utf-8 date Tue, 10 May 2022 01:46:52 GMT etag W/"61de6c52-148ff" expires Thu, 09 Jun 2022 01:45:58 GMT last-modified Wed, 12 Jan 2022 05:51:14 GMT server nginx/1.12.1 vary Origin via 1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront) x-amz-cf-id QR1Ss1Etm5v6Cw9W3RZusPJWwpKIXdI7-adRw2a4xMIqcnUZw8KFVw== x-amz-cf-pop JFK51-C1 x-cache Hit from cloudfront
GET H2	200	capmapping.htm Show response cdn.holmesmind.com/js/ Frame FA34	3 KB 3 KB	36ms 35ms	Document text/html	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/capmapping.htm Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 41 content-length 3044 content-type text/html date Tue, 10 May 2022 01:57:28 GMT etag "b585383190cc538c34a520974872d918" last-modified Thu, 24 Mar 2022 11:21:34 GMT server AmazonS3 via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) x-amz-cf-id aVYrwu6J8WjrMwRi2ORnJcZyqmggi1eOlngiOeeMVz00zTKJvUR_Cw== x-amz-cf-pop JFK51-C1 x-amz-version-id bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx x-cache Hit from cloudfront
GET H2	200	edmp_init.js Show response cdn.holmesmind.com/js/	662 B 1013 B	43ms 43ms	Script application/javascript	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/edmp_init.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id null via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) last-modified Fri, 12 Mar 2021 02:45:40 GMT server AmazonS3 age 20 etag "f58f8a90686f8ffb3325107e8a788b71" x-cache Hit from cloudfront content-type application/javascript date Tue, 10 May 2022 01:58:04 GMT x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 662 x-amz-cf-id 9tkg3rpFdIgdFQjjFOsG3RJ26KAZNowmB6JzwPAGg6EeaE6cLU9-lQ==
GET H2	200	presetfn.js Show response cdn.holmesmind.com/js/ Frame 382B	6 KB 6 KB	24ms 24ms	Script application/javascript	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/presetfn.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id TffX4.BvLss5nGbaNkDOhki_IqknqyWa via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) last-modified Fri, 18 Mar 2022 03:26:21 GMT server AmazonS3 age 7 etag "8de5f5c245a6377bb4dc88fbf8c0c6f5" x-cache Hit from cloudfront content-type application/javascript date Tue, 10 May 2022 01:58:02 GMT x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 6093 x-amz-cf-id VCHhrsjhWJImbiNvjIFXjdEzZ_0pTbPbh08_7ybWuwwk8IdXcH3Jfg==
GET H2	200	presetfn.js Show response cdn.holmesmind.com/js/ Frame 1BF3	6 KB 6 KB	20ms 20ms	Script application/javascript	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/presetfn.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id TffX4.BvLss5nGbaNkDOhki_IqknqyWa via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) last-modified Fri, 18 Mar 2022 03:26:21 GMT server AmazonS3 age 7 etag "8de5f5c245a6377bb4dc88fbf8c0c6f5" x-cache Hit from cloudfront content-type application/javascript date Tue, 10 May 2022 01:58:02 GMT x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 6093 x-amz-cf-id vfrnEb-RR3fky9AWbxMwCU0aCAz8yOEbtKhIUZPSAnz63ln-bxbnsA==
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	66ms 19ms	Script text/javascript	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: storage.reurl.cc URL: https://storage.reurl.cc/javascripts/ga2.js?v=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 4450 date Tue, 10 May 2022 00:43:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 10 May 2022 02:43:54 GMT
GET H3	200	reurl_passback.js Show response ad.sitemaji.com/native/ Frame 821F	15 KB 5 KB	218ms 195ms	Script application/javascript	35.186.215.140 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc Requested by Host: ad.sitemaji.com URL: https://ad.sitemaji.com/ysm_reurl.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 140.215.186.35.bc.googleusercontent.com Software nginx/1.12.1 (Ubuntu) / Resource Hash 9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:17:38 GMT via 1.1 google last-modified Thu, 29 Aug 2019 10:21:10 GMT server nginx/1.12.1 (Ubuntu) age 2427 etag W/"5d67a716-3bbe" vary Accept-Encoding, Accept-Encoding content-type application/javascript cache-control max-age=86400,public content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5256 expires Wed, 11 May 2022 01:17:38 GMT
GET H2	200	sdk Show response cdn.aralego.net/ucfad/sdk/us-east/ Redirect Chain https://agent.aralego.com/sdk https://cdn.aralego.net/ucfad/sdk/us-east/sdk	42 KB 43 KB	48ms 22ms	Script application/octet-stream	2606:4700:20::ac43:47fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aralego.net/ucfad/sdk/us-east/sdk Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Server 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3508 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43274 last-modified Thu, 10 Feb 2022 09:21:22 GMT server cloudflare etag "6204d912-a90a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFvmSSASqzeMuSBtcSADdSQNDypRs%2F9n1s8eakltz0L%2FEfhILX0CVMy9g82yhyW7OyMV3O4Q%2FwhkVoXbfAr95np%2FyVoCVMRWOXQma%2FRidPNdswjEoZHMSh7lnPDH4tkO9TQtfltVRnHIclqHPw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 access-control-allow-credentials true accept-ranges bytes cf-ray 708f11597d224bb8-YUL Redirect headers location https://cdn.aralego.net/ucfad/sdk/us-east/sdk connection close content-length 0
GET H3	200	reurl_passback.js Show response ad.sitemaji.com/native/ Frame BB80	15 KB 5 KB	207ms 193ms	Script application/javascript	35.186.215.140 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.sitemaji.com/native/reurl_passback.js?s=300x250_mobile Requested by Host: ad.sitemaji.com URL: https://ad.sitemaji.com/ysm_reurl.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 140.215.186.35.bc.googleusercontent.com Software nginx/1.12.1 (Ubuntu) / Resource Hash 9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:17:38 GMT via 1.1 google last-modified Thu, 29 Aug 2019 10:21:10 GMT server nginx/1.12.1 (Ubuntu) age 2427 etag W/"5d67a716-3bbe" vary Accept-Encoding, Accept-Encoding content-type application/javascript cache-control max-age=86400,public content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5256 expires Wed, 11 May 2022 01:17:38 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 9C75	95 KB 34 KB	70ms 20ms	Script text/javascript	2607:f8b0:4006:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::200a Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 00:45:21 GMT content-encoding gzip x-content-type-options nosniff age 4363 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33951 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 10 May 2023 00:45:21 GMT
GET H2	200	prebid.js Show response img.scupio.com/js/ Frame 9C75	236 KB 83 KB	31ms 30ms	Script application/javascript	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/prebid.js?v=5.20.0 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash f0276a30a4a4e452906175d089e368cfd6a230ef1a7f6c4021dc2f68c681404e Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/html/ad.html?v=1.0.61 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:54:51 GMT content-encoding gzip last-modified Wed, 20 Apr 2022 04:15:06 GMT server nginx/1.12.1 age 193 etag W/"625f88ca-3b04e" vary Origin x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 via 1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop JFK51-C1 x-amz-cf-id y8ZECGGsZ1YHcSYYc_pN_3Xuy9FwZj4axcLCu6KDSIMLqA9pJWDi6g== expires Thu, 09 Jun 2022 01:54:51 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame AB3D	95 KB 33 KB	82ms 42ms	Script text/javascript	2607:f8b0:4006:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::200a Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 00:45:21 GMT content-encoding gzip x-content-type-options nosniff age 4363 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33951 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 10 May 2023 00:45:21 GMT
GET H2	200	prebid.js Show response img.scupio.com/js/ Frame AB3D	236 KB 83 KB	39ms 39ms	Script application/javascript	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/prebid.js?v=5.20.0 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash f0276a30a4a4e452906175d089e368cfd6a230ef1a7f6c4021dc2f68c681404e Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/html/ad.html?v=1.0.61 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:54:51 GMT content-encoding gzip last-modified Wed, 20 Apr 2022 04:15:06 GMT server nginx/1.12.1 age 193 etag W/"625f88ca-3b04e" vary Origin x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 via 1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop JFK51-C1 x-amz-cf-id 3Up2fv42LjUOjzvcS26r_cIseoThJsBGthUhic86AU5PfnlXOeF1rw== expires Thu, 09 Jun 2022 01:54:51 GMT
GET H2	200	cm.php Show response fcm.holmesmind.com/ Frame 2278	39 B 191 B	239ms 190ms	Document text/html	34.95.67.231 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fcm.holmesmind.com/cm.php Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/capmapping.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 231.67.95.34.bc.googleusercontent.com Software Apache/2.4.29 (Ubuntu) / Resource Hash d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795 Request headers Referer https://cdn.holmesmind.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39 content-type text/html; charset=UTF-8 date Tue, 10 May 2022 01:58:05 GMT server Apache/2.4.29 (Ubuntu) via 1.1 google
GET H2	200	utag.js Show response t.ssp.hinet.net/ Frame FA34	4 KB 2 KB	610ms 200ms	Script application/javascript	203.75.214.136 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://t.ssp.hinet.net/utag.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/capmapping.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 203-75-214-136.hinet-ip.hinet.net Software nginx / Resource Hash 1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.holmesmind.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip last-modified Wed, 23 Feb 2022 08:43:40 GMT server nginx etag W/"6215f3bc-11a3" vary Accept-Encoding content-type application/javascript cache-control max-age=600 strict-transport-security max-age=0 expires Tue, 10 May 2022 02:08:05 GMT
GET H3	200	cm c.holmesmind.com/ Frame FA34 Redirect Chain https://c.holmesmind.com/cm https://c.holmesmind.com/cm?tc=getIn&	0 16 B	69ms 44ms	Image text/html	35.201.76.93 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://c.holmesmind.com/cm?tc=getIn& Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/capmapping.htm Protocol H3 Server 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 93.76.201.35.bc.googleusercontent.com Software nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.holmesmind.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT via 1.1 google server nginx/1.10.3 (Ubuntu) x-powered-by PHP/7.0.18-0ubuntu0.17.04.1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type text/html; charset=UTF-8 Redirect headers location https://c.holmesmind.com/cm?tc=getIn& date Tue, 10 May 2022 01:58:04 GMT via 1.1 google server nginx/1.10.3 (Ubuntu) x-powered-by PHP/7.0.18-0ubuntu0.17.04.1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type text/html; charset=UTF-8
GET H2	200	Preset.js Show response adcdn.holmesmind.com/adserver/ Frame 382B	1 KB 743 B	85ms 29ms	Script text/html	2600:9000:21ec:fa00:3:1794:2540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adcdn.holmesmind.com/adserver/Preset.js?z=12679 Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:fa00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 8ee681f0bb7f3858fabe40f96b8d7b2efa7afc4e8bddb8b434b9cf25d49a09f4 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:57:18 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) age 46 vary Accept-Encoding x-cache Hit from cloudfront content-type text/html; charset=UTF-8 access-control-allow-origin https://reurl.cc access-control-allow-credentials true x-amz-cf-pop JFK51-C1 x-amz-cf-id u92HM2K92Q9oPdygjOLp2BjgDIPjuI9iyh0bdv89IVHsy1yxMzy9RQ== via 1.1 5c13c9f75e6e6d54f428b6693f8ee6e2.cloudfront.net (CloudFront)
GET H2	200	Preset.js Show response adcdn.holmesmind.com/adserver/ Frame 1BF3	721 B 682 B	90ms 35ms	Script text/html	2600:9000:21ec:fa00:3:1794:2540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adcdn.holmesmind.com/adserver/Preset.js?z=12678 Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:fa00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash e041833f21801d44d6986412dda5e56d9ea6eef6043e58f016be7790d945127b Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:57:18 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) age 46 vary Accept-Encoding x-cache Hit from cloudfront content-type text/html; charset=UTF-8 access-control-allow-origin https://reurl.cc access-control-allow-credentials true x-amz-cf-pop JFK51-C1 x-amz-cf-id qYqBsmN1vkyEB3kywS4vSLq6A7CDtuzpWIclt1dkb_7WQiDsXnKQWw== via 1.1 5c13c9f75e6e6d54f428b6693f8ee6e2.cloudfront.net (CloudFront)
GET H2	200	mDq0f2QLj17.css static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ Frame 1A04	18 KB 5 KB	60ms 18ms	Stylesheet text/css	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/mDq0f2QLj17.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6ccde1fd7072ebe8f8a5b3da6f2027ab1e4939ec932b1bb2e201eab4e300e9a0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:04 GMT content-encoding br x-content-type-options nosniff content-md5 8RzXil7hp8+O6twJy5Wz5A== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 4682 x-fb-rlafr 0 x-fb-debug 2bB/O83ua9PYLqo+w+RAOMvIx3rStM05VH5g/pU34acTHYrJvSWCtevJcN7gxFIIzQhBTlNzlVVnYVA4rtP9eg== x-fb-trip-id 1512268381 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type text/css; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Tue, 09 May 2023 14:01:20 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	75ms 34ms	XHR text/plain	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=44055575&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fb2gxzv&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=9146711&gjid=1833338590&cid=780713007.1652147885&tid=UA-102456694-1&_gid=658840823.1652147885&_r=1&_slc=1&z=189737225 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://reurl.cc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 10 May 2022 01:58:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://reurl.cc cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	59ms 20ms	Image image/gif	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=44055575&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fb2gxzv&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=&el=&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=780713007.1652147885&tid=UA-102456694-1&_gid=658840823.1652147885&z=3756456 Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Mon, 09 May 2022 09:25:56 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 59529 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads.js Show response ad.holmesmind.com/adserver/ Frame 382B	2 KB 1 KB	829ms 285ms	Script text/html	54.178.238.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ad.holmesmind.com/adserver/ads.js?z=12679&rf=https%3A%2F%2Freurl.cc%2Fb2gxzv&n=328&o=1&d=1&b=2&ts=1&ii=3&FPCK=2565-USsUMMEn5JATCYV0Lv9VXmk5drxNMZQr&initver=210830P Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.178.238.15 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-178-238-15.ap-northeast-1.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 0b065fc8b620c317ec50b6f081ac3a1cac0e186ded95158c30b98282b02fbf5a Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers access-control-allow-origin https://reurl.cc date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip access-control-allow-credentials true server nginx/1.14.0 (Ubuntu) vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	rtbhouseV2.js Show response cdn.holmesmind.com/js/ Frame 382B	3 KB 3 KB	33ms 32ms	Script application/javascript	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/rtbhouseV2.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id null via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) last-modified Tue, 04 Aug 2020 09:25:10 GMT server AmazonS3 age 57 etag "6a605eea47197fa280f27aaf1fa1521d" x-cache Hit from cloudfront content-type application/javascript date Tue, 10 May 2022 01:57:16 GMT x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 2773 x-amz-cf-id zPbMew1kUXETJRVy7eu7jGbAlxC0Zie87RL9PcTqztmGF0UJ1qQeYw==
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/ Frame 382B	119 KB 39 KB	121ms 70ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip last-modified Tue, 03 May 2022 11:21:03 GMT server nginx etag W/"6271101f-1dc01" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 11 May 2022 01:58:05 GMT
GET H2	200	criteoV2.js Show response cdn.holmesmind.com/js/ Frame 382B	2 KB 3 KB	33ms 31ms	Script application/javascript	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/criteoV2.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id null via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) last-modified Tue, 04 Aug 2020 09:25:12 GMT server AmazonS3 age 48 etag "e8f33fcb581483ced4a09b3c8e7550e4" x-cache Hit from cloudfront content-type application/javascript date Tue, 10 May 2022 01:57:18 GMT x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 2443 x-amz-cf-id SanM3CuIn3hoaW5F_i66u-IGpaAI8N82IX6yKygwBV55dgmyqPVTxQ==
GET H2	200	appierV2.js Show response cdn.holmesmind.com/js/ Frame 382B	3 KB 3 KB	60ms 58ms	Script application/javascript	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/appierV2.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id null via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) last-modified Thu, 11 Mar 2021 07:54:26 GMT server AmazonS3 age 39 etag "548ed610a8571343fb3022f543174735" x-cache Hit from cloudfront content-type application/javascript date Tue, 10 May 2022 01:58:05 GMT x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 3177 x-amz-cf-id PLF9Jp609XObtFyXJ6M-ZaRNtHxcZJo7vIHb3DKjJNvLNF1P0H76sA==
GET H2	200	appier_mainV3.js Show response cdn.holmesmind.com/js/ Frame 382B	3 KB 3 KB	59ms 58ms	Script application/javascript	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/appier_mainV3.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id null via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) last-modified Fri, 15 Oct 2021 07:41:44 GMT server AmazonS3 age 37 etag "adc35fd9401ac04bdb2a47c466e46174" x-cache Hit from cloudfront content-type application/javascript date Tue, 10 May 2022 01:58:05 GMT x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 2568 x-amz-cf-id ypGArxlURKGZUEM8a8XcVrYVOHvjQdbfEXtThKLIuYiEE09_8COQ9A==
GET H2	200	ads.js Show response ad.holmesmind.com/adserver/ Frame 1BF3	2 KB 1 KB	770ms 270ms	Script text/html	54.178.238.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ad.holmesmind.com/adserver/ads.js?z=12678&rf=https%3A%2F%2Freurl.cc%2Fb2gxzv&n=397&o=1&d=1&b=2&ts=1&ii=3&FPCK=2565-USsUMMEn5JATCYV0Lv9VXmk5drxNMZQr&initver=210830P Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.178.238.15 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-178-238-15.ap-northeast-1.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 7c4e2e52d391be4ad96f49da87d0312c5b98e9a0b15446d0b895e90b7dde55ce Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers access-control-allow-origin https://reurl.cc date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip access-control-allow-credentials true server nginx/1.14.0 (Ubuntu) vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	rtbhouseV2.js Show response cdn.holmesmind.com/js/ Frame 1BF3	3 KB 3 KB	24ms 20ms	Script application/javascript	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/rtbhouseV2.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id null via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) last-modified Tue, 04 Aug 2020 09:25:10 GMT server AmazonS3 age 57 etag "6a605eea47197fa280f27aaf1fa1521d" x-cache Hit from cloudfront content-type application/javascript date Tue, 10 May 2022 01:57:16 GMT x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 2773 x-amz-cf-id eTZ0GT1wJJV3AiijBn_gDb7yG20hdTaIjXpcX2kp1yeco750a_xInA==
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/ Frame 1BF3	119 KB 39 KB	54ms 47ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip last-modified Tue, 03 May 2022 11:21:03 GMT server nginx etag W/"6271101f-1dc01" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 11 May 2022 01:58:05 GMT
GET H2	200	criteoV2.js Show response cdn.holmesmind.com/js/ Frame 1BF3	2 KB 3 KB	24ms 21ms	Script application/javascript	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/criteoV2.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id null via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) last-modified Tue, 04 Aug 2020 09:25:12 GMT server AmazonS3 age 48 etag "e8f33fcb581483ced4a09b3c8e7550e4" x-cache Hit from cloudfront content-type application/javascript date Tue, 10 May 2022 01:57:18 GMT x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 2443 x-amz-cf-id sB3XASZHmWaYnA5UFUMpae5GeI2d7pwa5G-qwLD5n2Ppv9k9ivRXsQ==
GET H2	200	appierV2.js Show response cdn.holmesmind.com/js/ Frame 1BF3	3 KB 3 KB	25ms 22ms	Script application/javascript	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/appierV2.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id null via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) last-modified Thu, 11 Mar 2021 07:54:26 GMT server AmazonS3 age 39 etag "548ed610a8571343fb3022f543174735" x-cache Hit from cloudfront content-type application/javascript date Tue, 10 May 2022 01:58:05 GMT x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 3177 x-amz-cf-id 8PsRrB_6qCrkgw0jJPWlngQENUlYJw8cROVDCBw9xzPWpuinaJ1w0A==
GET H2	200	appier_mainV3.js Show response cdn.holmesmind.com/js/ Frame 1BF3	3 KB 3 KB	26ms 23ms	Script application/javascript	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/appier_mainV3.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id null via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) last-modified Fri, 15 Oct 2021 07:41:44 GMT server AmazonS3 age 37 etag "adc35fd9401ac04bdb2a47c466e46174" x-cache Hit from cloudfront content-type application/javascript date Tue, 10 May 2022 01:58:05 GMT x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 2568 x-amz-cf-id HS2MsazIUWYW8fMqkJZ6StZKuRJE0cn_hopRJxmXupr1aHywoKvdGQ==
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 437 B	87ms 33ms	XHR text/plain	2607:f8b0:4004:c09::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102456694-1&cid=780713007.1652147885&jid=9146711&gjid=1833338590&_gid=658840823.1652147885&_u=IEBAAEAAAAAAAC~&z=940790699 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://reurl.cc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 10 May 2022 01:58:05 GMT content-type text/plain access-control-allow-origin https://reurl.cc cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	currency.json Show response img.scupio.com/js/config/ Frame 9C75	108 B 488 B	20ms 19ms	XHR application/json	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/config/currency.json Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 87fae947c7f277b6a2df52bfe69ff252729faf4147633aa230193aceeb6f72eb Request headers Referer https://img.scupio.com/html/ad.html?v=1.0.61 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers date Tue, 10 May 2022 01:55:31 GMT via 1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront) last-modified Mon, 09 May 2022 19:15:05 GMT server nginx/1.12.1 age 157 etag "62796839-6c" vary Origin x-cache Hit from cloudfront content-type application/json cache-control max-age=10800 x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 108 x-amz-cf-id 7rXBbmMjcbTQkR-AiCpkdtFsxfqt4NFk9Jc9mghpQPQ1MwqA9JJY4Q== expires Tue, 10 May 2022 04:55:28 GMT
GET H/1.1	204 No Content	header Show response hb.aralego.com/ Frame 9C75	0 323 B	185ms 103ms	XHR text/plain	192.96.200.41 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=5e64cfeb-1f95-4390-96c5-98e5c4274cc9&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Freurl.cc&ucfUid=06257642-7afc-46b8-8f43-b109e8cfa25e&w=970&h=250 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.96.200.41 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://img.scupio.com Date Tue, 10 May 2022 01:58:05 GMT Access-Control-Allow-Credentials true Connection close
POST H2	204	prebid.aspx Show response prebid.scupio.com/recweb/ Frame 9C75	0 163 B	675ms 223ms	XHR text/html	210.59.219.181 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9391108619796076 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers date Tue, 10 May 2022 01:58:05 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type text/html access-control-allow-origin https://img.scupio.com cache-control private access-control-allow-credentials true
POST H2	204	cdb Show response bidder.criteo.com/ Frame 9C75	0 216 B	82ms 24ms	XHR text/plain	74.119.119.129 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=96856727669 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.129 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS bidder.va1.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://img.scupio.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers date Tue, 10 May 2022 01:58:04 GMT server Finatra vary Origin access-control-allow-origin https://img.scupio.com access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
POST H2	200	prebid.json Show response ad.holmesmind.com/adserver/ Frame 9C75	0 218 B	743ms 286ms	XHR text/html	54.178.238.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ad.holmesmind.com/adserver/prebid.json?cb=1652147885041&hb=1&ver=1.21 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.178.238.15 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-178-238-15.ap-northeast-1.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://img.scupio.com date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip access-control-allow-credentials true server nginx/1.14.0 (Ubuntu) vary Accept-Encoding content-type text/html; charset=UTF-8
POST H2	204	bids Show response prebid-asia.creativecdn.com/bidder/prebid/ Frame 9C75	0 176 B	759ms 250ms	XHR text/plain	103.132.192.30 RTBHOUSE-AS-AP RT...
General Check archive.org Show headers Download Go to Full URL https://prebid-asia.creativecdn.com/bidder/prebid/bids Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG), Reverse DNS ip-103-132-192-30.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://img.scupio.com date Tue, 10 May 2022 01:58:05 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
POST H2	204	bids Show response prebid-asia.creativecdn.com/bidder/prebid/ Frame 382B	0 170 B	758ms 251ms	XHR text/plain	103.132.192.30 RTBHOUSE-AS-AP RT...
General Check archive.org Show headers Download Go to Full URL https://prebid-asia.creativecdn.com/bidder/prebid/bids Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/rtbhouseV2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG), Reverse DNS ip-103-132-192-30.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://reurl.cc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://reurl.cc date Tue, 10 May 2022 01:58:05 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
GET H2	200	currency.json Show response img.scupio.com/js/config/ Frame AB3D	108 B 478 B	20ms 19ms	XHR application/json	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/config/currency.json Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 87fae947c7f277b6a2df52bfe69ff252729faf4147633aa230193aceeb6f72eb Request headers Referer https://img.scupio.com/html/ad.html?v=1.0.61 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers date Tue, 10 May 2022 01:55:31 GMT via 1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront) last-modified Mon, 09 May 2022 19:15:05 GMT server nginx/1.12.1 age 157 etag "62796839-6c" vary Origin x-cache Hit from cloudfront content-type application/json cache-control max-age=10800 x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 108 x-amz-cf-id iMKm4H8XNapFE1RAH_m0q49-AvTo6_NQh0lha_996P2adR_tSn556w== expires Tue, 10 May 2022 04:55:28 GMT
GET H3	200	ucfad-formats.css cdn.aralego.net/css/dev/	975 B 881 B	58ms 37ms	Stylesheet text/css	2606:4700:20::ac43:47fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aralego.net/css/dev/ucfad-formats.css Requested by Host: agent.aralego.com URL: https://agent.aralego.com/sdk Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3417 cf-polished origSize=1191 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 16 Mar 2018 07:19:46 GMT server cloudflare etag W/"5aab7012-4a7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnJKz80DTm4Y2Yvrr7fmuOAoCpSB3ZsL5N6S54ou2H4vrsbR2hTP11XRNAYgG8BivxR8GFzQeiTPchJnDDWxCA%2F%2B30yFmgUlKVWaod3km6Mk8ZOH%2FvNAu5lyL2itbrbnyWxOXyjzXtn9zH63VQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 access-control-allow-credentials true cf-ray 708f115a5eafece6-YUL cf-bgj minify
GET H/1.1	204 No Content	ad_request Show response ads.aralego.com/	0 839 B	211ms 129ms	XHR text/plain	199.115.117.82 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fb2gxzv&adid=ad-BE7EA7D3B2339BD4077327D9D4B2DA62&w=970&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.6470180445666418 Requested by Host: agent.aralego.com URL: https://agent.aralego.com/sdk Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Tue, 10 May 2022 01:58:05 GMT Campaign-Id 10 Sourceapp 123456789 nonce 473b1a16-b4ef-43ad-9591-fcf3aefa82a7 Skadnetwork-Id testad.skadnetwork X-Height 90 X-AdStyle banner Signature MEQCIEQlmZRNfYzKBSE8QnhLTIHZZZWCFgZpRqRxHss65KoFAiAJgJKjdrWdkLUOCCjuEx2RmFS7daRzSVZRVZ8RyMyUXg== Connection close X-Width 970 Itunesitem 880047117 Access-Control-Allow-Methods GET,POST,OPTIONS Access-Control-Allow-Origin https://reurl.cc Access-Control-Expose-Headers X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal Timestamp 1594406341 Link_Type app X-Adtype html Access-Control-Allow-Credentials true Version 2.0
GET H2	200	1652118273-1c84b1300a427568a2675a2eaecf9179.jpg img.gbyhn.com.tw/2022/05/	68 KB 69 KB	69ms 25ms	Image image/jpeg	2606:4700:3034::6815:6009 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.gbyhn.com.tw/2022/05/1652118273-1c84b1300a427568a2675a2eaecf9179.jpg Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:6009 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac1d13b16c50509eb3ff6b7f919f69d64dc2538faae6583c97c65b832c11c2b0 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT vary Accept-Encoding cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 25957 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 69476 last-modified Mon, 09 May 2022 17:44:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYjgQ7Gw2CTdrtKOd3DuHfXg4WCyKL4z2DV7wmu7XHxEu6XUkcurgdvIHrEo2ynjdysqHVndoL326oFyfkkSpu0e9VKtdSBnRIQQAziUikbqVZuQJcq2pJ7kfRQbQITT3kOHmLw3OBHnSEY5sutG"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 708f115a9daf4bbf-YUL expires Mon, 16 May 2022 17:45:33 GMT
GET H2	200	S__58269877.jpg i0.wp.com/golike.tw/wp-content/uploads/2022/04/	84 KB 85 KB	60ms 16ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/golike.tw/wp-content/uploads/2022/04/S__58269877.jpg?fit=1024%2C756&ssl=1 Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash 15aa3089d4f5ab7809b28e5a70738100120b43b95db8a392288db04db03f3678 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-nc HIT yyz 1 date Tue, 10 May 2022 01:58:05 GMT x-content-type-options nosniff last-modified Sun, 08 May 2022 10:03:44 GMT server nginx etag "2b6adf342ee99913" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://golike.tw/wp-content/uploads/2022/04/S__58269877.jpg>; rel="canonical" content-length 86382 expires Tue, 07 May 2024 22:03:44 GMT
GET H2	200	2022050608550170.jpg img.racingcharger.tw/wp-content/uploads/	139 KB 140 KB	53ms 23ms	Image image/jpeg	2606:4700:3032::6815:43a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.racingcharger.tw/wp-content/uploads/2022050608550170.jpg Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:43a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2b1bba2b1e98b1fc70a18fe787411ca69b3f703599932d8bbe70465a7087fb7 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT cf-cache-status HIT last-modified Fri, 06 May 2022 08:55:07 GMT server cloudflare age 25958 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aapl9DijhgAKYVs50U0WYIImcwVsgwZlszrp0yyhtlhopyeqXwMFtjIU1cTjvsBnYnsiTGIcvjHTu2CSWGfk8g7rUGX8oODM8tY4IhSJTI4ckFrSQUIoXLZ7AasebPwHdQpq%2F5HBGt6d9bi0yRLBmChBlA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=28800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 708f115a8f1f713e-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 142766
GET H2	200	%E5%AF%8C%E9%82%A6-J-Points-%E5%8D%A1%E5%9C%8B%E5%85%A7%E6%B6%88%E8%B2%BB-2-%E5%9B%9E%E9%A5%8B%E7%84%A1%E4%B8%8A%E9%99%90%EF%BC%8C%E4%BF%9D%E8%B2%BB%E5%88%86%E6%9C%9F%E6%A9%98%E5%AD%90%E6%94%AF%E4%... creditcards.com.tw/wp-content/uploads/2021/07/	77 KB 78 KB	169ms 107ms	Image image/webp	192.0.78.244 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://creditcards.com.tw/wp-content/uploads/2021/07/%E5%AF%8C%E9%82%A6-J-Points-%E5%8D%A1%E5%9C%8B%E5%85%A7%E6%B6%88%E8%B2%BB-2-%E5%9B%9E%E9%A5%8B%E7%84%A1%E4%B8%8A%E9%99%90%EF%BC%8C%E4%BF%9D%E8%B2%BB%E5%88%86%E6%9C%9F%E6%A9%98%E5%AD%90%E6%94%AF%E4%BB%98%E7%B9%B3%E8%B2%BB%E4%BA%AB%E5%9B%9E%E9%A5%8B-1080x630.jpg?crop=1 Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.244 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 9f6b3db236da81689801fc4fc81c9ec17533844dd6f682cf1956930281f847ee Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT x-ac 2.yyz _atomic_dca x-content-type-options nosniff strict-transport-security max-age=31536000 content-length 79330 x-nc HIT bur 6 last-modified Thu, 03 Feb 2022 15:18:57 GMT server nginx etag "91e23ad5e5d18c5b" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * expires Sun, 04 Feb 2024 03:18:57 GMT
GET H2	200	file.png static.wixstatic.com/media/8d2acb_cb660b22f7714eea8d383ad7d04bb8a8~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/	1 MB 1 MB	50ms 13ms	Image image/png	34.102.176.152 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://static.wixstatic.com/media/8d2acb_cb660b22f7714eea8d383ad7d04bb8a8~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/file.png Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 152.176.102.34.bc.googleusercontent.com Software openresty/1.19.9.1 / Resource Hash 35f6f7b4013e431ba8883512a6ed3179f7e7bde7712bbe5f952853b3fde790be Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 28 Apr 2022 07:30:01 GMT via 1.1 google server openresty/1.19.9.1 age 1016884 content-type image/png access-control-allow-origin * cache-control public, max-age=2592000, immutable content-length 1065173 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" wix-tracer 28PvOHWXmJ4vjQ3igpqe3Imp3v9 x-seen-by image-manipulator-5d686cb9d4-pgnmn
GET H2	200	%E4%BF%A1%E8%B2%B8%E6%A1%88%E4%BE%8B68.jpg blog.alphaloan.co/wp-content/uploads/2022/04/	166 KB 167 KB	141ms 81ms	Image image/jpeg	192.0.78.236 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://blog.alphaloan.co/wp-content/uploads/2022/04/%E4%BF%A1%E8%B2%B8%E6%A1%88%E4%BE%8B68.jpg Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 7fe8b88a61735349a26d7c9224d03eacb1773caa6c678369c0fbf9060299423d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT x-ac 2.yyz _atomic_dca last-modified Mon, 18 Apr 2022 07:25:45 GMT server nginx etag "625d1279-299ab" strict-transport-security max-age=31536000 access-control-allow-methods GET, HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 170411 expires Tue, 17 May 2022 01:58:05 GMT
POST H2	204	bids Show response prebid-asia.creativecdn.com/bidder/prebid/ Frame AB3D	0 176 B	685ms 250ms	XHR text/plain	103.132.192.30 RTBHOUSE-AS-AP RT...
General Check archive.org Show headers Download Go to Full URL https://prebid-asia.creativecdn.com/bidder/prebid/bids Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG), Reverse DNS ip-103-132-192-30.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://img.scupio.com date Tue, 10 May 2022 01:58:05 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
POST H2	204	cdb Show response bidder.criteo.com/ Frame AB3D	0 215 B	24ms 24ms	XHR text/plain	74.119.119.129 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=94528776134 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.129 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS bidder.va1.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://img.scupio.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers date Tue, 10 May 2022 01:58:05 GMT server Finatra vary Origin access-control-allow-origin https://img.scupio.com access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
POST H2	204	prebid.aspx Show response prebid.scupio.com/recweb/ Frame AB3D	0 27 B	596ms 224ms	XHR text/html	210.59.219.181 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://prebid.scupio.com/recweb/prebid.aspx?cb=0.35385435747119454 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers date Tue, 10 May 2022 01:58:05 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type text/html access-control-allow-origin https://img.scupio.com cache-control private access-control-allow-credentials true
GET H/1.1	204 No Content	header Show response hb.aralego.com/ Frame AB3D	0 323 B	115ms 66ms	XHR text/plain	192.96.200.41 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=5e64cfeb-1f95-4390-96c5-98e5c4274cc9&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Freurl.cc&ucfUid=5c59a10e-7f36-4699-ba95-d4da2d77f84d&w=300&h=250 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.96.200.41 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://img.scupio.com Date Tue, 10 May 2022 01:58:05 GMT Access-Control-Allow-Credentials true Connection close
POST H2	200	prebid.json Show response ad.holmesmind.com/adserver/ Frame AB3D	0 218 B	662ms 285ms	XHR text/html	54.178.238.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ad.holmesmind.com/adserver/prebid.json?cb=1652147885086&hb=1&ver=1.21 Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.178.238.15 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-178-238-15.ap-northeast-1.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://img.scupio.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://img.scupio.com date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip access-control-allow-credentials true server nginx/1.14.0 (Ubuntu) vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	87ms 37ms	Image image/gif	2607:f8b0:4006:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=780713007.1652147885&jid=9146711&_u=IEBAAEAAAAAAAC~&z=507017623 Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2004 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Tue, 10 May 2022 01:58:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 501 B	91ms 38ms	Image image/gif	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=780713007.1652147885&jid=9146711&_u=IEBAAEAAAAAAAC~&z=507017623 Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2003 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Tue, 10 May 2022 01:58:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	bid Show response ad2.apx.appier.net/v1/prebid/ Frame 382B Redirect Chain https://ad2.apx.appier.net/v1/prebid/bid https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid https://ad2.apx.appier.net/v1/prebid/bid?acid=p-mi4psbCaCo6XOOrcZ5Yg	2 B 19 B	272ms 253ms	XHR application/json	34.96.119.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad2.apx.appier.net/v1/prebid/bid?acid=p-mi4psbCaCo6XOOrcZ5Yg Protocol H3 Server 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.119.96.34.bc.googleusercontent.com Software nginx/1.19.0 / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT via 1.1 google server nginx/1.19.0 content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-store access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 Redirect headers date Tue, 10 May 2022 01:58:05 GMT server nginx access-control-allow-origin null p3p CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad2.apx.appier.net/v1/prebid/bid?acid=p-mi4psbCaCo6XOOrcZ5Yg cache-control no-store access-control-allow-credentials true content-length 0
POST H3	200	bid Show response ad2.apx.appier.net/v1/prebid/ Frame 382B Redirect Chain https://ad2.apx.appier.net/v1/prebid/bid https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid https://ad2.apx.appier.net/v1/prebid/bid?acid=LzdGJ4k-APegj6bjrcZ5Yg	2 B 19 B	280ms 259ms	XHR application/json	34.96.119.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad2.apx.appier.net/v1/prebid/bid?acid=LzdGJ4k-APegj6bjrcZ5Yg Protocol H3 Server 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.119.96.34.bc.googleusercontent.com Software nginx/1.19.0 / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT via 1.1 google server nginx/1.19.0 content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-store access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 Redirect headers date Tue, 10 May 2022 01:58:05 GMT server nginx access-control-allow-origin null p3p CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad2.apx.appier.net/v1/prebid/bid?acid=LzdGJ4k-APegj6bjrcZ5Yg cache-control no-store access-control-allow-credentials true content-length 0
POST H3	200	bid Show response ad2.apx.appier.net/v1/prebid/ Frame 382B Redirect Chain https://ad2.apx.appier.net/v1/prebid/bid https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid https://ad2.apx.appier.net/v1/prebid/bid?acid=TH9IPZG9CFq-E64_rcZ5Yg	2 B 19 B	287ms 265ms	XHR application/json	34.96.119.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad2.apx.appier.net/v1/prebid/bid?acid=TH9IPZG9CFq-E64_rcZ5Yg Protocol H3 Server 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.119.96.34.bc.googleusercontent.com Software nginx/1.19.0 / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT via 1.1 google server nginx/1.19.0 content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-store access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 Redirect headers date Tue, 10 May 2022 01:58:05 GMT server nginx access-control-allow-origin null p3p CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad2.apx.appier.net/v1/prebid/bid?acid=TH9IPZG9CFq-E64_rcZ5Yg cache-control no-store access-control-allow-credentials true content-length 0
POST H2	204	bids Show response prebid-asia.creativecdn.com/bidder/prebid/ Frame 1BF3	0 170 B	675ms 250ms	XHR text/plain	103.132.192.30 RTBHOUSE-AS-AP RT...
General Check archive.org Show headers Download Go to Full URL https://prebid-asia.creativecdn.com/bidder/prebid/bids Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/rtbhouseV2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG), Reverse DNS ip-103-132-192-30.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://reurl.cc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://reurl.cc date Tue, 10 May 2022 01:58:05 GMT access-control-allow-credentials true access-control-max-age 3600 vary Origin access-control-allow-methods POST
POST H3	200	bid Show response ad2.apx.appier.net/v1/prebid/ Frame 1BF3 Redirect Chain https://ad2.apx.appier.net/v1/prebid/bid https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid https://ad2.apx.appier.net/v1/prebid/bid?acid=3oiuF2C4ClW6vK0jrsZ5Yg	2 B 19 B	272ms 272ms	XHR application/json	34.96.119.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad2.apx.appier.net/v1/prebid/bid?acid=3oiuF2C4ClW6vK0jrsZ5Yg Protocol H3 Server 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.119.96.34.bc.googleusercontent.com Software nginx/1.19.0 / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT via 1.1 google server nginx/1.19.0 content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-store access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 Redirect headers date Tue, 10 May 2022 01:58:06 GMT server nginx access-control-allow-origin null p3p CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad2.apx.appier.net/v1/prebid/bid?acid=3oiuF2C4ClW6vK0jrsZ5Yg cache-control no-store access-control-allow-credentials true content-length 0
POST H3	200	bid Show response ad2.apx.appier.net/v1/prebid/ Frame 1BF3 Redirect Chain https://ad2.apx.appier.net/v1/prebid/bid https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid https://ad2.apx.appier.net/v1/prebid/bid?acid=Qw8FaNIxAa-D8_IWrsZ5Yg	2 B 19 B	194ms 194ms	XHR application/json	34.96.119.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad2.apx.appier.net/v1/prebid/bid?acid=Qw8FaNIxAa-D8_IWrsZ5Yg Protocol H3 Server 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.119.96.34.bc.googleusercontent.com Software nginx/1.19.0 / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT via 1.1 google server nginx/1.19.0 content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-store access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 Redirect headers date Tue, 10 May 2022 01:58:06 GMT server nginx access-control-allow-origin null p3p CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad2.apx.appier.net/v1/prebid/bid?acid=Qw8FaNIxAa-D8_IWrsZ5Yg cache-control no-store access-control-allow-credentials true content-length 0
GET H2	200	native.js Show response s.yimg.com/dy/ads/ Frame BB80	78 KB 30 KB	119ms 41ms	Script application/javascript	2001:4998:14:800::1001 YAHOO
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/dy/ads/native.js Requested by Host: ad.sitemaji.com URL: https://ad.sitemaji.com/native/reurl_passback.js?s=300x250_mobile Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US), Reverse DNS Software ATS / Resource Hash a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:52:28 GMT content-encoding gzip x-content-type-options nosniff age 338 x-amz-server-side-encryption AES256 vary Origin, Accept-Encoding x-amz-request-id T0SWB5JTKWE20DG8 x-amz-id-2 4zKwvm4sTjdTwsgHYxwYDiZxuykQDGxjNwOqLtv3uBC04ZBUmQRgWyYYg7dy5elkCXXBdhBT3IQ= referrer-policy no-referrer-when-downgrade last-modified Tue, 08 Feb 2022 12:02:57 GMT server ATS etag "7e002e241fddeeb8dd76383206c47a3d-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 content-type application/javascript x-xss-protection 1; mode=block cache-control max-age=600 accept-ranges bytes
GET H2	200	native.js Show response s.yimg.com/dy/ads/ Frame 821F	78 KB 29 KB	162ms 87ms	Script application/javascript	2001:4998:14:800::1001 YAHOO
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/dy/ads/native.js Requested by Host: ad.sitemaji.com URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US), Reverse DNS Software ATS / Resource Hash a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:52:28 GMT content-encoding gzip x-content-type-options nosniff age 338 x-amz-server-side-encryption AES256 vary Origin, Accept-Encoding x-amz-request-id T0SWB5JTKWE20DG8 x-amz-id-2 4zKwvm4sTjdTwsgHYxwYDiZxuykQDGxjNwOqLtv3uBC04ZBUmQRgWyYYg7dy5elkCXXBdhBT3IQ= referrer-policy no-referrer-when-downgrade last-modified Tue, 08 Feb 2022 12:02:57 GMT server ATS etag "7e002e241fddeeb8dd76383206c47a3d-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 content-type application/javascript x-xss-protection 1; mode=block cache-control max-age=600 accept-ranges bytes
POST H2	204	cdb Show response bidder.criteo.com/ Frame 1BF3	0 209 B	25ms 23ms	XHR text/plain	74.119.119.129 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=79047674795 Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.129 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS bidder.va1.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://reurl.cc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 10 May 2022 01:58:05 GMT server Finatra vary Origin access-control-allow-origin https://reurl.cc access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
POST H2	204	cdb Show response bidder.criteo.com/ Frame 1BF3	0 209 B	24ms 24ms	XHR text/plain	74.119.119.129 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=14669857472 Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.129 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS bidder.va1.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://reurl.cc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 10 May 2022 01:58:04 GMT server Finatra vary Origin access-control-allow-origin https://reurl.cc access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
POST H2	204	cdb Show response bidder.criteo.com/ Frame 382B	0 209 B	24ms 23ms	XHR text/plain	74.119.119.129 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=64278942095 Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.129 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS bidder.va1.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://reurl.cc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 10 May 2022 01:58:04 GMT server Finatra vary Origin access-control-allow-origin https://reurl.cc access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
GET H2	200	landing.php Show response fp.holmesmind.com/ Frame 16FE	0 82 B	248ms 194ms	Document text/html	34.117.219.39 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=5407-CImtgz5l6lYBM2mf9CUr6Vh6oznGp5B4&CFFPCKUUID=2565-USsUMMEn5JATCYV0Lv9VXmk5drxNMZQr&url=https%3A%2F%2Freurl.cc%2Fb2gxzv&maindomain=reurl.cc Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.219.39 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 39.219.117.34.bc.googleusercontent.com Software nginx/1.20.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-headers x-requested-with,content-type access-control-allow-methods * access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 10 May 2022 01:58:05 GMT server nginx/1.20.0 vary Accept-Encoding via 1.1 google
GET H2	200	utag.js Show response t.ssp.hinet.net/ Frame 382B	4 KB 2 KB	288ms 201ms	Script application/javascript	203.75.214.136 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://t.ssp.hinet.net/utag.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 203-75-214-136.hinet-ip.hinet.net Software nginx / Resource Hash 1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip last-modified Wed, 23 Feb 2022 08:43:40 GMT server nginx etag W/"6215f3bc-11a3" vary Accept-Encoding content-type application/javascript cache-control max-age=600 strict-transport-security max-age=0 expires Tue, 10 May 2022 02:08:05 GMT
GET H2	200	landing.php Show response fp.holmesmind.com/ Frame 4387	0 249 B	208ms 194ms	Document text/html	34.117.219.39 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=5407-CImtgz5l6lYBM2mf9CUr6Vh6oznGp5B4&CFFPCKUUID=2565-USsUMMEn5JATCYV0Lv9VXmk5drxNMZQr&url=https%3A%2F%2Freurl.cc%2Fb2gxzv&maindomain=reurl.cc Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.219.39 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 39.219.117.34.bc.googleusercontent.com Software nginx/1.20.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-headers x-requested-with,content-type access-control-allow-methods * access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 10 May 2022 01:58:05 GMT server nginx/1.20.0 vary Accept-Encoding via 1.1 google
GET H2	200	utag.js Show response t.ssp.hinet.net/ Frame 1BF3	4 KB 2 KB	249ms 201ms	Script application/javascript	203.75.214.136 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://t.ssp.hinet.net/utag.js Requested by Host: cdn.holmesmind.com URL: https://cdn.holmesmind.com/js/presetfn.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 203-75-214-136.hinet-ip.hinet.net Software nginx / Resource Hash 1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip last-modified Wed, 23 Feb 2022 08:43:40 GMT server nginx etag W/"6215f3bc-11a3" vary Accept-Encoding content-type application/javascript cache-control max-age=600 strict-transport-security max-age=0 expires Tue, 10 May 2022 02:08:05 GMT
POST H2	204	events bidder.criteo.com/csm/ Frame 1BF3	0 209 B	27ms 23ms	Ping text/plain	74.119.119.129 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/csm/events Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.129 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS bidder.va1.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://reurl.cc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 10 May 2022 01:58:04 GMT server Finatra vary Origin access-control-allow-origin https://reurl.cc access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
GET H2	200	pixel.gif static.criteo.net/images/ Frame 1BF3	43 B 365 B	31ms 26ms	Image image/gif	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/images/pixel.gif?ch=1 Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT last-modified Tue, 09 Dec 2008 16:52:36 GMT server nginx cross-origin-embedder-policy require-corp etag "493ea254-2b" strict-transport-security max-age=31536000; preload; content-type image/gif access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 43 expires Fri, 05 May 2023 01:58:05 GMT
GET H2	200	pixel.gif static.criteo.net/images/ Frame 1BF3	43 B 365 B	27ms 22ms	Image image/gif	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/images/pixel.gif?ch=2 Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT last-modified Tue, 09 Dec 2008 16:52:36 GMT server nginx cross-origin-embedder-policy require-corp etag "493ea254-2b" strict-transport-security max-age=31536000; preload; content-type image/gif access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 43 expires Fri, 05 May 2023 01:58:05 GMT
POST H2	204	events bidder.criteo.com/csm/ Frame 1BF3	0 209 B	29ms 24ms	Ping text/plain	74.119.119.129 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/csm/events Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.129 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS bidder.va1.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://reurl.cc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 10 May 2022 01:58:04 GMT server Finatra vary Origin access-control-allow-origin https://reurl.cc access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
GET H2	200	pixel.gif static.criteo.net/images/ Frame 382B	43 B 365 B	26ms 23ms	Image image/gif	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/images/pixel.gif?ch=1 Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT last-modified Tue, 09 Dec 2008 16:52:36 GMT server nginx cross-origin-embedder-policy require-corp etag "493ea254-2b" strict-transport-security max-age=31536000; preload; content-type image/gif access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 43 expires Fri, 05 May 2023 01:58:05 GMT
GET H2	200	pixel.gif static.criteo.net/images/ Frame 382B	43 B 365 B	31ms 29ms	Image image/gif	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/images/pixel.gif?ch=2 Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT last-modified Tue, 09 Dec 2008 16:52:36 GMT server nginx cross-origin-embedder-policy require-corp etag "493ea254-2b" strict-transport-security max-age=31536000; preload; content-type image/gif access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 43 expires Fri, 05 May 2023 01:58:05 GMT
POST H2	204	events bidder.criteo.com/csm/ Frame 382B	0 209 B	25ms 24ms	Ping text/plain	74.119.119.129 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/csm/events Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.129 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS bidder.va1.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://reurl.cc/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 10 May 2022 01:58:04 GMT server Finatra vary Origin access-control-allow-origin https://reurl.cc access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin *
GET H2	200	getAds.do Show response ads.yap.yahoo.com/nosdk/wj/v1/ Frame BB80	298 B 485 B	94ms 37ms	Script application/javascript	74.6.138.64 YAHOO-BF1
General Check archive.org Show headers Download Go to Full URL https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=1fffcdb4-48e0-4bda-b4bd-835f894c1a14&apiKey=M2G62KV2NBNXKBPVHWQN&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Freurl.cc%2Fb2gxzv&caps=16&cb=jsonpCallback0 Requested by Host: s.yimg.com URL: https://s.yimg.com/dy/ads/native.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.6.138.64 Lockport, United States, ASN26101 (YAHOO-BF1, US), Reverse DNS media-router-flurry71.prod.media.vip.bf1.yahoo.com Software ATS / Resource Hash e1bf03d4218f9d45f25ffaa10571bb9a8513954bf8cf18f29516b96549158405 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Accept-Encoding, User-Agent content-type application/javascript; charset=UTF-8 strict-transport-security max-age=31536000
GET H2	200	b geo.yahoo.com/ Frame BB80	43 B 446 B	72ms 24ms	Image image/gif	2001:4998:124:1507::3000 YAHOO-BF1
General Check archive.org Show headers Download Go to Show image Full URL https://geo.yahoo.com/b?t=xhkd7&9sdk8454 Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4998:124:1507::3000 Lockport, United States, ASN26101 (YAHOO-BF1, US), Reverse DNS Software ATS / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Tue, 10 May 2022 01:58:05 GMT server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 p3p policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" cache-control no-cache, no-store, private x-envoy-upstream-service-time 0 content-type image/gif content-length 43
GET H2	200	b geo.yahoo.com/ Frame 821F	43 B 73 B	56ms 24ms	Image image/gif	2001:4998:124:1507::3000 YAHOO-BF1
General Check archive.org Show headers Download Go to Show image Full URL https://geo.yahoo.com/b?t=xhkd7&9sdk8454 Requested by Host: s.yimg.com URL: https://s.yimg.com/dy/ads/native.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4998:124:1507::3000 Lockport, United States, ASN26101 (YAHOO-BF1, US), Reverse DNS Software ATS / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Tue, 10 May 2022 01:58:05 GMT server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 p3p policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" cache-control no-cache, no-store, private x-envoy-upstream-service-time 0 content-type image/gif content-length 43
GET H2	200	getAds.do Show response ads.yap.yahoo.com/nosdk/wj/v1/ Frame 821F	290 B 299 B	83ms 42ms	Script application/javascript	74.6.138.64 YAHOO-BF1
General Check archive.org Show headers Download Go to Full URL https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=64d289b9-de9a-443b-a2c0-d45680807e46&apiKey=M2G62KV2NBNXKBPVHWQN&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Freurl.cc%2Fb2gxzv&caps=16&cb=jsonpCallback0 Requested by Host: s.yimg.com URL: https://s.yimg.com/dy/ads/native.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.6.138.64 Lockport, United States, ASN26101 (YAHOO-BF1, US), Reverse DNS media-router-flurry71.prod.media.vip.bf1.yahoo.com Software ATS / Resource Hash f7a8e9ba173126956cea416f7d8039002d47e39abd29f782ac164884ed216c5e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Accept-Encoding, User-Agent content-type application/javascript; charset=UTF-8 strict-transport-security max-age=31536000
GET H2	200	/ Show response t.ssp.hinet.net/ Frame FA34	37 B 409 B	203ms 203ms	XHR text/html	203.75.214.136 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://t.ssp.hinet.net/ Requested by Host: t.ssp.hinet.net URL: https://t.ssp.hinet.net/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 203-75-214-136.hinet-ip.hinet.net Software nginx / Resource Hash 179d4cfb1da9b1aefc12c154e5f02ed157ad4d55476748089552f45a5a1612e6 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.holmesmind.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip server nginx vary Accept-Encoding, Origin content-type text/html; charset=UTF-8 access-control-allow-origin https://cdn.holmesmind.com cache-control no-cache, private access-control-allow-credentials true strict-transport-security max-age=0
GET H2	200	/ Show response t.ssp.hinet.net/ Frame 382B	37 B 402 B	204ms 204ms	XHR text/html	203.75.214.136 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://t.ssp.hinet.net/ Requested by Host: t.ssp.hinet.net URL: https://t.ssp.hinet.net/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 203-75-214-136.hinet-ip.hinet.net Software nginx / Resource Hash 8851e4e83cd41a68c8855a31d1aef297a31b84a48245dc7e0b29f796211bd103 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip server nginx vary Accept-Encoding, Origin content-type text/html; charset=UTF-8 access-control-allow-origin https://reurl.cc cache-control no-cache, private access-control-allow-credentials true strict-transport-security max-age=0
GET H2	200	/ Show response t.ssp.hinet.net/ Frame 1BF3	37 B 400 B	204ms 204ms	XHR text/html	203.75.214.136 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://t.ssp.hinet.net/ Requested by Host: t.ssp.hinet.net URL: https://t.ssp.hinet.net/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 203-75-214-136.hinet-ip.hinet.net Software nginx / Resource Hash 7a4eb3e1c79f232839a1055985b47ce6ec2a82c448a0217ae8a0465657fe2f3f Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip server nginx vary Accept-Encoding, Origin content-type text/html; charset=UTF-8 access-control-allow-origin https://reurl.cc cache-control no-cache, private access-control-allow-credentials true strict-transport-security max-age=0
GET H2	200	emome2 Show response t.ssp.hinet.net/ Frame FA34	30 B 278 B	203ms 203ms	XHR application/json	203.75.214.136 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://t.ssp.hinet.net/emome2?u=aec60ae3-b5a8-48e6-a318-35befc96e043 Requested by Host: t.ssp.hinet.net URL: https://t.ssp.hinet.net/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 203-75-214-136.hinet-ip.hinet.net Software nginx / Resource Hash 365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.holmesmind.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip server nginx vary Accept-Encoding, Origin content-type application/json access-control-allow-origin https://cdn.holmesmind.com cache-control no-cache, private access-control-allow-credentials true strict-transport-security max-age=0
GET H2	200	emome2 Show response t.ssp.hinet.net/ Frame 382B	30 B 271 B	203ms 203ms	XHR application/json	203.75.214.136 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://t.ssp.hinet.net/emome2?u=e7962599-79e0-4d45-844e-eb759c08f9d1 Requested by Host: t.ssp.hinet.net URL: https://t.ssp.hinet.net/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 203-75-214-136.hinet-ip.hinet.net Software nginx / Resource Hash 365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip server nginx vary Accept-Encoding, Origin content-type application/json access-control-allow-origin https://reurl.cc cache-control no-cache, private access-control-allow-credentials true strict-transport-security max-age=0
GET H2	200	emome2 Show response t.ssp.hinet.net/ Frame 1BF3	30 B 271 B	203ms 202ms	XHR application/json	203.75.214.136 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://t.ssp.hinet.net/emome2?u=e7962599-79e0-4d45-844e-eb759c08f9d1 Requested by Host: t.ssp.hinet.net URL: https://t.ssp.hinet.net/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 203-75-214-136.hinet-ip.hinet.net Software nginx / Resource Hash 365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip server nginx vary Accept-Encoding, Origin content-type application/json access-control-allow-origin https://reurl.cc cache-control no-cache, private access-control-allow-credentials true strict-transport-security max-age=0
GET H2	200	drawV2.js Show response cdn.holmesmind.com/js/ Frame 1BF3	10 KB 10 KB	29ms 29ms	Script application/javascript	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/drawV2.js Requested by Host: ad.holmesmind.com URL: https://ad.holmesmind.com/adserver/ads.js?z=12678&rf=https%3A%2F%2Freurl.cc%2Fb2gxzv&n=397&o=1&d=1&b=2&ts=1&ii=3&FPCK=2565-USsUMMEn5JATCYV0Lv9VXmk5drxNMZQr&initver=210830P Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id null via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) last-modified Fri, 16 Oct 2020 09:58:46 GMT server AmazonS3 age 37 etag "84d8b1a745228113e60f5e62f0eff6d3" x-cache Hit from cloudfront content-type application/javascript date Tue, 10 May 2022 01:58:05 GMT x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 10359 x-amz-cf-id Dup2UL4oZtxUmkCom35j4qyqQbFopFV4BDFsN5C5kfQsywZ_71KYYA==
GET H2	200	drawV2.js Show response cdn.holmesmind.com/js/ Frame 382B	10 KB 10 KB	19ms 19ms	Script application/javascript	2600:9000:21ec:5600:0:e06c:e940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.holmesmind.com/js/drawV2.js Requested by Host: ad.holmesmind.com URL: https://ad.holmesmind.com/adserver/ads.js?z=12679&rf=https%3A%2F%2Freurl.cc%2Fb2gxzv&n=328&o=1&d=1&b=2&ts=1&ii=3&FPCK=2565-USsUMMEn5JATCYV0Lv9VXmk5drxNMZQr&initver=210830P Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:5600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-version-id null via 1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront) last-modified Fri, 16 Oct 2020 09:58:46 GMT server AmazonS3 age 37 etag "84d8b1a745228113e60f5e62f0eff6d3" x-cache Hit from cloudfront content-type application/javascript date Tue, 10 May 2022 01:58:05 GMT x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 10359 x-amz-cf-id j1kTCTHeKTEC7z6wxBzzdjO_XAJ-TCJtmxMzpRQo6x5_LLL3AlJt4A==
GET H2	200	adsbyscupio.js Show response img.scupio.com/js/ Frame 9AD1	4 KB 2 KB	59ms 58ms	Script application/javascript	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/adsbyscupio.js?v=1.0.2 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/html/ad.html?v=1.0.61 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip last-modified Mon, 19 Apr 2021 03:30:31 GMT server nginx/1.12.1 age 3 etag W/"607cf957-11ab" vary Origin x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 via 1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront) cache-control max-age=10800 x-amz-cf-pop JFK51-C1 x-amz-cf-id zNN1CQVGQSD7aVMlsM7xFeqJ1-f2wWemfQ1vWQltNs9zLf_2GMFCsA== expires Tue, 10 May 2022 04:58:02 GMT
POST H/1.1	200 OK	bidinfo.aspx Show response bw.scupio.com/adpinline/ Frame 9C75	2 KB 2 KB	1040ms 211ms	XHR application/javascript	210.59.219.180 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.19033015245922913 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 0d69d807e5c74d2c9ace16e283c04a201ce9aa8c69ab281a7d195de0b560f3a2 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://img.scupio.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Tue, 10 May 2022 01:58:06 GMT Content-Encoding gzip Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding P3P CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA " Access-Control-Allow-Origin https://img.scupio.com Cache-Control private Access-Control-Allow-Credentials true Content-Type application/javascript; charset=utf-8 Content-Length 1477
GET H2	200	adsbyscupio.js Show response img.scupio.com/js/ Frame F61B	4 KB 2 KB	54ms 54ms	Script application/javascript	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/js/adsbyscupio.js?v=1.0.2 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/html/ad.html?v=1.0.61 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip last-modified Mon, 19 Apr 2021 03:30:31 GMT server nginx/1.12.1 age 3 etag W/"607cf957-11ab" vary Origin x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 via 1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront) cache-control max-age=10800 x-amz-cf-pop JFK51-C1 x-amz-cf-id yfKrJn2WrdYqyKWX-D_H3lQ_3_GsZOaNRfyX-dAd3P1WZ3Il5EW2ZQ== expires Tue, 10 May 2022 04:58:02 GMT
POST H/1.1	200 OK	bidinfo.aspx Show response bw.scupio.com/adpinline/ Frame AB3D	2 KB 2 KB	1099ms 221ms	XHR application/javascript	210.59.219.180 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.19162988851215257 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 9f9cee99c8aa30bbec4b9654d77e49de26e71f6de387f7e07cf866e513b31c32 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://img.scupio.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Tue, 10 May 2022 01:58:05 GMT Content-Encoding gzip Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding P3P CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA " Access-Control-Allow-Origin https://img.scupio.com Cache-Control private Access-Control-Allow-Credentials true Content-Type application/javascript; charset=utf-8 Content-Length 1476
GET H2	200	syncframe Show response gum.criteo.com/ Frame D3BD	14 KB 6 KB	75ms 26ms	Document text/html	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash 2911d85b6fd16bcfa2818eda2ad8130a8f1c64355c27158832d8d67361b1d927 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-length 5882 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 10 May 2022 01:58:05 GMT server-processing-duration-in-ticks 2292 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET DATA	200 OK	truncated / Frame AB3D	762 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 9C75	762 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	300x250.png img.scupio.com/img/2011_gym/ Frame F61B	47 KB 48 KB	52ms 51ms	Image image/png	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.scupio.com/img/2011_gym/300x250.png Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/html/ad.html?v=1.0.61 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:05 GMT via 1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront) last-modified Mon, 19 Apr 2021 03:31:40 GMT server nginx/1.12.1 age 6 etag "607cf99c-bcf6" vary Origin x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 48374 x-amz-cf-id aJ45XjT8P5PjFSlfwN5hFJChEyL4nOgFUUn0lXkEEN7sNzSA1CNhEQ== expires Wed, 10 May 2023 01:57:59 GMT
GET H2	200	970x250.png img.scupio.com/img/2011_gym/ Frame 9AD1	86 KB 86 KB	18ms 18ms	Image image/png	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.scupio.com/img/2011_gym/970x250.png Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 5c4e555f2cdb1d2c4bc4bd48cf25afb9944c1faed58be0725a8222e9fe2dd67e Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/html/ad.html?v=1.0.61 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:57:19 GMT via 1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront) last-modified Mon, 19 Apr 2021 03:31:40 GMT server nginx/1.12.1 age 364 etag "607cf99c-156c7" vary Origin x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-cf-pop JFK51-C1 accept-ranges bytes content-length 87751 x-amz-cf-id 2Bw4Vq4jjuwqRqi-2Gn4HV1vrGZ8CSVBuuskeYLjmCm8j9E1E7BrBg== expires Wed, 10 May 2023 01:52:01 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame D3BD Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0 https://mug.criteo.com/sid?cpp=GkyESnxPWkhXK29EU3N6dFRmQSsrTkY2NjkxL1VaMlJDU3U4MmdJM3FzL29ibHBuR1JhT1l2SkVScjNpd0FObUlFSnBKcVcweW1DQzZkajhBWW91QzJ1OU5RWkdPRHBoWnNuL0ZERVU4R3kzTmREdFdZRHpOc1kwNHRsd0...	431 B 627 B	91ms 28ms	Fetch application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=GkyESnxPWkhXK29EU3N6dFRmQSsrTkY2NjkxL1VaMlJDU3U4MmdJM3FzL29ibHBuR1JhT1l2SkVScjNpd0FObUlFSnBKcVcweW1DQzZkajhBWW91QzJ1OU5RWkdPRHBoWnNuL0ZERVU4R3kzTmREdFdZRHpOc1kwNHRsd0ZmTHg4TVpmL0xLd3VqajM4RTgxQU9BaGdVR1lGTXBEZTEyVU9ZUUZPa0NaSllqSnRtWGMycDFHRTBhRjVaaWNRVDdPVGhVR3F2NWlPdk9peWZzV1RKSS9LdGkvNkN0bEIrRk9IQzlwTlpPbUhzTU1iQzdwTE0ybUN3RUdxSk1raVIrYklaemdpRVU3cUFkK2tQbHgwWG5QNm5YODFqQT09fA&cppv=2 Protocol H2 Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash 15f865e0b7bec8feeed3be5ca44d9631128ca12242427bf48f0b85361dbd0053 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 6519 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Tue, 10 May 2022 01:58:05 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=GkyESnxPWkhXK29EU3N6dFRmQSsrTkY2NjkxL1VaMlJDU3U4MmdJM3FzL29ibHBuR1JhT1l2SkVScjNpd0FObUlFSnBKcVcweW1DQzZkajhBWW91QzJ1OU5RWkdPRHBoWnNuL0ZERVU4R3kzTmREdFdZRHpOc1kwNHRsd0ZmTHg4TVpmL0xLd3VqajM4RTgxQU9BaGdVR1lGTXBEZTEyVU9ZUUZPa0NaSllqSnRtWGMycDFHRTBhRjVaaWNRVDdPVGhVR3F2NWlPdk9peWZzV1RKSS9LdGkvNkN0bEIrRk9IQzlwTlpPbUhzTU1iQzdwTE0ybUN3RUdxSk1raVIrYklaemdpRVU3cUFkK2tQbHgwWG5QNm5YODFqQT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1599 content-length 541 expires 0
GET H2	200	cm Show response t.ssp.hinet.net/ Frame 382B	0 187 B	207ms 206ms	XHR image/png	203.75.214.136 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://t.ssp.hinet.net/cm?c=50ef57&cid=5407-CImtgz5l6lYBM2mf9CUr6Vh6oznGp5B4&mp=e7962599-79e0-4d45-844e-eb759c08f9d1 Requested by Host: t.ssp.hinet.net URL: https://t.ssp.hinet.net/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 203-75-214-136.hinet-ip.hinet.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT server nginx vary Origin content-type image/png access-control-allow-origin https://reurl.cc cache-control no-cache, private access-control-allow-credentials true strict-transport-security max-age=0
GET H2	200	pixel e7962599-79e0-4d45-844e-eb759c08f9d1.t.ssp.hinet.net/ Frame 382B	0 80 B	1096ms 200ms	Image image/png	203.75.214.136 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL https://e7962599-79e0-4d45-844e-eb759c08f9d1.t.ssp.hinet.net/pixel?bd=e7962599-79e0-4d45-844e-eb759c08f9d1&t=50ef57 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 203-75-214-136.hinet-ip.hinet.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT server nginx content-length 0 strict-transport-security max-age=0 content-type image/png
GET H2	200	pixel e7962599-79e0-4d45-844e-eb759c08f9d1.t.ssp.hinet.net/ Frame 1BF3	0 79 B	1096ms 201ms	Image image/png	203.75.214.136 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL https://e7962599-79e0-4d45-844e-eb759c08f9d1.t.ssp.hinet.net/pixel?bd=e7962599-79e0-4d45-844e-eb759c08f9d1&t=50ef57 Requested by Host: t.ssp.hinet.net URL: https://t.ssp.hinet.net/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 203-75-214-136.hinet-ip.hinet.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT server nginx content-length 0 strict-transport-security max-age=0 content-type image/png
GET H2	200	cm Show response t.ssp.hinet.net/ Frame 1BF3	0 187 B	203ms 203ms	XHR image/png	203.75.214.136 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://t.ssp.hinet.net/cm?c=50ef57&cid=5407-CImtgz5l6lYBM2mf9CUr6Vh6oznGp5B4&mp=e7962599-79e0-4d45-844e-eb759c08f9d1 Requested by Host: t.ssp.hinet.net URL: https://t.ssp.hinet.net/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 203-75-214-136.hinet-ip.hinet.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT server nginx vary Origin content-type image/png access-control-allow-origin https://reurl.cc cache-control no-cache, private access-control-allow-credentials true strict-transport-security max-age=0
GET H2	200	syncframe Show response gum.criteo.com/ Frame C721	14 KB 6 KB	27ms 27ms	Document text/html	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash 2911d85b6fd16bcfa2818eda2ad8130a8f1c64355c27158832d8d67361b1d927 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-length 5882 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 10 May 2022 01:58:05 GMT server-processing-duration-in-ticks 5975 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Frame C721 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=Aum0319uT1hhTFk4WlVQdXdiRzc0OFclMkZVRnk1a0RRdFVBeHo4RCUyRmJzdlhaZXFQbmJvemw0Zm4wWF... https://mug.criteo.com/sid?cpp=-fPyC3xaN0FuMTJ5eHlIZmFNaTl4Ym02SVFPKzNEckhhVnhENE1tTGMxYXk0UG1KVHdSVXc0TllMWEZ1K0NQK2gwZU9tN1NWSzIwQis1RGUyK1JzTzJLbm01Q1Y3V2RyTFkxYkgvOTMrNXBwckIyNjlBdzc5REgzWGZTMU...	436 B 635 B	26ms 26ms	Fetch application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=-fPyC3xaN0FuMTJ5eHlIZmFNaTl4Ym02SVFPKzNEckhhVnhENE1tTGMxYXk0UG1KVHdSVXc0TllMWEZ1K0NQK2gwZU9tN1NWSzIwQis1RGUyK1JzTzJLbm01Q1Y3V2RyTFkxYkgvOTMrNXBwckIyNjlBdzc5REgzWGZTMURidllYeHRZRVZiMDdyUjZITFh3T2pXSGwwejlwS1UrVHV3Y0ExM1ZVSGoxbG5uVVlpaC9xV0JQNXcvNU5XSWtTN1gwbWZuU1pvbFJvUjRvaVpncUtUaGRQQ1NJVnJNRmUwcXcvcXcvQ29MNC9CbVdqWVZISGpKbXBGbDRrbkVKN3ZIUE1JNlRyUjB2cjY4c21sL2tNK0gxcmlOdnNPdz09fA&cppv=2 Protocol H2 Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash 2ca83af2babb495a5eca80cdbc9162b9a30d10f4292f00da210a25b013676d4b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 4007 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Tue, 10 May 2022 01:58:05 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=-fPyC3xaN0FuMTJ5eHlIZmFNaTl4Ym02SVFPKzNEckhhVnhENE1tTGMxYXk0UG1KVHdSVXc0TllMWEZ1K0NQK2gwZU9tN1NWSzIwQis1RGUyK1JzTzJLbm01Q1Y3V2RyTFkxYkgvOTMrNXBwckIyNjlBdzc5REgzWGZTMURidllYeHRZRVZiMDdyUjZITFh3T2pXSGwwejlwS1UrVHV3Y0ExM1ZVSGoxbG5uVVlpaC9xV0JQNXcvNU5XSWtTN1gwbWZuU1pvbFJvUjRvaVpncUtUaGRQQ1NJVnJNRmUwcXcvcXcvQ29MNC9CbVdqWVZISGpKbXBGbDRrbkVKN3ZIUE1JNlRyUjB2cjY4c21sL2tNK0gxcmlOdnNPdz09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1790 content-length 541 expires 0
GET H3	200	sdk Show response cdn.aralego.net/ucfad/sdk/us-east/ Frame 5D93 Redirect Chain https://ads.aralego.com/sdk https://cdn.aralego.net/ucfad/sdk/us-east/sdk	42 KB 43 KB	21ms 21ms	Script application/octet-stream	2606:4700:20::ac43:47fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aralego.net/ucfad/sdk/us-east/sdk Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H3 Server 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3509 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43274 last-modified Thu, 10 Feb 2022 09:21:22 GMT server cloudflare etag "6204d912-a90a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7e1ofLTDfPUqdZP%2FkRlPx0jknMUoqdPEkgY0xadcEY0ocJWiJ1d0izeQLB66EFuctN2osXkZ1K2KVGw%2BWN5AlefHbe2wDZ2%2B1%2FFt3ibn%2F46QtJKGMNeV7o3vNx%2Ba%2BMZsKW6r3ZrqQ5FcGJL9rg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 access-control-allow-credentials true accept-ranges bytes cf-ray 708f1162e98fece6-YUL Redirect headers Location https://cdn.aralego.net/ucfad/sdk/us-east/sdk Connection close Content-length 0
GET H3	200	sdk Show response cdn.aralego.net/ucfad/sdk/us-east/ Frame F38E Redirect Chain https://ads.aralego.com/sdk https://cdn.aralego.net/ucfad/sdk/us-east/sdk	42 KB 43 KB	33ms 33ms	Script application/octet-stream	2606:4700:20::ac43:47fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aralego.net/ucfad/sdk/us-east/sdk Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H3 Server 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3509 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43274 last-modified Thu, 10 Feb 2022 09:21:22 GMT server cloudflare etag "6204d912-a90a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P75SBj3t%2FvfaqGUWVCIXer9DrQQ1WXykZ5vAMHf1cpk85ym66Vg6Y%2FhdYqhDs4DWzHzQyjxAdqz2pe28QaKwC1TPimOmha2GP73dBO0GCA5F9srlco8qEjOQ39iotPf0rXCpuXV6sLZIYd2puQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 access-control-allow-credentials true accept-ranges bytes cf-ray 708f1162f99fece6-YUL Redirect headers Location https://cdn.aralego.net/ucfad/sdk/us-east/sdk Connection close Content-length 0
GET H3	200	ucfad-formats.css cdn.aralego.net/css/dev/ Frame 5D93	975 B 850 B	19ms 19ms	Stylesheet text/css	2606:4700:20::ac43:47fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aralego.net/css/dev/ucfad-formats.css Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3418 cf-polished origSize=1191 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 16 Mar 2018 07:19:46 GMT server cloudflare etag W/"5aab7012-4a7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xoM5%2FIZ620xJ550g7SS6b6Fcsok%2BTsstsXbP1oX7t%2Fq5SSiH%2B%2FctTCiktmsAhrLLgGW%2FlcVYDNF810x%2BDkb3MMjfUyVqVagoVFnVM3XXMWAFDmlEe0dZ1n2A4%2FKZXF2h8DsoliK6vwyMRa9OQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 access-control-allow-credentials true cf-ray 708f116339d8ece6-YUL cf-bgj minify
GET H/1.1	200 OK	idRequest Show response sync.aralego.com/ Frame 5D93	46 B 486 B	109ms 28ms	XHR text/html	162.210.196.208 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22& Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash d65d17fb8c4ad0c85ecb2aa4bbb65ae9931ca1c3db2fc465254a5486867f531e Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://reurl.cc access-control-allow-credentials true connection close content-length 46
GET H/1.1	200 OK	ad_request Show response ads.aralego.com/ Frame 5D93	673 B 1 KB	114ms 68ms	XHR text/html	199.115.117.82 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fb2gxzv&adid=ad-772836EB4BD79D3B0B3BA843D8A2AE49&w=970&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.42422518950405785&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=970%2C90%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22 Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash f53c1d1dcbfc59e060372cdd4e43913c5f0d08bb6ed01103c543c005aa9c502f Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Tue, 10 May 2022 01:58:06 GMT X-Width 970 X-Height 90 Vary Accept-Encoding Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin https://reurl.cc Access-Control-Expose-Headers X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal X-AdSource PSA X-SspId 1a15aba0-ecb2-3880-bb86-46778f42e26a Connection close Access-Control-Allow-Credentials true Content-Length 673 X-AdStyle banner X-Adtype html
GET H3	200	ucfad-formats.css cdn.aralego.net/css/dev/ Frame F38E	975 B 849 B	54ms 54ms	Stylesheet text/css	2606:4700:20::ac43:47fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aralego.net/css/dev/ucfad-formats.css Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3418 cf-polished origSize=1191 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 16 Mar 2018 07:19:46 GMT server cloudflare etag W/"5aab7012-4a7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDLz2P4X1VYXzBa%2Bk0REDSwH77gbqR%2Fca%2B%2F56tecr7CC4mtrLxefNBPmCa5SV5gT3eWpBa58Gzvqmiom6S8Dc%2FrzzoXEWwRxK1pXeKPg3edMa%2BSR3cmPDEPfJmHIWUU3ejOGd24VSrNgk6YC1Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 access-control-allow-credentials true cf-ray 708f11636a75ece6-YUL cf-bgj minify
GET H/1.1	200 OK	idRequest Show response sync.aralego.com/ Frame F38E	46 B 486 B	97ms 24ms	XHR text/html	162.210.196.208 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22& Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash d65d17fb8c4ad0c85ecb2aa4bbb65ae9931ca1c3db2fc465254a5486867f531e Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://reurl.cc access-control-allow-credentials true connection close content-length 46
GET H/1.1	200 OK	ad_request Show response ads.aralego.com/ Frame F38E	655 B 1 KB	109ms 63ms	XHR text/html	199.115.117.82 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2Fb2gxzv&adid=ad-BE78DB396979B34E17BE3B66A3E7D76B&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.3425565198564493&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22 Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash 796662179cf7f2caab1ae351edb00ae3a412ae3a9004011f53cbb24833a9bb83 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Tue, 10 May 2022 01:58:06 GMT X-Width 300 X-Height 250 Vary Accept-Encoding Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin https://reurl.cc Access-Control-Expose-Headers X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal X-AdSource PSA X-SspId 1a15aba0-ecb2-3880-bb86-46778f42e26a Connection close Access-Control-Allow-Credentials true Content-Length 655 X-AdStyle banner X-Adtype html
GET H2	200	publishertag.prebid.117.js Show response static.criteo.net/js/ld/ Frame 9C75	87 KB 28 KB	32ms 31ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.117.js Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT content-encoding gzip last-modified Wed, 29 Dec 2021 12:30:46 GMT server nginx etag W/"61cc54f6-15c19" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 11 May 2022 01:58:06 GMT
GET H3	200	cookieSyncIframe.html Show response cdn.aralego.net/ucfad/cookie/ Frame 7F72	714 B 845 B	21ms 21ms	Document text/html	2606:4700:20::ac43:47fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6 Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-credentials true age 4479 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=14400 cf-cache-status HIT cf-ray 708f1163faeaece6-YUL content-encoding br content-type text/html date Tue, 10 May 2022 01:58:06 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Wed, 09 Feb 2022 05:59:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBsBWZ3d7VkHR1JzIs7%2BqrZgf3BBQXFM8bgF0NUHbxuoqOYKj%2BPgw33wJT60t79xG%2BdiuE0K05WcZuogxHa1awEVkkw7n%2FYJelaHK%2BH99n0B9FuApV%2B7iSF8xmW9yPkpjiwSoER%2Bv53ENb2Jfw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	idsync sync.aralego.com/ Frame 5D93	35 B 384 B	75ms 27ms	Image image/gif	162.210.196.208 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Show image Full URL https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}& Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT connection close content-length 35 content-type image/gif
GET H3	200	cookieSyncIframe.html Show response cdn.aralego.net/ucfad/cookie/ Frame DAA5	714 B 845 B	20ms 20ms	Document text/html	2606:4700:20::ac43:47fe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6 Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-credentials true age 4479 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=14400 cf-cache-status HIT cf-ray 708f1163faf1ece6-YUL content-encoding br content-type text/html date Tue, 10 May 2022 01:58:06 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Wed, 09 Feb 2022 05:59:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkgrGMX6%2B%2BmEnJ8LL%2Bz%2BpyTZqDtqj%2BcMthEr9fWo3KLvYqjBPuSTUosh8JzCzdi8ShVo8Di%2FE4dn3WvEDpa4ttjLLR60ZJ4mc8bWsbKzQimfOkJYlOKZmquhTosAJPJIcLrK9ZasM8yLH%2BeT6A%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	idsync sync.aralego.com/ Frame F38E	35 B 384 B	75ms 27ms	Image image/gif	162.210.196.208 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Show image Full URL https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}& Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT connection close content-length 35 content-type image/gif
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 046D	156 KB 55 KB	93ms 47ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2473403521176190 Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a5d723199f430d93480c2d2f636020f168e2aab889d570ea7393339336257d43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://reurl.cc/ Origin https://reurl.cc accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55866 x-xss-protection 0 server cafe etag 18048846669702644291 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Tue, 10 May 2022 01:58:06 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 1442	156 KB 55 KB	113ms 78ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2473403521176190 Requested by Host: ads.aralego.com URL: https://ads.aralego.com/sdk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9e1c603cd8e8d12b85a34e6dc5d5aa9f75c16f59ef49634f5ddeaf08b813e99d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://reurl.cc/ Origin https://reurl.cc accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55858 x-xss-protection 0 server cafe etag 10458473072568048514 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Tue, 10 May 2022 01:58:06 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 7F72	80 KB 28 KB	108ms 51ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.aralego.net URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.72.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software sffe / Resource Hash 30db5800cfd18e7cc61fd490a6d150608e3e24b35840c223e0d1288971477794 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28357 x-xss-protection 0 server sffe etag "1210 / 137 of 1000 / last-modified: 1652133895" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 10 May 2022 01:58:06 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame DAA5	80 KB 28 KB	149ms 96ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.aralego.net URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.72.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software sffe / Resource Hash 30db5800cfd18e7cc61fd490a6d150608e3e24b35840c223e0d1288971477794 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28357 x-xss-protection 0 server sffe etag "1210 / 533 of 1000 / last-modified: 1652133895" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 10 May 2022 01:58:06 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame 7756	14 KB 6 KB	27ms 27ms	Document text/html	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash 2911d85b6fd16bcfa2818eda2ad8130a8f1c64355c27158832d8d67361b1d927 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://img.scupio.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-length 5882 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 10 May 2022 01:58:06 GMT server-processing-duration-in-ticks 4739 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame 9C75	87 KB 28 KB	72ms 25ms	XHR text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT content-encoding gzip last-modified Tue, 03 May 2022 11:21:00 GMT server nginx etag W/"6271101c-15b58" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 11 May 2022 01:58:06 GMT
GET H2	200	publishertag.prebid.117.js Show response static.criteo.net/js/ld/ Frame AB3D	87 KB 28 KB	49ms 49ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.117.js Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT content-encoding gzip last-modified Wed, 29 Dec 2021 12:30:46 GMT server nginx etag W/"61cc54f6-15c19" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 11 May 2022 01:58:06 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame 7756 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0 https://mug.criteo.com/sid?cpp=k4YQS3xlK2FCYTZjNXVRQ2dwY1NuMytRZUFBU2FKVlJiUStDbDF4YkpWZmtITHFuNjVPMGJMcGRSTS9JeURiVHhIYm56WmZsek05b0c4NjhSOEJQU0NpRHhweVJCNkdDTXJyZE5zZ1Z4V3lQK2VzT2hoa2JGU1VZVE5CcG...	435 B 631 B	26ms 26ms	Fetch application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=k4YQS3xlK2FCYTZjNXVRQ2dwY1NuMytRZUFBU2FKVlJiUStDbDF4YkpWZmtITHFuNjVPMGJMcGRSTS9JeURiVHhIYm56WmZsek05b0c4NjhSOEJQU0NpRHhweVJCNkdDTXJyZE5zZ1Z4V3lQK2VzT2hoa2JGU1VZVE5CcG8rTUtxOHZka1kyeldxSWRPa2ZJaldLWlk0Mzg0UER4Z1dJeDlDd1BxTEJNcjJtUnlBb0tsRnhIOVdqZWF2QklxOE5LRXVUQTBjM1dlY1RJNEszbnMwQ283NUEyQ0ZQcmNpZ2I5RFgrZkZua1Uyblc0dmRxVXV2dmV6M0phNWZpUGJHcUl6SzhENlJ6Y1Rrd3dFRDRFcW9PMzluVEJRbnhOdTVkZlhXUUtDUm1RN2JhYTVpaz18&cppv=2 Protocol H2 Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash 327f475042b336c4fa6e9190f7d675bc49c50b4e57d44aefa037b61f32c425d8 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Tue, 10 May 2022 01:58:05 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 3910 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Tue, 10 May 2022 01:58:06 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=k4YQS3xlK2FCYTZjNXVRQ2dwY1NuMytRZUFBU2FKVlJiUStDbDF4YkpWZmtITHFuNjVPMGJMcGRSTS9JeURiVHhIYm56WmZsek05b0c4NjhSOEJQU0NpRHhweVJCNkdDTXJyZE5zZ1Z4V3lQK2VzT2hoa2JGU1VZVE5CcG8rTUtxOHZka1kyeldxSWRPa2ZJaldLWlk0Mzg0UER4Z1dJeDlDd1BxTEJNcjJtUnlBb0tsRnhIOVdqZWF2QklxOE5LRXVUQTBjM1dlY1RJNEszbnMwQ283NUEyQ0ZQcmNpZ2I5RFgrZkZua1Uyblc0dmRxVXV2dmV6M0phNWZpUGJHcUl6SzhENlJ6Y1Rrd3dFRDRFcW9PMzluVEJRbnhOdTVkZlhXUUtDUm1RN2JhYTVpaz18&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1696 content-length 567 expires 0
GET H2	200	syncframe Show response gum.criteo.com/ Frame F9E4	14 KB 6 KB	27ms 26ms	Document text/html	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash 2911d85b6fd16bcfa2818eda2ad8130a8f1c64355c27158832d8d67361b1d927 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://img.scupio.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-length 5882 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 10 May 2022 01:58:06 GMT server-processing-duration-in-ticks 4341 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame AB3D	87 KB 28 KB	26ms 25ms	XHR text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT content-encoding gzip last-modified Tue, 03 May 2022 11:21:00 GMT server nginx etag W/"6271101c-15b58" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 11 May 2022 01:58:06 GMT
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/ Frame 046D	304 KB 109 KB	97ms 56ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2473403521176190 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9077b0f01f18dcc2dc4fbea77368c52e7156e65873459aa957af2e7580133651 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 111214 x-xss-protection 0 server cafe etag 9773600210847187776 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Tue, 10 May 2022 01:58:06 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220505/r20190131/ Frame C8E3	10 KB 5 KB	69ms 20ms	Document text/html	2607:f8b0:4006:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220505/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2473403521176190 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 33455 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding gzip content-length 4421 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 09 May 2022 16:40:31 GMT etag 1428802124239944296 expires Mon, 23 May 2022 16:40:31 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_2022050501.js Show response securepubads.g.doubleclick.net/gpt/ Frame 7F72	368 KB 125 KB	63ms 21ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software sffe / Resource Hash e680f84f5a15d5113b3d271f4f26456bbdd12103f70eaaf21ab08ef68aee9753 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 10:31:45 GMT content-encoding gzip x-content-type-options nosniff age 401181 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 127685 x-xss-protection 0 last-modified Thu, 05 May 2022 08:34:36 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 05 May 2023 10:31:45 GMT
GET H3	200	show_ads_impl_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/ Frame 1442	308 KB 110 KB	63ms 63ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2473403521176190 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5174cb805daa9136fc1ecb788a36a715281de926c00d7eea148237a2ec5636c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112611 x-xss-protection 0 server cafe etag 3654091394960878184 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Tue, 10 May 2022 01:58:06 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame F9E4 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0 https://mug.criteo.com/sid?cpp=9xHz9nw5ME8rRlhmRVU5K2xiWEk3dzdPbzlUMVhtMVNETUg1M1BQazhlUHNoUzhQOGF2a0RxOVgxQlJMM1lRcHUzSUNRNnlCSkxJcHczQTAzV3JkWWJhb2RuaVpqTnF4cm1NbWhiUmQ2T3U4ZXJjK0tBYzQwVFAvYnp4dH...	438 B 633 B	27ms 26ms	Fetch application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=9xHz9nw5ME8rRlhmRVU5K2xiWEk3dzdPbzlUMVhtMVNETUg1M1BQazhlUHNoUzhQOGF2a0RxOVgxQlJMM1lRcHUzSUNRNnlCSkxJcHczQTAzV3JkWWJhb2RuaVpqTnF4cm1NbWhiUmQ2T3U4ZXJjK0tBYzQwVFAvYnp4dHlETzhOSmpUcjBESDdiNmRoQlJvaVlDb2gxR0pYRXdpa2Era3U3VzYrQ2JZb0Q4MlhrL3NiQVg1VDdFNjQraWkyVEFacExOMEFwZUhKSkNIcjNwa3hZd2Y3cW5Sbm1PcVhvNDJ6aldSWjZFZmN3TXlTNCs3OHpOcStxOGpsSDdlQUlQUFlOK3p5UkZGU1BKN01qOUpkYmJNa0k2SkpMUT09fA&cppv=2 Protocol H2 Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash 5a53c8d13104e7ae92919eaf261304bf836837293d418a84a304bc2eca9a1e2e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Tue, 10 May 2022 01:58:06 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 5205 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Tue, 10 May 2022 01:58:06 GMT strict-transport-security max-age=31536000; preload; content-type text/html; charset=utf-8 location https://mug.criteo.com/sid?cpp=9xHz9nw5ME8rRlhmRVU5K2xiWEk3dzdPbzlUMVhtMVNETUg1M1BQazhlUHNoUzhQOGF2a0RxOVgxQlJMM1lRcHUzSUNRNnlCSkxJcHczQTAzV3JkWWJhb2RuaVpqTnF4cm1NbWhiUmQ2T3U4ZXJjK0tBYzQwVFAvYnp4dHlETzhOSmpUcjBESDdiNmRoQlJvaVlDb2gxR0pYRXdpa2Era3U3VzYrQ2JZb0Q4MlhrL3NiQVg1VDdFNjQraWkyVEFacExOMEFwZUhKSkNIcjNwa3hZd2Y3cW5Sbm1PcVhvNDJ6aldSWjZFZmN3TXlTNCs3OHpOcStxOGpsSDdlQUlQUFlOK3p5UkZGU1BKN01qOUpkYmJNa0k2SkpMUT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1476 content-length 541 expires 0
GET H2	200	ls.html Show response img.scupio.com/html/ Frame 39D4	1 KB 1 KB	33ms 33ms	Document text/html	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/html/ls.html Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce Request headers Referer https://img.scupio.com/html/ad.html?v=1.0.61 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 1113 cache-control max-age=604800 content-encoding gzip content-type text/html; charset=utf-8 date Tue, 10 May 2022 01:42:13 GMT etag W/"583295c9-4dc" expires Tue, 17 May 2022 01:39:33 GMT last-modified Mon, 21 Nov 2016 06:35:53 GMT server nginx/1.12.1 vary Origin via 1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront) x-amz-cf-id 7-yVQQoNTV7QnsxGWQlIimG7py3HqU3-kf68SpiSkhqQFKXflgkOPQ== x-amz-cf-pop JFK51-C1 x-cache Hit from cloudfront
GET H/1.1	200 OK	ggid.aspx Show response rec.scupio.com/recweb/ Frame 504C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1FBMjAyMjA1MTAwOTU4MDY1NDEyNDU%3d&layout=js https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q1FBMjAyMjA1MTAwOTU4MDY1NDEyNDU%3D&layout=js&google_tc= https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJrFbhLtdmXKb1KuDNczWM8&google_cver=1&google_ula=3918219,0	0 551 B	1030ms 204ms	Script text/javascript	210.59.219.175 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJrFbhLtdmXKb1KuDNczWM8&google_cver=1&google_ula=3918219,0 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol HTTP/1.1 Server 210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Tue, 10 May 2022 01:58:07 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET P3P CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA " Cache-Control private Content-Type text/javascript Content-Length 0 Redirect headers pragma no-cache date Tue, 10 May 2022 01:58:07 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJrFbhLtdmXKb1KuDNczWM8&google_cver=1&google_ula=3918219,0 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 332 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	usync.html Show response eus.rubiconproject.com/ Frame 1E9C Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac	281 B 410 B	37ms 24ms	Document text/html	104.107.5.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-107-5-93.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://img.scupio.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 233 content-type text/html; charset=UTF-8 date Tue, 10 May 2022 01:58:07 GMT etag "402b2-119-5d32342a551c0" last-modified Tue, 14 Dec 2021 23:07:59 GMT server Apache/2.2.15 (CentOS) vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-origin * content-length 0 date Tue, 10 May 2022 01:58:07 GMT location https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac server AkamaiGHost
GET H3	200	/ www.facebook.com/tr/ Frame 504C	44 B 91 B	42ms 18ms	Image image/gif	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.61&rl=&if=true&ts=1652147886949&cd[SBST]=17&cd[PuID]=reurl Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Tue, 10 May 2022 01:58:06 GMT
GET H/1.1	200 OK	/ sync.aralego.com/idSync/ Frame 504C	35 B 266 B	71ms 24ms	Image image/gif	162.210.196.208 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Show image Full URL https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CQA20220510095806541245 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT connection close content-length 35 content-type image/gif
GET H3	200	pubads_impl_2022050501.js Show response securepubads.g.doubleclick.net/gpt/ Frame DAA5	368 KB 125 KB	22ms 22ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software sffe / Resource Hash e680f84f5a15d5113b3d271f4f26456bbdd12103f70eaaf21ab08ef68aee9753 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 05 May 2022 10:31:45 GMT content-encoding gzip x-content-type-options nosniff age 401181 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 127685 x-xss-protection 0 last-modified Thu, 05 May 2022 08:34:36 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 05 May 2023 10:31:45 GMT
GET H2	200	ls.html Show response img.scupio.com/html/ Frame 12EF	1 KB 1 KB	24ms 24ms	Document text/html	13.225.223.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://img.scupio.com/html/ls.html Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.223.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-223-103.jfk51.r.cloudfront.net Software nginx/1.12.1 / Resource Hash 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce Request headers Referer https://img.scupio.com/html/ad.html?v=1.0.61 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 1114 cache-control max-age=604800 content-encoding gzip content-type text/html; charset=utf-8 date Tue, 10 May 2022 01:42:13 GMT etag W/"583295c9-4dc" expires Tue, 17 May 2022 01:39:33 GMT last-modified Mon, 21 Nov 2016 06:35:53 GMT server nginx/1.12.1 vary Origin via 1.1 4ffd9afb636b7eb92e42cf2534136d50.cloudfront.net (CloudFront) x-amz-cf-id nczMsTlOy6OzurRScGkQR-vzyEo0-R7xTorgmFos6btmtCpbRzFaZQ== x-amz-cf-pop JFK51-C1 x-cache Hit from cloudfront
GET H/1.1	200 OK	ggid.aspx Show response rec.scupio.com/recweb/ Frame EC42 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0xBMjAyMjA1MTAwOTU4MDY2MTA4Mzg%3d&layout=js https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q0xBMjAyMjA1MTAwOTU4MDY2MTA4Mzg%3D&layout=js&google_tc= https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEFNQdma8KMOw0GrBgQdC3pY&google_cver=1&google_ula=3918219,0	0 551 B	1104ms 219ms	Script text/javascript	210.59.219.175 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEFNQdma8KMOw0GrBgQdC3pY&google_cver=1&google_ula=3918219,0 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol HTTP/1.1 Server 210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Tue, 10 May 2022 01:58:07 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET P3P CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA " Cache-Control private Content-Type text/javascript Content-Length 0 Redirect headers pragma no-cache date Tue, 10 May 2022 01:58:07 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEFNQdma8KMOw0GrBgQdC3pY&google_cver=1&google_ula=3918219,0 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 332 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	usync.html Show response eus.rubiconproject.com/ Frame 164B Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac	281 B 410 B	34ms 21ms	Document text/html	104.107.5.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac Requested by Host: reurl.cc URL: https://reurl.cc/b2gxzv Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-107-5-93.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://img.scupio.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 233 content-type text/html; charset=UTF-8 date Tue, 10 May 2022 01:58:07 GMT etag "402b2-119-5d32342a551c0" last-modified Tue, 14 Dec 2021 23:07:59 GMT server Apache/2.2.15 (CentOS) vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-origin * content-length 0 date Tue, 10 May 2022 01:58:07 GMT location https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac server AkamaiGHost
GET H3	200	/ www.facebook.com/tr/ Frame EC42	44 B 88 B	19ms 18ms	Image image/gif	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.61&rl=&if=true&ts=1652147886986&cd[SBST]=17&cd[PuID]=reurl Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:06 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Tue, 10 May 2022 01:58:06 GMT
GET H/1.1	200 OK	/ sync.aralego.com/idSync/ Frame EC42	35 B 266 B	78ms 25ms	Image image/gif	162.210.196.208 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Show image Full URL https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CLA20220510095806610838 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT connection close content-length 35 content-type image/gif
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/ Frame 046D	212 B 413 B	34ms 33ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-2473403521176190 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.72.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash 51fe28b51cc20dec62ed0573a56c3b92ccb0e92119e1697ca56054f43e9ee560 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 197 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.ca/adsid/ Frame 046D	107 B 792 B	88ms 40ms	Script application/javascript	2607:f8b0:4006:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ca/adsid/integrator.js?domain=reurl.cc Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers timing-allow-origin * date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 046D	107 B 549 B	84ms 39ms	Script application/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=reurl.cc Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers timing-allow-origin * date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame D5A3	603 B 69 B	90ms 49ms	Document text/html	2607:f8b0:4006:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2473403521176190&output=html&adk=1812271804&adf=552094765&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freurl.cc%2Fb2gxzv&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652147886864&bpp=3&bdt=272&idt=176&shv=r20220505&mjsv=m202205040101&ptt=9&saldr=aa&nras=1&correlator=4966083821628&frm=23&ife=1&pv=2&ga_vid=780713007.1652147885&ga_sid=1652147887&ga_hid=1742749414&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=970&ish=90&ifk=3046847822&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C42531534%2C31067281%2C31067488&oid=2&pvsid=4329447563984145&pem=972&tmod=1012239192&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.w1fiwtjcrssj&fsb=1&dtd=198 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:820::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 10 May 2022 01:58:07 GMT expires Tue, 10 May 2022 01:58:07 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 046D	14 KB 10 KB	86ms 45ms	XHR application/json	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220505&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fa917b970084bf193ccc6f029a65f55766a4eb5ff8c5abb748efe65e5f669236 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers timing-allow-origin * date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10624 x-xss-protection 0
GET H3	400	ads Show response googleads.g.doubleclick.net/pagead/ Frame 7A11	603 B 68 B	99ms 75ms	Document text/html	2607:f8b0:4006:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2473403521176190&output=html&h=90&slotname=1859553306&adk=459883934&adf=3570015882&pi=t.ma~as.1859553306&w=728&psa=0&format=728x90&url=https%3A%2F%2Freurl.cc%2Fb2gxzv&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652147886867&bpp=2&bdt=276&idt=205&shv=r20220505&mjsv=m202205040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4966083821628&frm=23&ife=1&pv=1&ga_vid=780713007.1652147885&ga_sid=1652147887&ga_hid=1742749414&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=975&biw=1600&bih=1200&isw=970&ish=90&ifk=3046847822&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C42531534%2C31067281%2C31067488&oid=2&pvsid=4329447563984145&pem=972&tmod=1012239192&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.3vut68h9vkyo&fsb=1&dtd=212 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:820::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 10 May 2022 01:58:07 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	cookie.js Show response partner.googleadservices.com/gampad/ Frame 1442	212 B 220 B	34ms 33ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-2473403521176190 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash e3dbdcb2cc7964c2080931f3398b5750326d5e170ca90caa238b40ccba46f092 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 198 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.ca/adsid/ Frame 1442	107 B 165 B	59ms 58ms	Script application/javascript	2607:f8b0:4006:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ca/adsid/integrator.js?domain=reurl.cc Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers timing-allow-origin * date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 1442	107 B 165 B	57ms 56ms	Script application/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=reurl.cc Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers timing-allow-origin * date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 85C4	603 B 69 B	47ms 45ms	Document text/html	2607:f8b0:4006:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2473403521176190&output=html&adk=1812271804&adf=552094766&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freurl.cc%2Fb2gxzv&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652147886925&bpp=3&bdt=318&idt=167&shv=r20220505&mjsv=m202205040101&ptt=9&saldr=aa&nras=1&correlator=4966083821628&frm=23&ife=1&pv=1&ga_vid=780713007.1652147885&ga_sid=1652147887&ga_hid=2126034751&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=1889084080&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060048%2C31062930&oid=2&pvsid=3520375548434890&pem=972&tmod=1911648198&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.2v0y9a3joijz&fsb=1&dtd=186 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:820::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 10 May 2022 01:58:07 GMT expires Tue, 10 May 2022 01:58:07 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 1442	14 KB 10 KB	77ms 75ms	XHR application/json	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220505&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 99f3bc2ddc222494ceaa2a13f5255a6b8dee620998d04a7427a809026629a110 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers timing-allow-origin * date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10647 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame DAA5	107 B 122 B	102ms 58ms	Script application/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers timing-allow-origin * date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame DAA5	307 B 157 B	67ms 66ms	XHR text/plain	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2379859099527053&correlator=180962915689800&eid=31067277&output=ldjh&gdfp_req=1&vrg=2022050501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&ecs=20220510&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1652147887151&lmt=1644386353&dlt=1652147886737&idt=388&biw=-12245933&bih=-12245933&adxs=-12245933&adys=-12245933&ucis=xpmoq3nrsuli&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=33019709.1652147887&ga_sid=1652147887&ga_hid=756880471&ga_fc=false&topics=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash 591a4d6d153b2aefa9227e6077d19bb3d85892bdb3c0f1725a6f2617dcda7964 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 128 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cdn.aralego.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 42904130547e4b46676213bd16959c68.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0A8F	6 KB 4 KB	96ms 37ms	Document text/html	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://42904130547e4b46676213bd16959c68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cdn.aralego.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 10 May 2022 01:58:07 GMT expires Wed, 10 May 2023 01:58:07 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame 7F72	107 B 122 B	51ms 39ms	Script application/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers timing-allow-origin * date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 7F72	307 B 157 B	74ms 73ms	XHR text/plain	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4009659926047522&correlator=2807117849231843&eid=44763152%2C31064019&output=ldjh&gdfp_req=1&vrg=2022050501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&ecs=20220510&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1652147887176&lmt=1644386353&dlt=1652147886730&idt=436&biw=-12245933&bih=-12245933&adxs=-12245933&adys=-12245933&ucis=d7w6ptjfeen9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1128558540.1652147887&ga_sid=1652147887&ga_hid=885252551&ga_fc=false&topics=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash 6a1213db38520d49e1261b0aa8cd90674bbf6e96ee7d7d4929a2edf9b41bb456 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 128 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cdn.aralego.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 7056a23ce5024f17f750395fcfadfc49.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 33AB	6 KB 4 KB	95ms 38ms	Document text/html	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://7056a23ce5024f17f750395fcfadfc49.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cdn.aralego.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 10 May 2022 01:58:07 GMT expires Wed, 10 May 2023 01:58:07 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	400	ads Show response googleads.g.doubleclick.net/pagead/ Frame CDFB	603 B 66 B	55ms 55ms	Document text/html	2607:f8b0:4006:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2473403521176190&output=html&h=250&slotname=8781616842&adk=184358539&adf=3570015883&pi=t.ma~as.8781616842&w=300&psa=0&format=300x250&url=https%3A%2F%2Freurl.cc%2Fb2gxzv&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652147886928&bpp=2&bdt=321&idt=280&shv=r20220505&mjsv=m202205040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4966083821628&frm=23&ife=1&pv=1&ga_vid=780713007.1652147885&ga_sid=1652147887&ga_hid=2126034751&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=719&biw=1600&bih=1200&isw=300&ish=250&ifk=1889084080&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31060048%2C31062930&oid=2&pvsid=3520375548434890&pem=972&tmod=1911648198&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rca8pmw2ey9i&fsb=1&dtd=286 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:820::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 10 May 2022 01:58:07 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 046D	17 KB 7 KB	98ms 48ms	Script text/javascript	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 10 May 2022 01:58:07 GMT
GET H2	200	usync.js Show response eus.rubiconproject.com/ Frame 164B	32 KB 10 KB	19ms 19ms	Script text/html	104.107.5.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-107-5-93.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 1ab78b98aade3fe57666c8ca61b95248118dd237f747c84fa1a6e448e094921f Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip last-modified Thu, 05 May 2022 20:46:54 GMT server Apache/2.2.15 (CentOS) x-powered-by PHP/5.3.3 vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" cache-control max-age=23361 content-type text/html; charset=UTF-8 content-length 9499 expires Tue, 10 May 2022 08:27:28 GMT
GET H2	200	usync.js Show response eus.rubiconproject.com/ Frame 1E9C	32 KB 10 KB	20ms 20ms	Script text/html	104.107.5.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.107.5.93 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-107-5-93.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 1ab78b98aade3fe57666c8ca61b95248118dd237f747c84fa1a6e448e094921f Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip last-modified Thu, 05 May 2022 20:46:54 GMT server Apache/2.2.15 (CentOS) x-powered-by PHP/5.3.3 vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" cache-control max-age=23361 content-type text/html; charset=UTF-8 content-length 9499 expires Tue, 10 May 2022 08:27:28 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 1442	17 KB 6 KB	116ms 100ms	Script text/javascript	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 10 May 2022 01:58:07 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 164B	284 B 921 B	135ms 26ms	Image image/jpg	8.43.72.98 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 2dd9fa24169fa04536d533da131679f8 Content-Type image/jpg
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 1E9C	284 B 934 B	131ms 25ms	Image image/jpg	8.43.72.98 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 2dd9fa24169fa04536d533da131679f8 Content-Type image/jpg
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame DAA5	14 KB 10 KB	43ms 43ms	XHR application/json	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022050501&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 01c6609ad791bf79135ee3f5c7ab25ea916f74f8ab0f54af710e1d5e8c24ebf0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers timing-allow-origin * date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10588 x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 7F72	14 KB 10 KB	42ms 42ms	XHR application/json	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022050501&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4e2e418b74a1b7d07291a9aea0b7219dffb4afc56effe8e995aac3f1f0d4aadd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers timing-allow-origin * date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10543 x-xss-protection 0
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6ED0	13 KB 5 KB	64ms 19ms	Document text/html	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 262598 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 07 May 2022 01:01:29 GMT expires Sun, 07 May 2023 01:01:29 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 2333	783 B 536 B	85ms 39ms	Document text/html	2607:f8b0:4006:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2004 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 75ec47618afa52c4f046fb8967737870a26495cb6378a79981e6179a2414c39f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-BoL-SB88rEG3sN9IRIX7pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 514 content-security-policy script-src 'report-sample' 'nonce-BoL-SB88rEG3sN9IRIX7pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 10 May 2022 01:58:07 GMT expires Tue, 10 May 2022 01:58:07 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame DAA5	17 KB 6 KB	112ms 72ms	Script text/javascript	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 10 May 2022 01:58:07 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 7F72	17 KB 6 KB	80ms 54ms	Script text/javascript	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 10 May 2022 01:58:07 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 12FC	13 KB 5 KB	19ms 19ms	Document text/html	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 262598 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 07 May 2022 01:01:29 GMT expires Sun, 07 May 2023 01:01:29 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame EC77	783 B 534 B	39ms 39ms	Document text/html	2607:f8b0:4006:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2004 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 1822114d85a256640195fce58329d654d35387fab1b8057587a998ebb0b9de09 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-4rjcAFgkcYBegbYwrR3LrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://reurl.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-4rjcAFgkcYBegbYwrR3LrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 10 May 2022 01:58:07 GMT expires Tue, 10 May 2022 01:58:07 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H/1.1	200 OK	rubiconid.aspx bw.scupio.com/adpinline/ Frame 1E9C Redirect Chain https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=L2ZI70O3-Q-8GT5 https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L2ZI70O3-Q-8GT5	0 620 B	220ms 219ms	Image application/javascript	210.59.219.180 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L2ZI70O3-Q-8GT5 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac Protocol HTTP/1.1 Server 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Tue, 10 May 2022 01:58:07 GMT Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET P3P CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA " Cache-Control private Content-Type application/javascript Content-Length 0 Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L2ZI70O3-Q-8GT5 Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 38ddff6a66d3988dfd0c6ea3be81c5f1 Expires 0
GET H3	200	dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Show response pagead2.googlesyndication.com/bg/ Frame 6ED0	35 KB 13 KB	20ms 19ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Fri, 06 May 2022 15:55:40 GMT content-encoding br x-content-type-options nosniff age 295347 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13694 x-xss-protection 0 last-modified Mon, 02 May 2022 13:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 06 May 2023 15:55:40 GMT
GET H3	200	dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Show response pagead2.googlesyndication.com/bg/ Frame 12FC	35 KB 13 KB	21ms 20ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Fri, 06 May 2022 15:55:40 GMT content-encoding br x-content-type-options nosniff age 295347 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13694 x-xss-protection 0 last-modified Mon, 02 May 2022 13:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 06 May 2023 15:55:40 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame B34F	13 KB 5 KB	20ms 19ms	Document text/html	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cdn.aralego.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 262598 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 07 May 2022 01:01:29 GMT expires Sun, 07 May 2023 01:01:29 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 1DA6	783 B 533 B	40ms 40ms	Document text/html	2607:f8b0:4006:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2004 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 82a1214dadfeac335626e39ad9830cc05ddc67dadbd7bf59cc6381e6854ba7da Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-8zNENxKPQeutveLugNX2eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cdn.aralego.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 511 content-security-policy script-src 'report-sample' 'nonce-8zNENxKPQeutveLugNX2eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 10 May 2022 01:58:07 GMT expires Tue, 10 May 2022 01:58:07 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 2333	0 0	117ms 116ms	Image text/html	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220505&jk=4329447563984145&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame EC77	0 0	89ms 89ms	Image text/html	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220505&jk=3520375548434890&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame C845	13 KB 5 KB	20ms 20ms	Document text/html	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cdn.aralego.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 262598 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 07 May 2022 01:01:29 GMT expires Sun, 07 May 2023 01:01:29 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 29C8	783 B 536 B	39ms 38ms	Document text/html	2607:f8b0:4006:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2004 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 0b113f7d6a82b4f52821f75c936afb7f594b4bedea59ef01678ad4427cc4e7e1 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-HDWwzNLjWA5eBkSL2zieAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cdn.aralego.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 514 content-security-policy script-src 'report-sample' 'nonce-HDWwzNLjWA5eBkSL2zieAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 10 May 2022 01:58:07 GMT expires Tue, 10 May 2022 01:58:07 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	709414.gif id.rlcdn.com/ Frame 164B	42 B 448 B	317ms 41ms	Image image/gif	35.190.60.146 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://id.rlcdn.com/709414.gif Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 146.60.190.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers timing-allow-origin * date Tue, 10 May 2022 01:58:07 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 164B Redirect Chain https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=82_bokfKQGuw_voS4BhcAw&rk=usync-na https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=82_bokfKQGuw_voS4BhcAw	43 B 556 B	32ms 31ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=82_bokfKQGuw_voS4BhcAw Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Pragma no-cache Date Tue, 10 May 2022 01:58:08 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid QDBJ9B2SM6W92SN05XKN Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=82_bokfKQGuw_voS4BhcAw Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 368ba1c92c09ff88b641150fbbf94341 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 164B Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjMwOTY4ZWY1MjNiOWUxNzcwMWRiYmFjZDIxY2I3Y2E2YWM0MWQ1Nw	170 B 188 B	38ms 38ms	Image image/png	142.251.40.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjMwOTY4ZWY1MjNiOWUxNzcwMWRiYmFjZDIxY2I3Y2E2YWM0MWQ1Nw Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H3 Server 142.251.40.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s39-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Tue, 10 May 2022 01:58:07 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjMwOTY4ZWY1MjNiOWUxNzcwMWRiYmFjZDIxY2I3Y2E2YWM0MWQ1Nw Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 2dd9fa24169fa04536d533da131679f8 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 164B Redirect Chain https://match.adsrvr.org/track/cmf/rubicon https://match.adsrvr.org/track/cmb/rubicon? https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=408ffd6b-ae5c-41f6-bfad-3d3ba158f88a&gdpr=0&gdpr_consent=&expires=30	42 B 678 B	32ms 24ms	Image image/gif	8.43.72.97 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=408ffd6b-ae5c-41f6-bfad-3d3ba158f88a&gdpr=0&gdpr_consent=&expires=30 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol HTTP/1.1 Server 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost 368ba1c92c09ff88b641150fbbf94341 Content-Type image/gif Redirect headers pragma no-cache date Tue, 10 May 2022 01:58:07 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=408ffd6b-ae5c-41f6-bfad-3d3ba158f88a&gdpr=0&gdpr_consent=&expires=30 cache-control private,no-cache, must-revalidate content-type text/html content-length 289
GET H/1.1	200 OK	ecm3 aax-eu.amazon-adsystem.com/s/ Frame 164B Redirect Chain https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LwEXzeEhS6CPrkh988kgqA&rk=usync-other https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LwEXzeEhS6CPrkh988kgqA	43 B 556 B	100ms 100ms	Image image/gif	52.94.222.140 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LwEXzeEhS6CPrkh988kgqA Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol HTTP/1.1 Server 52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Pragma no-cache Date Tue, 10 May 2022 01:58:08 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 59TWC759NB3P11AXX11S Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LwEXzeEhS6CPrkh988kgqA Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 368ba1c92c09ff88b641150fbbf94341 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 164B Redirect Chain https://token.rubiconproject.com/token?pid=25470 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJaSTcwTzMtUS04R1Q1	170 B 188 B	37ms 37ms	Image image/png	142.251.40.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJaSTcwTzMtUS04R1Q1 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol H3 Server 142.251.40.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s39-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Tue, 10 May 2022 01:58:07 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJaSTcwTzMtUS04R1Q1 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 2dd9fa24169fa04536d533da131679f8 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 164B Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 https://pr-bh.ybp.yahoo.com/sync/rubicon/X5W3G1gG1klvvW_3MkObfA?csrc= https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2619921606560340688	42 B 678 B	45ms 24ms	Image image/gif	8.43.72.97 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2619921606560340688 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol HTTP/1.1 Server 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost 368ba1c92c09ff88b641150fbbf94341 Content-Type image/gif Redirect headers date Tue, 10 May 2022 01:58:07 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 location https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2619921606560340688 x-xss-protection 1; mode=block content-length 0 x-content-type-options nosniff
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 164B Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELgl-qnuDcK22nAVH_IbHFU&google_cver=1	42 B 678 B	288ms 24ms	Image image/gif	8.43.72.97 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELgl-qnuDcK22nAVH_IbHFU&google_cver=1 Requested by Host: img.scupio.com URL: https://img.scupio.com/html/ad.html?v=1.0.61 Protocol HTTP/1.1 Server 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 42 X-RPHost 368ba1c92c09ff88b641150fbbf94341 Content-Type image/gif Redirect headers pragma no-cache date Tue, 10 May 2022 01:58:07 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELgl-qnuDcK22nAVH_IbHFU&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 326 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Show response pagead2.googlesyndication.com/bg/ Frame B34F	35 KB 13 KB	20ms 20ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Fri, 06 May 2022 15:55:40 GMT content-encoding br x-content-type-options nosniff age 295347 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13694 x-xss-protection 0 last-modified Mon, 02 May 2022 13:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 06 May 2023 15:55:40 GMT
GET H3	200	dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Show response pagead2.googlesyndication.com/bg/ Frame C845	35 KB 13 KB	20ms 20ms	Script text/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/dFqp3r-NjKYIiZFGuMjg27V2y58JRdrnPk3CKLoufA4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 745aa9debf8d8ca608899146b8c8e0dbb576cb9f0945dae73e4dc228ba2e7c0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Fri, 06 May 2022 15:55:40 GMT content-encoding br x-content-type-options nosniff age 295347 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13694 x-xss-protection 0 last-modified Mon, 02 May 2022 13:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 06 May 2023 15:55:40 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 6ED0	0 9 B	19ms 19ms	Image text/plain	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?1w2aKw Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 12FC	0 9 B	20ms 19ms	Image text/plain	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?ht3XKQ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 1DA6	0 0	87ms 86ms	Image text/html	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022050501&jk=4009659926047522&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 29C8	0 0	87ms 87ms	Image text/html	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022050501&jk=2379859099527053&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame B34F	0 9 B	20ms 19ms	Image text/plain	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?nXihdQ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame C845	0 9 B	19ms 19ms	Image text/plain	2607:f8b0:4006:817::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?CjQLUw Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:817::2001 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:07 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 046D	0 0	99ms 98ms	Image text/html	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220505&jk=4329447563984145&bg=!NTalNnLNAAZX5TVhd-U7ACkAdvg8WiZuYDIPeV1dXifowXDoE6sbXu97H0r12NbZBW6LAIAHSaABcAIAAAF8UgAAAAJoAQcKABvnwzRRzSaXaRZjSUn-s3rkUIHPxPKVLd-kb2mZAtW5wMbNQ3FDh--zK0kpd7YWGj1b847Tu3Pr6CmDIjM5hnPST6TVaYaH7Lfsyu-aUkkbLTV3iDBEuT9uXFbXL6kZfVgX6QQQGw01-xpzHT6hZXliZa_q4dUoGhKd4P6A1vPgrQ3pNs10Yn48Dm4fExh7UUBdzf6Zys5gpKGLxr4hDFxKqXTyqXszyo-_hb4uzyMy7Zn9AcHxkf8yi_ZaKwUiZfcoZD5razkcsY0PgZEF78zTZnUA-kvBBEgJd04jK7ahcGmUTCn2OVSMiUQbbeMS__Db3JIDmGTiUruzMKynEIg2dl6C6mmTghv4Fx07mxtcU4ZACl5zGEw2Z7QAO5ywiZFXtneeHojVagyYXZnXA1RMuqIrXwvqCgom9eRex5awIuOZw06WAdpKYew4NUaXnuselm8xenZ7_KOFkK1NM8k-4PvPi83GRZ8DNpVmKZvzaWS-bt_FJ3zm7-PdAGgOCFfSAMTYBIR5afQW72X2jLDl0lYvvyw-xTwl3PmCydaqHP8DHsldGn5gCEEh5URo7rcFeiRSBzYexU3H_nAbieDjx96LJ0KuLf6x8FH7f7JXmud3Lj21kr13kooSYkGWbYvLfsTm-i25-vwKcSmB9DUGyDVb9-UxMvcnJuBOUYykefwAB1FAh-MyF8s_fCJ9RaeAZCsJxJ0disnUcE7CBityjsXHqhLXCiuSUYt15zNlpdE0XSeeulEuExCCHMD8A_2_Sx-AVwE7YnlEQgS0DuwEX7VI19s9z39UyZoZMgHLmG7ro5FnHMQX-5cRTQc1d31-36SxN5aShv6beRpb1g023u6Vv4NyTiSe01tES_3UEVcjfuiGe3xGF4QRaQX5zGlwnrdLsOwyHULxnVMKobk0bS2EzB1hfLLo8AneqNc8ZdjJTO8hCsCVzRxFpESw6vTpEhSPtO4n5ncjWYO58VWFdY-dlQCkNrNbzCmwnHqDaj9OGg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 1442	0 0	90ms 89ms	Image text/html	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220505&jk=3520375548434890&bg=!QEOlQwfNAAZX5TVhd-U7ACkAdvg8Win6oGf3jbMUclfoSDlQp72oEUn39nN-OLWzdMeJag2fV9cWegIAAAE9UgAAAAJoAQcKAKthOleNccqFp9E1xTneceU0ezFwvTLv6n7gscp2Sl0kwILV92SuXEu6oLi-JuO2wZ3kvqAGWLEqz1Tp08OVPhx1c3Uii4vjNaeUusmoHPXD6C4ItZVcJFEvrbGVJLWeg52PlIjCkfO2msYfj7uyhog6AwWUxVGiLj4YoMM4Vla2g-enfSfVoAgVpZyYFHuQCk_jFuUlyeIIckM8k996bdEvuV1XYXQBFvM99saZAtASORnanA6-qPJOZ_r7eeHvGuIWHhGgmqfZdEF9vRCTYaGfOOeYXggmFp6i7xhACqQDW1TarRwdDcpgKIDKteqAojnIFgsIZNvWQM-A0oAz2Ucc6QLZ9rJVlh_MR0FMkptzuG8b6Buy7SVbQdJb5ozRf-V-GHSFtqLoodcXyyo5GajN6neYdzy-aGBdEN8uuT9ibclMtDlv95ehnwPVXhJm-8zZnL1hXWLK4nksX3p0CSubmCXSQi1VFQ3tOrpXyI1VdtleV1LqKB2uQqRkG7lb29NIA6J9toxrSsbq3XA0IJbWTkoBTDOOxy7XXgS0EPL3snc0EfhklfLdaGAIjwpoGnEXZPw1o-jlM9SamfgWLJV0chKfCtlLMhLLgw_T3dBzMBqZT46j4iibdQcsQhZftUnrhAV5qyV9v3hiyRFXpHMBnvjcp-yLz_YXYPYqo_AgHxZBgvvFmQTWoBW_Z8GLveGTMtHBC1EF7T6ff775azojF7398OtzSln1eVyvOFs14yYcbbORT8sIr084_hQs2yflfqfXDS0WYIebruSKLgziz9N0mfpRUM4CuyDzn5nCAxYverDKx24ofiBN15JNcM_lMVMdkB1gJx8YoT7Sa9Hww8kMXRwdss70pzHEbsMyD8dMU5HZKlsaNsTxz7alGvc3AC6JAYXFEb-59s2INtDbWfrHwf2zLIWgXFjdG25n4BLMukuZBjmpemNBZkzW6IT-MOFlS4rujlrvxkjyWMVEcshkZIXJUt-sACUg3MO0hNjSClu1BTjCx6OPDZwGglWfD3zIU-hPdUxGVEBgMfAG33b-2Q_5hZHLPZmtD6mp1CdMP2orC9_rK3nppKlgoIA3byLlhC1lrzqmQEGHSUn2IG9S6JvoZu1pfJLZbuKh6xb2PHerImWKK8sMaIm1KKChsWEkDweU1PjlQw9TNOn-skSyjHmBGEuQLy-86X0 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://reurl.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 7F72	0 0	90ms 90ms	Image text/html	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022050501&jk=4009659926047522&bg=!tLelt_PNAAZX5TVhd-U7ACkAdvg8Wg4m8Oe2ffVPvrS31oOal5NvLgr6UCQ9whGohKQxqaEt9WGXPAIAAACVUgAAAAJoAQeZAtgfHAwJoLwOyAN9hUW_J5StgpUmWdaD2Kk-iIq7Y57YwJp80sLPDOuixPsQifJxYRbl_9j7-2vBVyo0zUTIyuqYgH3dFUWSm7HzOWvrGr_z1qaRLzyjBZtAavRNAvswsTTMve9-BPLqNEB3BMkpvMnQcFqsXdbI_ApCsz3EC5xK9AUBHCy9rDb0caAVYWFilc2lwbg12UT36wvJ2kOPDF5nDyo6_GSYhVERkGnUos1h7vx6HoLpnf35YySGAdxGxB_y192qJvp8D2nq__L6PRm7b52IqvYD3KsAuXe9vojL5xzHQAVTKnu21zvcecQzHfvS2rc9FnY8xoU5HMPhh-ixEOuF4h0PpadiyJMef7ue5CF7F_uFLr09292R-dIVAd1zbFeT6RxHLu1Ashxb26SzqdGlZ1ujTQd_bt36j5AhxcxdfXckgBWhMoaypRIV0kQLh14Kl3_xjxvc0zk8ENdUa6df16IeuBlPZhsoUs-wX9adTSleMdIXOjU0Z7-IxsDGXG4sC8lqgeEFof5WeNG5Xc2PN52-ZG-XPhnQhd9HYj0GB9QhKrIqlevKLtSUInoii93mTD2ae2GquVZL-cFok1lJhKM8Ox4Gng63LoIi-FeXQI1mFNuzwwLe2YQAGi9aNwCBkOFtC0hDujpskpo1L14cpRPL_mgH5MJJ75BxT481rEJBwytl3m8fvxmnZ11TM1e2zvogEV2idDNievTzCLG_lotLjtpJ62FY9krAR4Z169zrXwXay3rwbBWm_S9_N8IP313l8-o30i69666ZnLz0XotgBqG3rKptWLt4I7utgudRU9aQl2Y7bIfLEg60QS5MukVTHRzxaVB3hAguRpK2Vsvn5EoFjGs5IcI9vh2Qw3NganXuKSxo7_xKfACELkSUgJaWdxSMQKFuQLxPpyFPXV6R4MQwxVYTHdUcxelzNzaf1O0VxQMWxL53Qse4My2nnIaAYQ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame DAA5	0 0	91ms 90ms	Image text/html	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022050501&jk=2379859099527053&bg=!j4yljMjNAAZX5TVhd-U7ACkAdvg8WkIM4bGnNtmNkvEfU_d9TvQwK7G8Y7lXxDiD8gRim2rmwMaG_wIAAACIUgAAAAJoAQcKAAE5mQLYtdQui8PLPyFNFWFo-md90Oq-P7_N8R1JC1TuitKoV2AYbMw3VvLlBNq4_pPWHXwA6UEG_YOu7VebqdqOFA5rRfJsJI1dLm3WH0AvQEZaae1ZKc_rvgYt5jBa83f1gS4l5IWQH7ZlIsksaRrB6ynu2eQwIUFvuHbOTKmn2WhD3ZatnBipptbWIzFVkzZ_DOSOlVNkvtssoIIeyS_vzxHEKrzDGHVh1CRFMR5vejigb2RoWmvLIJuBK9c1Y-n43x3moIetgClyMBLZnnWEYh9YVLXNUhJgUK2SShtbtQ8G-UngyaKqxpWihKzqPyM2kEFr4aW6FxjNTUUe-ODFj-4MSHMwu42_qyxXy92OV-bMR3wASpSxc7lx_6rKXTntVy4JP79iEAGHFdvObd4CAlmH_asGxJRytII5MyR-dFeG_E3Vqt_iPjXku5MgzCpEpDAUsuZXAuul6dFsEJujivLIL1WzUg12fp-fsccQKgFCORBhBmokdEfzdTduCNkk3OYWtJMXEOtri0o_zuOivRn96PZeVgHRg1_to1VNOIfDmsYvB6hBvv0Qjzzsx4RUf_REkX5Ojz1nzxivu9UJmXbvwNVAkO-VbZgxP-uhQPEVuejyOKM4FOHbaUMkH3c9n3Ls22LQ5A1mGMxPkAWlTyiQL0QreGgqisjtSCK7yMnSjfGzzqIiiD-ki-JLLNF10tJw7-GoFSEeeXUcUXJHeJcr1yUgnHZEGhlQeM81QnGAnUiO173p7P0tMpBf7qt7PQzEpeeiATNrSRSfRgw86D8i_TIZq-QUypqxW5qksu5kAWNJk3UwNZDwUc4AjaZg50Dn_ean0kltjgTPRVusQXOqAA7ZGRDlEtJmP2vrS-QubtgVybsc-4MyiTjKLfGOxt3-X0oN_SNb5WDwJxaVZVeBzTD4DN6RqxTTa5KwA1fsoxtVUSUNTk16BV490qIAbYHsMzSRp7szGOA Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	70ms 25ms	Preflight application/json	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://img.scupio.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://img.scupio.com cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Tue, 10 May 2022 01:58:08 GMT expires 0 pragma no-cache server-processing-duration-in-ticks 1218 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Frame 9C75 Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 https://mug.criteo.com/sid?cpp=SVn763x0OHgydURaSzFtVjYxMDBlR3AwbE0wWjR1K3BNM0lBOS9CY0gxUFVkOVIyQTNVRGNPa2grTUhpcEh2TnVFZEtPaFlJcVk0RlZyZStiYWp4QytRdTRTaTBwUlFON0RpRXNHZWF4UG5oUkxMdEkyVko2aWoyNUpwMn...	414 B 663 B	27ms 26ms	XHR application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=SVn763x0OHgydURaSzFtVjYxMDBlR3AwbE0wWjR1K3BNM0lBOS9CY0gxUFVkOVIyQTNVRGNPa2grTUhpcEh2TnVFZEtPaFlJcVk0RlZyZStiYWp4QytRdTRTaTBwUlFON0RpRXNHZWF4UG5oUkxMdEkyVko2aWoyNUpwMnJmNXZxODZ2SWxzYncxVDdSbitscXlPMUZia2hwYXloelZncG5MN0VhVUdFR2FDU0R2NHZhdnlBQXp4RUVDeHQyVEM0disvYllmRTVja0hvQ2VaNlRVR0tMaXI1alh3V2Z1RTJTc1ptQk5VYUpGbzZRNmN0ejg5SndJSjBFdkxMdndsb21hQVJ2bWhtTjRRQ1p3cGNoMUdaTHU1K2pmcnV3RWJLODdBbG5STGg0U1FQQ3NyND18&cppv=2 Protocol H2 Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash 205b7f2f9078c8dabadf1c261c38b04e184b498c5bda2e7198dc56e45a9a4671 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Tue, 10 May 2022 01:58:08 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 3953 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Tue, 10 May 2022 01:58:08 GMT location https://mug.criteo.com/sid?cpp=SVn763x0OHgydURaSzFtVjYxMDBlR3AwbE0wWjR1K3BNM0lBOS9CY0gxUFVkOVIyQTNVRGNPa2grTUhpcEh2TnVFZEtPaFlJcVk0RlZyZStiYWp4QytRdTRTaTBwUlFON0RpRXNHZWF4UG5oUkxMdEkyVko2aWoyNUpwMnJmNXZxODZ2SWxzYncxVDdSbitscXlPMUZia2hwYXloelZncG5MN0VhVUdFR2FDU0R2NHZhdnlBQXp4RUVDeHQyVEM0disvYllmRTVja0hvQ2VaNlRVR0tMaXI1alh3V2Z1RTJTc1ptQk5VYUpGbzZRNmN0ejg5SndJSjBFdkxMdndsb21hQVJ2bWhtTjRRQ1p3cGNoMUdaTHU1K2pmcnV3RWJLODdBbG5STGg0U1FQQ3NyND18&cppv=2 strict-transport-security max-age=31536000; preload; access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://img.scupio.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1572 content-length 567 expires 0
GET H/1.1	200 OK	idSync sync.aralego.com/ Frame 9C75	35 B 266 B	72ms 27ms	Image image/gif	162.210.196.208 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Show image Full URL https://sync.aralego.com/idSync Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:08 GMT connection close content-length 35 content-type image/gif
GET H3	200	cm c.holmesmind.com/ Frame 9C75	0 15 B	502ms 502ms	Image text/html	35.201.76.93 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://c.holmesmind.com/cm Protocol H3 Security QUIC, , AES_128_GCM Server 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 93.76.201.35.bc.googleusercontent.com Software nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:09 GMT via 1.1 google server nginx/1.10.3 (Ubuntu) x-powered-by PHP/7.0.18-0ubuntu0.17.04.1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type text/html; charset=UTF-8
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	63ms 24ms	Preflight application/json	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://img.scupio.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://img.scupio.com cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Tue, 10 May 2022 01:58:08 GMT expires 0 pragma no-cache server-processing-duration-in-ticks 1081 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Frame AB3D Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 https://mug.criteo.com/sid?cpp=tVCyY3w2c0Q5T1BhQ2ZsSjJqODJQM2hQenphVzRwRlYvcmtGM0JMNWN1STBPNitHZDk3KzZnWWZDd1FxRU5sMTZodVpqcEtJMDdRL3E3dCtZWWpwcDRrU2JtWGJOV3JlSStvaStLUDIxdVRkdGJwSDVyTTEvUG9Xcm5pNU...	417 B 665 B	27ms 26ms	XHR application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=tVCyY3w2c0Q5T1BhQ2ZsSjJqODJQM2hQenphVzRwRlYvcmtGM0JMNWN1STBPNitHZDk3KzZnWWZDd1FxRU5sMTZodVpqcEtJMDdRL3E3dCtZWWpwcDRrU2JtWGJOV3JlSStvaStLUDIxdVRkdGJwSDVyTTEvUG9Xcm5pNUJ3K1F2K3llRWdQNXBkZnpUZWpWV0tuUkUyRjNqNFRjb244bmpFN25MVW4yNXN4amVwdlU0d05qbDAwTE5ydEpwRm9pUVhndVNlSGpRb01EaTJhaU9lTXJqZzFJRFZFSUJ1SlEyV21MbTh0QlMzWTQ3NC9hRGVjQkVvNnZEY0dpd0hoV0pXV3JueFBVSEswNFk2MHlmTmV4VkxQUGozU1EwSXcxU1NaZmprNkdWUEFVN3U5MD18&cppv=2 Protocol H2 Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash 8e107dc3c11ca5aeb3668d8720d4988e6fa9dcd2f4d4b7a75f518051dc5f9465 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers pragma no-cache date Tue, 10 May 2022 01:58:08 GMT content-encoding gzip vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 4602 strict-transport-security max-age=31536000; preload; expires 0 Redirect headers pragma no-cache date Tue, 10 May 2022 01:58:08 GMT location https://mug.criteo.com/sid?cpp=tVCyY3w2c0Q5T1BhQ2ZsSjJqODJQM2hQenphVzRwRlYvcmtGM0JMNWN1STBPNitHZDk3KzZnWWZDd1FxRU5sMTZodVpqcEtJMDdRL3E3dCtZWWpwcDRrU2JtWGJOV3JlSStvaStLUDIxdVRkdGJwSDVyTTEvUG9Xcm5pNUJ3K1F2K3llRWdQNXBkZnpUZWpWV0tuUkUyRjNqNFRjb244bmpFN25MVW4yNXN4amVwdlU0d05qbDAwTE5ydEpwRm9pUVhndVNlSGpRb01EaTJhaU9lTXJqZzFJRFZFSUJ1SlEyV21MbTh0QlMzWTQ3NC9hRGVjQkVvNnZEY0dpd0hoV0pXV3JueFBVSEswNFk2MHlmTmV4VkxQUGozU1EwSXcxU1NaZmprNkdWUEFVN3U5MD18&cppv=2 strict-transport-security max-age=31536000; preload; access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://img.scupio.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1923 content-length 567 expires 0
GET H3	200	cm c.holmesmind.com/ Frame AB3D	0 15 B	766ms 765ms	Image text/html	35.201.76.93 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://c.holmesmind.com/cm Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol H3 Security QUIC, , AES_128_GCM Server 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 93.76.201.35.bc.googleusercontent.com Software nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:09 GMT via 1.1 google server nginx/1.10.3 (Ubuntu) x-powered-by PHP/7.0.18-0ubuntu0.17.04.1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type text/html; charset=UTF-8
GET H/1.1	200 OK	idSync sync.aralego.com/ Frame AB3D	35 B 266 B	71ms 26ms	Image image/gif	162.210.196.208 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Show image Full URL https://sync.aralego.com/idSync Requested by Host: img.scupio.com URL: https://img.scupio.com/js/prebid.js?v=5.20.0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.210.196.208 Wilmington, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-CA,en;q=0.9 Referer https://img.scupio.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Tue, 10 May 2022 01:58:08 GMT connection close content-length 35 content-type image/gif
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	75ms 28ms	Preflight application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=SVn763x0OHgydURaSzFtVjYxMDBlR3AwbE0wWjR1K3BNM0lBOS9CY0gxUFVkOVIyQTNVRGNPa2grTUhpcEh2TnVFZEtPaFlJcVk0RlZyZStiYWp4QytRdTRTaTBwUlFON0RpRXNHZWF4UG5oUkxMdEkyVko2aWoyNUpwMnJmNXZxODZ2SWxzYncxVDdSbitscXlPMUZia2hwYXloelZncG5MN0VhVUdFR2FDU0R2NHZhdnlBQXp4RUVDeHQyVEM0disvYllmRTVja0hvQ2VaNlRVR0tMaXI1alh3V2Z1RTJTc1ptQk5VYUpGbzZRNmN0ejg5SndJSjBFdkxMdndsb21hQVJ2bWhtTjRRQ1p3cGNoMUdaTHU1K2pmcnV3RWJLODdBbG5STGg0U1FQQ3NyND18&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin null cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Tue, 10 May 2022 01:58:08 GMT expires 0 pragma no-cache server-processing-duration-in-ticks 1165 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	75ms 29ms	Preflight application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=tVCyY3w2c0Q5T1BhQ2ZsSjJqODJQM2hQenphVzRwRlYvcmtGM0JMNWN1STBPNitHZDk3KzZnWWZDd1FxRU5sMTZodVpqcEtJMDdRL3E3dCtZWWpwcDRrU2JtWGJOV3JlSStvaStLUDIxdVRkdGJwSDVyTTEvUG9Xcm5pNUJ3K1F2K3llRWdQNXBkZnpUZWpWV0tuUkUyRjNqNFRjb244bmpFN25MVW4yNXN4amVwdlU0d05qbDAwTE5ydEpwRm9pUVhndVNlSGpRb01EaTJhaU9lTXJqZzFJRFZFSUJ1SlEyV21MbTh0QlMzWTQ3NC9hRGVjQkVvNnZEY0dpd0hoV0pXV3JueFBVSEswNFk2MHlmTmV4VkxQUGozU1EwSXcxU1NaZmprNkdWUEFVN3U5MD18&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin null cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Tue, 10 May 2022 01:58:08 GMT expires 0 pragma no-cache server-processing-duration-in-ticks 1289 strict-transport-security max-age=31536000; preload; vary Accept-Encoding