reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://reurl.cc/r9zgxz
Effective URL:
https://reurl.cc/r9zgxz
Submission: On May 06 via manual (May 6th 2024, 8:36:17 am UTC) from DE — Scanned from DE

Summary HTTP 46 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 24 domains to perform 46 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 279459.
TLS certificate: Issued by R3 on March 18th 2024. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	35.185.130.121 35.185.130.121	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
3	34.149.98.30 34.149.98.30	15169 (GOOGLE) (GOOGLE)
1	151.101.129.55 151.101.129.55	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
3	133.186.12.53 133.186.12.53	10010 (TOKAI TOK...) (TOKAI TOKAI Communications Corporation)
1	203.66.34.45 203.66.34.45	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	35.244.196.223 35.244.196.223	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	133.186.12.54 133.186.12.54	10010 (TOKAI TOK...) (TOKAI TOKAI Communications Corporation)
1	35.185.136.122 35.185.136.122	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6811:eec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.78.24 192.0.78.24	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.149.36.179 34.149.36.179	15169 (GOOGLE) (GOOGLE)
1	103.1.220.9 103.1.220.9	131149 (YUANJHEN-...) (YUANJHEN-AS-TW Yuan-Jhen Info.)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:205... 2600:9000:2057:6c00:1e:5c56:d400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.0.78.187 192.0.78.187	2635 (AUTOMATTIC) (AUTOMATTIC)
46	27

2 35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com

storage.reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.55 (San Francisco, United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 133.186.12.53 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p053.net133186012.broadline.ne.jp

cpt.geniee.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.66.34.45 (Kaohsiung City, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-66-34-45.hinet-ip.hinet.net

ad-specs.guoshipartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.186.12.54 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p054.net133186012.broadline.ne.jp

js.genieessp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.185.136.122 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 122.136.185.35.bc.googleusercontent.com

re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eec2 (United States)

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.36.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.36.149.34.bc.googleusercontent.com

www.rayskyinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.1.220.9 (Taiwan)

ASN131149 (YUANJHEN-AS-TW Yuan-Jhen Info., Co., Ltd, TW)
PTR: 103-1-220-9.static.ip.net.tw

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:6c00:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3095 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646 www.google.com — Cisco Umbrella Rank: 2	123 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 89	171 KB
5	reurl.cc reurl.cc — Cisco Umbrella Rank: 279459 storage.reurl.cc — Cisco Umbrella Rank: 386604	7 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
3	geniee.jp cpt.geniee.jp — Cisco Umbrella Rank: 50035	52 KB
2	re-news.tw storage.re-news.tw re-news.tw	31 KB
2	gstatic.com fonts.gstatic.com	173 KB
2	google.de www.google.de — Cisco Umbrella Rank: 7810	126 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	58 KB
1	alphaloan.co blog.alphaloan.co	181 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5790	207 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3774	89 KB
1	racingcharger.tw img.racingcharger.tw	145 KB
1	rayskyinvest.com www.rayskyinvest.com	468 KB
1	gbyhn.com.tw img.gbyhn.com.tw	178 KB
1	creditcards.com.tw creditcards.com.tw	57 KB
1	prnasia.com mma.prnasia.com — Cisco Umbrella Rank: 687047	18 KB
1	genieessp.com js.genieessp.com — Cisco Umbrella Rank: 46867	159 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	6 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101
1	guoshipartners.com ad-specs.guoshipartners.com — Cisco Umbrella Rank: 135834	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	103 KB
1	anymind360.com anymind360.com — Cisco Umbrella Rank: 20125	39 KB
0	yimg.jp Failed yads.c.yimg.jp Failed
46	24

	Domain	Requested by
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	storage.reurl.cc www.google-analytics.com reurl.cc
3	cpt.geniee.jp	reurl.cc cpt.geniee.jp
3	securepubads.g.doubleclick.net	reurl.cc securepubads.g.doubleclick.net
3	storage.reurl.cc	reurl.cc
2	fonts.gstatic.com	reurl.cc
2	www.google.de	reurl.cc
2	region1.analytics.google.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	cdn.jsdelivr.net	reurl.cc
2	reurl.cc
1	blog.alphaloan.co
1	static.wixstatic.com
1	i0.wp.com
1	img.racingcharger.tw
1	www.rayskyinvest.com
1	img.gbyhn.com.tw
1	creditcards.com.tw
1	mma.prnasia.com
1	re-news.tw
1	js.genieessp.com	cpt.geniee.jp
1	storage.re-news.tw	storage.reurl.cc
1	fonts.googleapis.com
1	www.google.com	reurl.cc
1	www.facebook.com	reurl.cc
1	ad-specs.guoshipartners.com	reurl.cc
1	www.googletagmanager.com	reurl.cc
1	anymind360.com	reurl.cc
0	yads.c.yimg.jp Failed	cpt.geniee.jp
46	29

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2024-03-18` - `2024-06-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
storage.reurl.cc GTS CA 1D4	`2024-04-03` - `2024-07-02`	3 months	crt.sh
anymind360.com R3	`2024-04-22` - `2024-07-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.geniee.jp GeoTrust TLS RSA CA G1	`2024-02-27` - `2025-03-29`	a year	crt.sh
ad-specs.guoshipartners.com Go Daddy Secure Certificate Authority - G2	`2024-01-02` - `2025-01-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-13` - `2024-05-13`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2024-04-04` - `2024-07-03`	3 months	crt.sh
*.genieessp.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-16` - `2024-11-26`	a year	crt.sh
re-news.tw R3	`2024-04-26` - `2024-07-25`	3 months	crt.sh
*.prnasia.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-11-24`	a year	crt.sh
tls.automattic.com R3	`2024-04-10` - `2024-07-09`	3 months	crt.sh
gbyhn.com.tw GTS CA 1P5	`2024-03-17` - `2024-06-15`	3 months	crt.sh
*.rayskyinvest.com R3	`2024-05-02` - `2024-07-31`	3 months	crt.sh
img.racingcharger.tw cPanel, Inc. Certification Authority	`2024-03-23` - `2024-06-21`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-01` - `2024-06-29`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://reurl.cc/r9zgxz
Frame ID: 9B79976028BB0CDB568843ECB971642F
Requests: 44 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 9CFE0AB3D609A89D53D9C5E7A3A44352
Requests: 1 HTTP requests in this frame

Frame: https://js.genieessp.com/t/562/614/a1562614.js
Frame ID: 52FB99343D6DBB7662A96F5FC15F9564
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

http://reurl.cc/r9zgxz HTTP 307
https://reurl.cc/r9zgxz Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

46
Requests

98 %
HTTPS

50 %
IPv6

24
Domains

29
Subdomains

27
IPs

5
Countries

2134 kB
Transfer

3811 kB
Size

5
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://re-news.tw/renews/168

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/4404064_XG04064_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/4111

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/55412

Search URL Search Domain Scan URL

URL: https://re-news.tw/rayskyinvest/119152

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/48039

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/22432

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/6529021929c8b98fa9eb5390

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/20451

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://www.comptw.com/
Title: 台灣公司查詢網

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: UTM網址

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://reurl.cc/r9zgxz HTTP 307
https://reurl.cc/r9zgxz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request r9zgxz Show response
reurl.cc/
Redirect Chain

http://reurl.cc/r9zgxz
https://reurl.cc/r9zgxz

11 KB
4 KB

2101ms
571ms

Document
text/html

35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/r9zgxz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 63e1ad4ff6c4ec3eef38326f9ad317f13e20df9b5e373609c1682549417e00d7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 06 May 2024 08:36:02 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding Origin
x-request-id: e37e53cd-7cfa-42e0-9df3-7768f171e4c7

Redirect headers

Location: https://reurl.cc/r9zgxz
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
25 KB 53ms
6ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/r9zgxz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 May 2024 08:36:02 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2614341
x-jsd-version: 4.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25648
x-served-by: cache-fra-etou8220046-FRA
x-jsd-version-type: version
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
storage.reurl.cc/stylesheets/rwd/ 2 KB
1018 B 330ms
278ms Stylesheet
text/css 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/r9zgxz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 01:42:13 GMT
content-encoding: gzip
via: 1.1 google
age: 24830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 904
x-request-id: c13ec733-1fb5-4819-8964-a46436f88ee4
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 ats.js Show response
anymind360.com/js/9479/ 159 KB
39 KB 286ms
10ms Script
application/javascript 151.101.129.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/9479/ats.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/r9zgxz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.55 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

cacbdcce9d203aae9bfc654eb83b09a6ee207674792da700763d8791f3024737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 06 May 2024 04:20:46 GMT
date: Mon, 06 May 2024 08:36:03 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 15317
x-guploader-uploadid: ABPtcPofnbogJjZ54RvuLD4Eer14PHUN1cxvjfLjbE6egCPqMTKt2tFr3GYM8oR0N5eGieBFNmU
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 39605
x-served-by: cache-tyo11954-TYO, cache-fra-etou8220117-FRA
last-modified: Wed, 24 Apr 2024 04:18:07 GMT
server: UploadServer
x-timer: S1714984563.049005,VS0,VE1
etag: "96cb8da26253a86841aaeed23c3f5303"
vary: Accept-Encoding
x-goog-generation: 1713932287148648
x-goog-hash: crc32c=1wjOEg==, md5=lsuNomJTqGhBqu7SPD9TAw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 39605
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-cache-hits: 124, 0

GET
H2 200 ga2.js Show response
storage.reurl.cc/javascripts/ 536 B
443 B 8ms
7ms Script
text/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/ga2.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/r9zgxz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 00:54:36 GMT
content-encoding: gzip
via: 1.1 google
age: 27687
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-request-id: 3dacef01-037e-47e1-b7f0-e1b85e1627a8
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
103 KB 144ms
39ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

Requested by

Host: reurl.cc
URL: https://reurl.cc/r9zgxz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8219721a70269ff358f0add28231be10ee314e3bc3634cb8e396c6c86bc4e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104859
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 May 2024 08:36:03 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
30 KB 152ms
47ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/r9zgxz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b4272c7d17731074319574bbe44f671faeefa25d2b71eb3833a26ba2219d02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30535
x-xss-protection: 0
server: cafe
etag: 733 / 19849 / m202404300101 / config-hash: 17838530926108850522
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 06 May 2024 08:36:03 GMT

GET
H2 200 wrapper.min.js Show response
cpt.geniee.jp/hb/v1/219632/1441/ 9 KB
3 KB 1124ms
274ms Script
application/javascript 133.186.12.53
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpt.geniee.jp/hb/v1/219632/1441/wrapper.min.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/r9zgxz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.53 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p053.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: 61989651a6d5c6ad5ad1b8600432ce4b16473dccae9b8ae5ee0ef3d1fb9dd66e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:04 GMT
content-encoding: gzip
last-modified: Sun, 05 May 2024 12:04:33 GMT
server: nginx
etag: W/"663775d1-22b4"
content-type: application/javascript
cache-control: max-age=3600, private
cross-origin-resource-policy: cross-origin
expires: Mon, 06 May 2024 09:36:04 GMT

GET
H2 200 onead-lib.min.js Show response
ad-specs.guoshipartners.com/static/js/ 22 KB
7 KB 1832ms
318ms Script
application/javascript 203.66.34.45
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-specs.guoshipartners.com/static/js/onead-lib.min.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/r9zgxz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.66.34.45 Kaohsiung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-66-34-45.hinet-ip.hinet.net
Software: HiNetCDN/2405 / OneAD
Resource Hash: 6fa68ebc9d2eab2026b5f4da2eb985488314cdc2792d955996cf16138ddec23d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:04 GMT
via: 1.1 google
content-encoding: br
age: 0
x-powered-by: OneAD
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
last-modified: Thu, 18 Apr 2024 01:57:28 GMT
server: HiNetCDN/2405
etag: W/"66207e08-575f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 1360136
cache-control: public, max-age=360
access-control-allow-credentials: true

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
33 KB 47ms
6ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/r9zgxz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 May 2024 08:36:02 GMT
x-content-type-options: nosniff
content-encoding: br
age: 527799
x-jsd-version: 2.5.16
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33184
x-served-by: cache-fra-etou8220046-FRA
x-jsd-version-type: version
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 renews.js Show response
storage.reurl.cc/javascripts/ 412 B
635 B 55ms
8ms Script
text/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/r9zgxz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 07:49:05 GMT
content-encoding: gzip
via: 1.1 google
age: 2817
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286
x-request-id: 507af7e0-0d04-490d-a2a1-b55d082b85a8
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
0 155ms
155ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/r9zgxz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b4272c7d17731074319574bbe44f671faeefa25d2b71eb3833a26ba2219d02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30535
x-xss-protection: 0
server: cafe
etag: 733 / 19849 / m202404300101 / config-hash: 17838530926108850522
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 06 May 2024 08:36:03 GMT

GET
H2 200 page.php
www.facebook.com/plugins/ Frame 9CFE 0
0 216ms
191ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/r9zgxz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://reurl.cc/r9zgxz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Mon, 06 May 2024 08:36:03 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2797, tp=-1, tpl=-1, uplat=184, ullat=0
x-fb-debug: gUfBwJ1pZ7BRgc9L6JG0CNCpiWVAstGTJRMJQbfzht2qjZZh+i11L2EIWK0vwVrjFtyp/1jFJOKZIzCpzZLufQ==
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 May 2024 07:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3300
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 06 May 2024 09:41:03 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
142 B 15ms
14ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1375423977&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2Fr9zgxz&ul=de-de&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2054557418&gjid=422505829&cid=1960726523.1714984563&tid=UA-102456694-1&_gid=1345228772.1714984563&_r=1&_slc=1&z=877790902

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 May 2024 08:36:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
195 B 6ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1375423977&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2Fr9zgxz&ul=de-de&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=&el=&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1960726523.1714984563&tid=UA-102456694-1&_gid=1345228772.1714984563&z=1945030634

Requested by

Host: reurl.cc
URL: https://reurl.cc/r9zgxz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 05 May 2024 08:43:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 85957
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
344 B 78ms
25ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=1960726523.1714984563&jid=2054557418&gjid=422505829&_gid=1345228772.1714984563&_u=IEBAAEAAAAAAACAAI~&z=748236447

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 May 2024 08:36:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/ 452 KB
141 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d984ca6d8941a42d14d72840922ab456749ffe0fbfc734cd583b8a0b095386fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:02:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2024
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144216
x-xss-protection: 0
server: cafe
etag: 9149044719003253135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 06 May 2025 08:02:19 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
249 B 43ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je4510v897965293za200&_p=1714984563110&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1960726523.1714984563&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714984563&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fr9zgxz&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2695
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 08:36:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 25ms
24ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=1960726523.1714984563&gtm=45je4510v897965293za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 08:36:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 49ms
31ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=1960726523.1714984563&gtm=45je4510v897965293za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=988482986

Requested by

Host: reurl.cc
URL: https://reurl.cc/r9zgxz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 08:36:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 128002626 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 124ms
30ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/128002626?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f804d8b5efe0236f21b7811b64fe570e47e66c03e144b1f48a78720eb384c15

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_3VHVvE5ZiH2Zv46ITHX6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-_3VHVvE5ZiH2Zv46ITHX6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1pBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAuKdiy-wHgTi7-wXWf8DsRAPx-c1jzayCbyYvP4lIwAVSDPS"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 54ms
36ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1960726523.1714984563&jid=2054557418&_u=IEBAAEAAAAAAACAAI~&z=188911998

Requested by

Host: reurl.cc
URL: https://reurl.cc/r9zgxz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 08:36:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 31ms
30ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1960726523.1714984563&jid=2054557418&_u=IEBAAEAAAAAAACAAI~&z=188911998

Requested by

Host: reurl.cc
URL: https://reurl.cc/r9zgxz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 08:36:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUrX8Oto9nTi6Js3iJ7be2Ls21vPA0h_gpc-SLVw8EsyNWPZhY4v8tAqQvfSF2-1yNh5O9X2tVPkyDKwpmuyQ9yWQQYJ0DyWoM8GoIF1sHNx47CpP1-OZoTav6ES8879P3VKxB-WA== Show response
fundingchoicesmessages.google.com/f/ 400 KB
61 KB 104ms
103ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUrX8Oto9nTi6Js3iJ7be2Ls21vPA0h_gpc-SLVw8EsyNWPZhY4v8tAqQvfSF2-1yNh5O9X2tVPkyDKwpmuyQ9yWQQYJ0DyWoM8GoIF1sHNx47CpP1-OZoTav6ES8879P3VKxB-WA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE0OTg0NTYzLDU1NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yZXVybC5jYy9yOXpneHoiLG51bGwsW1s4LCJGaUpsM0V0cU54TSJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.FiJl3EtqNxM.es5.O/am=AAM/d=1/rs=AJlcJMy6_CX1V-wmc5NNgBh-0-FKEDmpbw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f7afc3acce1dc2a3780b9ba2828fde3652a35850182498303fb3d6dde8920b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8UvpKfrHCKx73ENf7uVg9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-8UvpKfrHCKx73ENf7uVg9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1JBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZALPH1JZMGEMc8n86aAsRO6TNYg4DYp34GawwQt948xzoViE8uOM96EYiT_p1nLQLinYsvsB4EYiEejs9rHm1kEzjwbudWJgCk-zUw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 50ms
21ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.FiJl3EtqNxM.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyWS6cl_L1qYaMRGCR5ZREULE7WyQ/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

843f652c087bc9b665a72a705eadd1b7e8b345bd29594c6279ee4f8469506607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 May 2024 08:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 May 2024 08:36:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 May 2024 08:36:03 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 36ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: reurl.cc
URL: https://reurl.cc/r9zgxz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/
Origin: https://reurl.cc
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 546310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 00:50:53 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 46ms
17ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: reurl.cc
URL: https://reurl.cc/r9zgxz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/
Origin: https://reurl.cc
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:46:06 GMT
x-content-type-options: nosniff
age: 521397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 07:46:06 GMT

POST
H3 204 AGSKWxWInZjDZg4d6d2ceTR725BfxUipFOUy_xpN_DzhLTFNqYepMSeFJRqUyH4qxptq931Qx4ta2sc077MALM73WdkSoFInAhVAixud0rnxtD1eJGR59rPswAUioBT5aUC9BD5XDqp-iA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 37ms
23ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWInZjDZg4d6d2ceTR725BfxUipFOUy_xpN_DzhLTFNqYepMSeFJRqUyH4qxptq931Qx4ta2sc077MALM73WdkSoFInAhVAixud0rnxtD1eJGR59rPswAUioBT5aUC9BD5XDqp-iA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jannIPUv7au7Dxk-Id3bNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 May 2024 08:36:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-jannIPUv7au7Dxk-Id3bNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0pBiqGV4xtQKxE7pM1hDgFiIh-Pzmkcb2QR-fD38mgkAzAANcA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWInZjDZg4d6d2ceTR725BfxUipFOUy_xpN_DzhLTFNqYepMSeFJRqUyH4qxptq931Qx4ta2sc077MALM73WdkSoFInAhVAixud0rnxtD1eJGR59rPswAUioBT5aUC9BD5XDqp-iA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 33ms
18ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWInZjDZg4d6d2ceTR725BfxUipFOUy_xpN_DzhLTFNqYepMSeFJRqUyH4qxptq931Qx4ta2sc077MALM73WdkSoFInAhVAixud0rnxtD1eJGR59rPswAUioBT5aUC9BD5XDqp-iA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DnK5oDrowlsiObVm6HVTNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 May 2024 08:36:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-DnK5oDrowlsiObVm6HVTNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBiqGV4xtQKxE7pM1hDgFiIh-Pzmkcb2QRutPe-YgIAyhQMsw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://reurl.cc
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET yads-async.js
yads.c.yimg.jp/js/ 0
0

GET
H2 200 gnshbrequest-v3.6.8.js Show response
cpt.geniee.jp/hb/v1/lib/ 134 KB
48 KB 581ms
579ms Script
application/javascript 133.186.12.53
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v3.6.8.js
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/219632/1441/wrapper.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.53 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p053.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: cc704e986ed1e7aefb82804e2cc720991d8928ac1f0cfc95efddaa7fda9069e6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:04 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2024 10:03:57 GMT
server: nginx
etag: W/"66029d8d-218f4"
content-type: application/javascript
cache-control: max-age=86400, private
cross-origin-resource-policy: cross-origin
expires: Tue, 07 May 2024 08:36:04 GMT

GET
H2 200 feeds Show response
storage.re-news.tw/ 7 KB
7 KB 1376ms
299ms XHR
text/html 35.244.196.223
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 7e1e9438950c4af0a75c46413d302e34d61dbd479c5037d1a2c54b55d31269c9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:05 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1b7c-BqboL6F3jhj2Zg3kUrvSuSj0lVg"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7036

GET
H2 200 policy-check Show response
cpt.geniee.jp/hb/v1/ 12 B
162 B 872ms
289ms XHR
application/json 133.186.12.53
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpt.geniee.jp/hb/v1/policy-check?loc=https%3A%2F%2Freurl.cc%2Fr9zgxz&list_id=mid-219632&gam_id=gam-424536528%2Cgam-0
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v3.6.8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.53 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p053.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: 3108e15dfc911f1a730106ee1e44c941639e0b7add838d095680425e86d086c3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 06 May 2024 08:36:05 GMT
cache-control: max-age=10800, private
cross-origin-resource-policy: cross-origin
server: nginx
content-length: 12
content-type: application/json

GET
H2 200 favicon.ico
reurl.cc/ 1 KB
1 KB 248ms
248ms Other
image/x-icon 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1346d656b8aeb6a9d4d5bd59ab8026645fcc90874f54814d6ee8cac226d32a51

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:05 GMT
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "61100f5a-47e"
content-type: image/x-icon
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1150
expires: Tue, 06 May 2025 08:36:05 GMT

GET
H2 200 a1562614.js Show response
js.genieessp.com/t/562/614/ Frame 52FB 0
159 B 2793ms
1599ms Script
text/plain 133.186.12.54
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/562/614/a1562614.js
Requested by: Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v3.6.8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.54 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p054.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:08 GMT
cross-origin-resource-policy: cross-origin
server: nginx
content-length: 0
warning: 199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
content-type: text/plain

GET
H2 200 renews-title1.png
re-news.tw/images/ 24 KB
24 KB 2742ms
1301ms Image
image/png 35.185.136.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re-news.tw/images/renews-title1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.136.122 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.136.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:08 GMT
last-modified: Sun, 28 Nov 2021 04:19:19 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "61a30347-5fad"
content-length: 24493
content-type: image/png

GET
H2 200 CleverTap_Logo.jpg
mma.prnasia.com/media2/2404275/ 17 KB
18 KB 64ms
33ms Image
image/jpeg 2606:4700::6811:eec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/2404275/CleverTap_Logo.jpg?p=medium600
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:eec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5602e942eba0e9e75366ab29fe5d4c12a007cf789e97ff17d54a50e8c30df3bb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:06 GMT
cf-cache-status: HIT
age: 62908
x-powered-by: ASP.NET
server-timing: intid;desc=be7d5e8f13383249
content-length: 17452
cf-bgj: h2pri
last-modified: Sun, 05 May 2024 15:07:38 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=1
accept-ranges: bytes
cf-ray: 87f7a401ff2492b4-FRA
access-control-allow-headers: Content-Type
expires: Sun, 05 May 2024 15:07:39 GMT

GET
H2 200 %E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97-LINE-Pay-%E4%BF%A1%E7%94%A8%E5%8D%A1-%E5%9C%8B%E5%A4%96-2.8-%E5%9B%9E%E9%A5%8B-LINE-Points-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/04/ 57 KB
57 KB 3137ms
1407ms Image
image/webp 192.0.78.24
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2023/04/%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97-LINE-Pay-%E4%BF%A1%E7%94%A8%E5%8D%A1-%E5%9C%8B%E5%A4%96-2.8-%E5%9B%9E%E9%A5%8B-LINE-Points-1080x630.jpg?crop=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

452c285b4190ade67a437b5388e4056f52e3d31d3098f477b931c84c25570138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ac: 2.hhn _atomic_ams BYPASS
alt-svc: h3=":443"; ma=86400
content-length: 58160
x-nc: HIT bur 7
last-modified: Sat, 02 Dec 2023 00:36:04 GMT
server: nginx
etag: "61a8b417c894f739"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Mon, 01 Dec 2025 12:36:04 GMT

GET
H2 200 1714906636-40cb7682fee573bfc7583c1ac423a82e-840x525.jpg
img.gbyhn.com.tw/2024/05/ 177 KB
178 KB 1335ms
37ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2024/05/1714906636-40cb7682fee573bfc7583c1ac423a82e-840x525.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a64128551d9cc3ea610eb0b29517bfe7d9f7c062dc2ee5a9de2c53769910139e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65164
alt-svc: h3=":443"; ma=86400
content-length: 181023
last-modified: Sun, 05 May 2024 10:57:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63L900icfrgZxUkhG3ABsztR%2Bd%2B2h9SSp6ft%2FO9rKnQ6jhMAJxLQvVc3Nge9NggxEYLrx8Q0DIPnbt%2FqXgf4m0fRLUO%2F2eHhEfCfeSzfFnpd2nKo8dZAGHNabDAlpvJ%2BuNu7F%2Fm3xoLJU4TzJdH5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 87f7a409dee98fe0-FRA
expires: Sun, 12 May 2024 10:57:41 GMT

GET
H2 200 %E5%B0%81%E9%9D%A2%E5%9C%96%E8%A8%AD%E8%A8%88%EF%BC%9AHashKey-%E5%85%A5%E9%87%91%E6%96%87%E7%AB%A0-1140x570.png
www.rayskyinvest.com/wp-content/uploads/ 468 KB
468 KB 199ms
10ms Image
image/png 34.149.36.179
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/%E5%B0%81%E9%9D%A2%E5%9C%96%E8%A8%AD%E8%A8%88%EF%BC%9AHashKey-%E5%85%A5%E9%87%91%E6%96%87%E7%AB%A0-1140x570.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.149.36.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 179.36.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1a1bd786df068c1cc888c52651cccd6cfcba590dc31ab9fccb1a5ebccc9d7a80

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy-cache: HIT
date: Mon, 06 May 2024 08:36:06 GMT
expires: Tue, 06 May 2025 07:17:54 GMT
last-modified: Fri, 03 May 2024 06:06:03 GMT
server: nginx
etag: "66347ecb-74e9e"
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 478878
x-cdn-c: all
x-sg-cdn: 1

GET
H2 200 2024050308102362.jpg
img.racingcharger.tw/wp-content/uploads/ 145 KB
145 KB 4520ms
3344ms Image
image/jpeg 103.1.220.9
YUANJHEN-AS-TW Yu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2024050308102362.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.1.220.9 , Taiwan, ASN131149 (YUANJHEN-AS-TW Yuan-Jhen Info., Co., Ltd, TW),
Reverse DNS: 103-1-220-9.static.ip.net.tw
Software: Apache /
Resource Hash: 8f357ed25efda59d02dfbb3cc9703c405ae5a520786852d640a92d46607a65fd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:09 GMT
last-modified: Fri, 03 May 2024 08:10:29 GMT
server: Apache
accept-ranges: bytes
content-length: 148315
content-type: image/jpeg

GET
H2 200 2024050110195074.jpg
i0.wp.com/golike.tw/wp-content/uploads/2024/05/ 88 KB
89 KB 34ms
6ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2024/05/2024050110195074.jpg?resize=1024%2C535&ssl=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

45484fa6dbfd3964ae44d035ab8177164ee4750a61277f48d2e5b81de6ac5a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 90126
x-nc: HIT hhn 4
last-modified: Fri, 03 May 2024 09:15:14 GMT
server: nginx
etag: "b8d173242d249890"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2024/05/2024050110195074.jpg>; rel="canonical"
expires: Sun, 03 May 2026 21:15:14 GMT

GET
H2 200 file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 207 KB
207 KB 35ms
8ms Image
image/png 2600:9000:2057:6c00:1e:5c56:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6c00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 6d3c7fccdd4d260fa7cd5b9e1a10b5430a84cbdc4790bd292717df5a41d1d83a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-seen-by: image-manipulator-65b8785648-ph8f9
date: Fri, 15 Mar 2024 11:56:31 GMT
via: 1.1 google, 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
server: openresty/1.21.4.1
x-amz-cf-pop: FRA6-C1
age: 4480775
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ttWKoihi9EMfXpNENYVZMyXEQqPW8soWhYg5CzQVaV1DEvcF7gNWVA==
content-length: 211458
wix-tracer: 2divcO9UrtnnXxvLcZVxI5x6FaB

GET
H2 200 %E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 180 KB
181 KB 49ms
6ms Image
image/jpeg 192.0.78.187
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 08:36:06 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams HIT
last-modified: Thu, 27 Apr 2023 05:06:22 GMT
server: nginx
etag: "644a02ce-2d1f7"
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 184823
expires: Tue, 09 Apr 2024 07:24:08 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 16ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je4510v897965293za200&_p=1714984563110&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1960726523.1714984563&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1714984563&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2Fr9zgxz&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=scroll&epn.percent_scrolled=90&_et=41&tfd=7737
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reurl.cc/r9zgxz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 08:36:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: yads.c.yimg.jp
URL: https://yads.c.yimg.jp/js/yads-async.js

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reurl.cc/	1970-01-20 20:24:30	Name: _gid Value: GA1.2.1345228772.1714984563
.reurl.cc/	1970-01-20 20:23:04	Name: _gat Value: 1
.reurl.cc/	1970-01-21 05:59:04	Name: _ga Value: GA1.1.1960726523.1714984563
.reurl.cc/	1970-01-21 05:59:04	Name: _ga_N394QBRGC0 Value: GS1.1.1714984563.1.0.1714984563.60.0.0
.prnasia.com/	1970-01-20 20:23:06	Name: __cf_bm Value: W_YIjsCk.ImG0d0AfUc9Vxss1mPfVW1s1Tb5KxkkbFg-1714984566-1.0.1.1-yyK5NtQFP0v6pW_ctW8kLsp6tt_AEsQVM9k3lIf.t0OkdaS5eT0KSbJAskCeT9FnBb6CRtjUKgsm4ZyTRPda7A

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://reurl.cc/r9zgxz Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-specs.guoshipartners.com
anymind360.com
blog.alphaloan.co
cdn.jsdelivr.net
cpt.geniee.jp
creditcards.com.tw
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
i0.wp.com
img.gbyhn.com.tw
img.racingcharger.tw
js.genieessp.com
mma.prnasia.com
re-news.tw
region1.analytics.google.com
reurl.cc
securepubads.g.doubleclick.net
static.wixstatic.com
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.rayskyinvest.com
yads.c.yimg.jp
yads.c.yimg.jp
103.1.220.9
133.186.12.53
133.186.12.54
151.101.129.55
192.0.77.2
192.0.78.187
192.0.78.24
2001:4860:4802:32::36
203.66.34.45
2600:9000:2057:6c00:1e:5c56:d400:93a1
2606:4700::6811:eec2
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2008
2a00:1450:4001:81d::2002
2a00:1450:4001:828::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9b
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::485
2a06:98c1:3120::3
34.149.36.179
34.149.98.30
35.185.130.121
35.185.136.122
35.244.196.223
1346d656b8aeb6a9d4d5bd59ab8026645fcc90874f54814d6ee8cac226d32a51
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
1a1bd786df068c1cc888c52651cccd6cfcba590dc31ab9fccb1a5ebccc9d7a80
3108e15dfc911f1a730106ee1e44c941639e0b7add838d095680425e86d086c3
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
452c285b4190ade67a437b5388e4056f52e3d31d3098f477b931c84c25570138
45484fa6dbfd3964ae44d035ab8177164ee4750a61277f48d2e5b81de6ac5a88
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
5602e942eba0e9e75366ab29fe5d4c12a007cf789e97ff17d54a50e8c30df3bb
5f7afc3acce1dc2a3780b9ba2828fde3652a35850182498303fb3d6dde8920b6
5f804d8b5efe0236f21b7811b64fe570e47e66c03e144b1f48a78720eb384c15
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61989651a6d5c6ad5ad1b8600432ce4b16473dccae9b8ae5ee0ef3d1fb9dd66e
63e1ad4ff6c4ec3eef38326f9ad317f13e20df9b5e373609c1682549417e00d7
6d3c7fccdd4d260fa7cd5b9e1a10b5430a84cbdc4790bd292717df5a41d1d83a
6fa68ebc9d2eab2026b5f4da2eb985488314cdc2792d955996cf16138ddec23d
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7b4272c7d17731074319574bbe44f671faeefa25d2b71eb3833a26ba2219d02a
7e1e9438950c4af0a75c46413d302e34d61dbd479c5037d1a2c54b55d31269c9
8219721a70269ff358f0add28231be10ee314e3bc3634cb8e396c6c86bc4e009
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843f652c087bc9b665a72a705eadd1b7e8b345bd29594c6279ee4f8469506607
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8f357ed25efda59d02dfbb3cc9703c405ae5a520786852d640a92d46607a65fd
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
a64128551d9cc3ea610eb0b29517bfe7d9f7c062dc2ee5a9de2c53769910139e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
cacbdcce9d203aae9bfc654eb83b09a6ee207674792da700763d8791f3024737
cc704e986ed1e7aefb82804e2cc720991d8928ac1f0cfc95efddaa7fda9069e6
d984ca6d8941a42d14d72840922ab456749ffe0fbfc734cd583b8a0b095386fe
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

98 %HTTPS

50 %IPv6

24 Domains

29 Subdomains

27 IPs

5 Countries

2134 kBTransfer

3811 kBSize

5 Cookies

20 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

98 %
HTTPS

50 %
IPv6

24
Domains

29
Subdomains

27
IPs

5
Countries

2134 kB
Transfer

3811 kB
Size

5
Cookies

46 HTTP transactions
0 data transactions